Aura

Privacy Policy

Last updated: April 22, 2026

1. Introduction

This Privacy Policy describes how Digitizer ("we", "us", "our") collects, uses, and protects information when you use the Aura platform and the SiteAgent WordPress plugin (collectively, the "Service").

2. Information We Collect

2.1 Account Information

When you create an account, we collect your name and email address through Google OAuth authentication. We do not collect or store passwords.

2.2 Provider Credentials

To connect third-party services, you provide API keys and tokens for providers such as Cloudways, Cloudflare, and Bunny.net. These credentials are encrypted with AES-256-GCM before storage and are never stored in plaintext.

2.3 Site Health Data (via SiteAgent)

When the SiteAgent plugin is installed and connected, the Aura dashboard may request the following information from your WordPress site:

  • WordPress, PHP, and MySQL version numbers
  • List of installed plugins and themes (names, versions, active status)
  • Database metadata (table count, database version, prefix)
  • Disk usage of the uploads directory
  • Site URL, locale, timezone, and server software
  • Available updates for core, plugins, themes, and translations

This data is retrieved on-demand when you access the Aura dashboard. It is not collected automatically or on a scheduled basis unless you configure monitoring features. No personal user data from your WordPress site visitors is collected.

2.4 Action Logs

We log management actions performed through the Service (e.g., plugin updates, cache purges, server reboots) for audit and troubleshooting purposes. Logs include the action type, timestamp, status, and the user who initiated the action.

3. How We Use Information

We use the collected information to:

  • Provide and maintain the Service
  • Authenticate your access to third-party provider APIs
  • Display infrastructure status and health information
  • Execute management actions on your behalf
  • Maintain audit logs of actions performed
  • Improve the Service and fix issues

4. Data Storage and Security

Your data is stored in a PostgreSQL database. Provider credentials are encrypted with AES-256-GCM. We use HTTPS for all data transmission. Access to the Service requires authentication.

5. Data Sharing

We do not sell, rent, or share your personal information with third parties. Your provider credentials are only used to communicate with the respective provider APIs on your behalf. We may share data if required by law or to protect our legal rights.

6. SiteAgent Plugin Specifics

The SiteAgent plugin does not collect or transmit data on its own. It only responds to authenticated REST API requests from the Aura dashboard. The plugin requires three layers of authentication (WordPress Application Password, Site Token, and optional IP/domain whitelisting) before processing any request.

The plugin does not:

  • Track site visitors or collect analytics
  • Load external scripts, styles, or assets on the frontend
  • Send data to any third-party service
  • Store personal information about WordPress site visitors

7. Data Retention

We retain your account data and action logs for as long as your account is active. Provider credentials are deleted when you remove a connection. When you uninstall the SiteAgent plugin, all plugin-related data (site token, IP whitelist, domain whitelist) is deleted from your WordPress database.

8. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Disconnect provider credentials at any time
  • Uninstall the SiteAgent plugin to remove all local data

9. Cookies and Tracking

The Service uses strictly necessary cookies for authentication, session management, and a localStorage preference for theme selection (light/dark mode). On public marketing pages we also use Google Analytics 4 (via Google Tag Manager) and the LinkedIn Insight Tag — these load only after you grant consent through our cookie banner. You can change or withdraw consent at any time via the Your Privacy Choices link in the footer.

10. Your Privacy Choices (California / CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) gives you the right to know what personal information we collect, to request deletion, to correct inaccurate information, and to opt out of the "sale" or "sharing" of your personal information (including sharing for cross-context behavioral advertising).

We do not sell your personal information for money.We do use advertising and analytics tags (Google Analytics, LinkedIn Insight) that may be considered "sharing" under CPRA. To opt out, use the Your Privacy Choices link (also available in the footer) and reject Analytics and Marketing cookies, or email hello@my-aura.appwith the subject "CCPA Opt-Out". We honor the Global Privacy Control (GPC) signal where technically feasible.

You may also designate an authorized agent to submit requests on your behalf. We will not discriminate against you for exercising any of these rights.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Affiliate Links and Third-Party Tracking

Some outbound links on our marketing pages and blog posts are affiliate links. When you click one, the destination provider (for example Cloudways, Hostinger, Cloudflare, or Bunny.net) may set cookies or record a referral / click identifier so they can attribute a subsequent signup or purchase to us and pay us a commission. We do not receive your personal information from these providers as a result of that tracking — only aggregated or pseudonymous conversion data.

Once you follow an affiliate link and leave our Service, the destination provider's own privacy policy governs how they collect and use your data. We encourage you to review it. You can prevent most affiliate tracking by rejecting Marketing cookies via the Your Privacy Choices link in the footer, by using browser tools that block third-party cookies, or by navigating directly to the third-party provider rather than via our link.

See Section 12 of our Terms of Service for the corresponding editorial disclosure.

13. Contact

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at hello@my-aura.app.