Aura

Privacy Policy

Last updated: March 7, 2026

1. Introduction

This Privacy Policy describes how Digitizer ("we", "us", "our") collects, uses, and protects information when you use the Aura platform and the Digitizer Site Worker WordPress plugin (collectively, the "Service").

2. Information We Collect

2.1 Account Information

When you create an account, we collect your name and email address through Google OAuth authentication. We do not collect or store passwords.

2.2 Provider Credentials

To connect third-party services, you provide API keys and tokens for providers such as Cloudways, Cloudflare, and Bunny.net. These credentials are encrypted with AES-256-GCM before storage and are never stored in plaintext.

2.3 Site Health Data (via Digitizer Site Worker)

When the Digitizer Site Worker plugin is installed and connected, the Aura dashboard may request the following information from your WordPress site:

  • WordPress, PHP, and MySQL version numbers
  • List of installed plugins and themes (names, versions, active status)
  • Database metadata (table count, database version, prefix)
  • Disk usage of the uploads directory
  • Site URL, locale, timezone, and server software
  • Available updates for core, plugins, themes, and translations

This data is retrieved on-demand when you access the Aura dashboard. It is not collected automatically or on a scheduled basis unless you configure monitoring features. No personal user data from your WordPress site visitors is collected.

2.4 Action Logs

We log management actions performed through the Service (e.g., plugin updates, cache purges, server reboots) for audit and troubleshooting purposes. Logs include the action type, timestamp, status, and the user who initiated the action.

3. How We Use Information

We use the collected information to:

  • Provide and maintain the Service
  • Authenticate your access to third-party provider APIs
  • Display infrastructure status and health information
  • Execute management actions on your behalf
  • Maintain audit logs of actions performed
  • Improve the Service and fix issues

4. Data Storage and Security

Your data is stored in a PostgreSQL database. Provider credentials are encrypted with AES-256-GCM. We use HTTPS for all data transmission. Access to the Service requires authentication.

5. Data Sharing

We do not sell, rent, or share your personal information with third parties. Your provider credentials are only used to communicate with the respective provider APIs on your behalf. We may share data if required by law or to protect our legal rights.

6. Digitizer Site Worker Plugin Specifics

The Digitizer Site Worker plugin does not collect or transmit data on its own. It only responds to authenticated REST API requests from the Aura dashboard. The plugin requires three layers of authentication (WordPress Application Password, Site Token, and optional IP/domain whitelisting) before processing any request.

The plugin does not:

  • Track site visitors or collect analytics
  • Load external scripts, styles, or assets on the frontend
  • Send data to any third-party service
  • Store personal information about WordPress site visitors

7. Data Retention

We retain your account data and action logs for as long as your account is active. Provider credentials are deleted when you remove a connection. When you uninstall the Digitizer Site Worker plugin, all plugin-related data (site token, IP whitelist, domain whitelist) is deleted from your WordPress database.

8. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Disconnect provider credentials at any time
  • Uninstall the Digitizer Site Worker plugin to remove all local data

9. Cookies

The Service uses session cookies for authentication and a localStorage preference for theme selection (light/dark mode). We do not use tracking cookies or third-party advertising cookies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at hello@digitizer.studio.