Auralize
Auralize

Legal

Privacy Policy

Last updated July 8, 2026

Auralize is a breath-training platform built and operated by Aura Points LLC, a United States company. This policy explains what data we collect, why we collect it, and the control you keep over it.

The short version: we collect the minimum needed to run the product, we do not sell your data, we do not run advertising, and you can export or permanently delete everything from your account settings at any time.

What we collect

  • Account data. When you create an account we store your email address and, if you sign in with Google, the display name and avatar Google shares with us.
  • Training data. Breathing sessions, assessment results (such as CO₂ tolerance and BOLT scores), program progress, streaks, badges, saved shifts, and settings you create while using Auralize.
  • Device-local data. If you use Auralize without an account, your activity stays in your browser's local storage and is not sent to our servers.
  • Technical data. Anonymous, cookieless page analytics (page views, referrers, country-level location) and error reports when something in the app breaks.

What we do not collect

  • We do not use advertising trackers or sell data to anyone.
  • We do not collect precise location, contacts, or health records from other services.
  • Our analytics are cookieless. The only cookies we set are the ones required to keep you signed in.

How your data is used

Your training data exists to power your own experience: personalizing program pacing from your assessment results, tracking progress and streaks, and syncing across your devices. Aggregate, de-identified usage patterns help us understand which features matter and where the product breaks.

Who processes it

We rely on a small number of infrastructure providers, each processing data only on our behalf:

  • Supabase — database and authentication hosting (your account and training data).
  • Vercel — application hosting and cookieless analytics.
  • Sentry — error monitoring, so we can fix crashes.
  • Resend — delivery of sign-in emails.
  • Stripe — payment processing, if and when you purchase a paid plan. We never see or store your card details.

Data is stored on servers located in the United States.

Your rights and controls

  • Export. Download a copy of your training data as a JSON file from Settings.
  • Delete. Permanently delete your account and all associated data from Settings. Deletion is immediate and irreversible.
  • Access & correction. Your profile and history are visible and editable inside the app. For anything else, contact us.

If you are in the EU, UK, or California, these controls are how we honor access, portability, and erasure rights under GDPR and CCPA. For any request you cannot complete in the app, email hello@aurapoints.org.

Retention

We keep your data for as long as your account exists. When you delete your account, your data is removed from our production database immediately and from encrypted backups on their rolling expiry cycle. Anonymous analytics contain no personal identifiers and are retained in aggregate.

Age

Auralize is not directed at children and requires users to be at least 16 years old. If you believe a child has created an account, contact us and we will delete it.

Changes

If this policy changes in a way that matters, we will note it here and, for significant changes, notify account holders by email. Questions? Reach us at hello@aurapoints.org or via the contact page.