Privacy Policy

1. Introduction

AuraByt Inc. ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://aurabyt.com (the "Site") or use our services.

This Privacy Policy complies with the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, the General Data Protection Regulation (GDPR) in the European Union, and the California Consumer Privacy Act (CCPA) in the United States.

Please read this privacy policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Site.

2. Data Controller

For the purposes of applicable data protection laws, AuraByt Inc. is the data controller responsible for your personal information.

Contact Information:
AuraByt Inc.
Email: contact@aurabyt.com
Privacy-specific inquiries: privacy@aurabyt.com

3. Data We Collect

We may collect information about you in a variety of ways. The information we may collect on the Site includes:

3.1 Personal Information You Provide

When you voluntarily submit information through our contact form, we collect:

• Name: To identify you and personalize our communication
• Email Address: To respond to your inquiries
• Company Name: To understand your business context (optional)
• Message Content: The subject and details of your inquiry

Legal Basis: We process this data based on your consent and our legitimate interest in responding to your inquiries.

3.2 Automatically Collected Information

When you visit our Site, certain information about your device and usage may be automatically collected:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, time spent on pages, referral sources, navigation paths
• Technical Data: Screen resolution, language preferences, time zone

Legal Basis: Legitimate interest in maintaining and improving our Site's functionality and security.

3.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Site. You can manage your cookie preferences at any time using our cookie consent banner. Our cookies include:

• Strictly Necessary Cookies: Essential for the Site to function properly. These cannot be disabled.
  • Cookie consent preferences
  • Security and authentication tokens
• Analytics Cookies (Optional): We use Google Analytics to understand how visitors use our Site. If you consent, these cookies collect:
  • IP address (anonymized)
  • Page views and session duration
  • User flow and navigation patterns
  • Device and browser information

  Google Analytics data is aggregated and anonymized. Learn more about Google's Privacy Policy.

3.4 Form Security Data (reCAPTCHA)

Our contact form is protected by Google reCAPTCHA v3 to prevent spam and abuse. reCAPTCHA collects hardware and software information (device data, mouse movements, IP address) and sends it to Google for fraud analysis. Your use of our contact form is subject to:

• Google Privacy Policy
• Google Terms of Service

Legal Basis: Legitimate interest in protecting our Site from spam, fraud, and abuse.

4. How We Use Your Data

We use the information we collect for the following purposes:

• Communication: To respond to your inquiries, questions, and comments submitted through our contact form
• Service Delivery: To provide and maintain our services
• Security: To operate and maintain the security of our Site, including preventing spam, fraud, and abuse
• Analytics: To analyze website traffic and improve the user experience (only with your consent)
• Legal Compliance: To comply with legal obligations and protect our rights
• Business Operations: To send important notices about our services or changes to our policies

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties.

We may share your information with third-party service providers who perform services on our behalf:

5.1 Service Providers

• Netlify: Our website hosting provider, which processes contact form submissions and provides infrastructure services. Data is stored in secure data centers with industry-standard encryption.
• Google LLC: For website analytics (Google Analytics) and spam protection (reCAPTCHA). Subject to Google's privacy policies and data processing agreements.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal requests from government authorities
• Court orders or subpoenas
• Protection of our legal rights or property
• Investigation of potential violations of our Terms of Service
• Protection of the safety of individuals

5.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your personal information may be transferred. We will provide notice before your information is transferred and becomes subject to a different Privacy Policy.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Contact Form Submissions: Retained for up to 2 years or until you request deletion
• Analytics Data: Retained by Google Analytics for 26 months (configurable)
• Cookie Data: Expires according to each cookie's lifespan (typically 1-12 months)

When data is no longer needed, we securely delete or anonymize it in accordance with industry standards.

7. Your Data Rights

Depending on your location, you have certain rights regarding your personal data:

7.1 Rights Under PIPEDA (Canada)

• Access: Right to know what personal information we hold about you
• Correction: Right to correct inaccurate information
• Withdrawal of Consent: Right to withdraw consent for data processing
• Complaint: Right to file a complaint with the Privacy Commissioner of Canada

7.2 Rights Under GDPR (EU/EEA)

• Right to Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Lodge a Complaint: File a complaint with your local supervisory authority

7.3 Rights Under CCPA (California)

• Right to Know: Request disclosure of personal information collected
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell data)
• Right to Non-Discrimination: Equal service regardless of exercising privacy rights

7.4 How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@aurabyt.com. We will respond to your request within:

• 30 days for PIPEDA requests
• 1 month for GDPR requests (extendable to 3 months for complex requests)
• 45 days for CCPA requests

8. Security of Your Information

We implement administrative, technical, and physical security measures to protect your personal information, including:

• Encryption: HTTPS/TLS encryption for data in transit
• Access Controls: Limited access to personal data on a need-to-know basis
• Secure Infrastructure: Hosting on secure, SOC 2 compliant servers
• Regular Security Audits: Periodic review of security practices
• Data Minimization: Collecting only necessary information

Important: While we take reasonable steps to secure your data, no security measures are perfect or impenetrable. No method of data transmission over the internet can be guaranteed as 100% secure. You transmit information at your own risk.

9. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your country, province, or jurisdiction where data protection laws may differ. By using our Site, you consent to the transfer of information to Canada, the United States, or other countries where our service providers operate.

For EU users: When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

10. Children's Privacy

Our Site is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe we have collected information about a child, please contact us immediately at privacy@aurabyt.com, and we will delete the information.

11. Third-Party Websites

The Site may contain links to third-party websites and applications. We are not responsible for the privacy practices or the content of such websites. We encourage you to read the privacy policies of any third-party sites you visit.

12. Do Not Track Signals

Some browsers have a "Do Not Track" (DNT) feature that signals to websites that users do not want their online activity tracked. Our Site does not currently respond to DNT signals, but you can manage tracking through our cookie consent banner and browser settings.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other reasons. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last updated" date at the top of this policy
• For significant changes, we may provide additional notice (such as a banner on our homepage)

Your continued use of the Site after any changes indicates your acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Response Time: We aim to respond to all privacy-related inquiries within 2 business days.