Welcome! We are Aura, a provider of an all-in-one diagnostic testing and recommendation solution to improve your health from the comfort of your home. This Privacy Notice explains how Aura USA, Inc. (“Aura”, “Company”, “we”, “us” or “our”), and our affiliated medical practice (“Aura Medical”), collects, uses, discloses, and otherwise processes personal information (as defined below) in connection with our websites (the “Sites”) and other websites we own and operate that link to this Privacy Notice, our mobile application (the “App”), and the related content, platform, services, products, and other functionality offered on or through our services (collectively, the “Services”). It does not address our privacy practices relating to Aura employees and other personnel.
In certain situations, Aura may function as a service provider for other businesses. In the course of providing services for other businesses, we may collect your personal information on behalf of our business customers. We refer to this type of personal information as “Customer Data.” We collect and process Customer Data on behalf of our business customers subject to restrictions set forth in our contracts with them, including, but not limited to, HIPAA business associate agreements. This Privacy Notice does not apply to our collection and processing of Customer Data. We recommend referring to the privacy notice or notice of privacy practices of the business customer with which you have a relationship for information on how they engage service providers, like us, to collect and process Customer Data on their behalf.
1. What is personal information?
When we use the term “personal information” in this Privacy Notice, we mean any data or information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular natural person or household or any other data or information that constitutes “personal data”, “personal information,” or “personally identifiable information.”
2. Our collection and use of personal information
We collect personal information in a variety of ways. For example, you may provide us your personal information when you register for an account, send us messages, subscribe to our mailing lists, newsletters or other forms of marketing communications, submit a job application, or use some other feature of our Service.
We may link or combine your activities and information collected from you on our websites and mobile apps with information we receive from third parties, as well as information we collect automatically through tracking technologies (defined below). This allows us to provide you with a personalized experience regardless of how you interact with us.
Personal Information Collected from You
We may collect the following categories of personal information submitted to us by individuals through the Services:
• Contact Information, including first and last name, email address, phone number, home address, your country or region, and communication preferences. We use this information to fulfill your request or transaction, to communicate with you directly, and to send you marketing communications in accordance with your preferences.
• Account Information, including first and last name, email address, phone number, home address, user ID and password, profile information (including your profile picture), appointment history, and any other information you provide to us. We use this information to administer your account, provide you with the relevant service and information, communicate with you regarding your account and your use of the Service, and for customer support purposes. Please note we utilize a third-party provider to process payments on our behalf and do not accept payment directly through our Services.
• Health Information, including information about your general health and sleeping habits, conditions you may have, and any other information that you choose to provide to us, such as your diet plan, the supplements you take or are recommended to take, and your lifestyle and exercise plan. We use this information to provide you with the Services.
• Demographic Information, such as your gender and date of birth.
• Inquiry and Communications Information, including information provided in custom messages sent through the forms, in chat messages, to one of our email addresses, or via phone. This also includes contact information provided on our Services. We use this information to investigate and respond to your inquiries, and to communicate with you, to enhance the services we offer to our users and to manage and grow our organization.
• Newsletter and Marketing Emails, including your name, date of birth, email address, phone number, current city, and applicable interests and communication preferences. We use this information to manage our communications with you and send you information about products and services we think may be of interest to you. If you wish to stop receiving email messages from us, simply click the “unsubscribe link” provided at the bottom of the email communication. Note that you cannot unsubscribe from certain services-related email communications (e.g., account verification, confirmations of transactions, technical or legal notices).
• Feedback Information. We may also collect feedback and ratings you provide relating to our services or products. We use this information to communicate with you, to conduct market research, inform our marketing and advertising activities and improve and grow our business.
• Business Representative Contact Information. If you are a business representative, we collect your information in connection with the performance of the agreement or potential agreement with us. This information may include your first name, last name, company contact information (e.g. email, phone, address), job title, and any other information related to the performance of the agreement with us.
• Employment Application Information, including your contact and demographic information, educational and work history, employment interests, information obtained during interviews and any other information you choose to provide, if you apply for employment.
Personal Information Automatically Collected
As is true of many digital properties, we and our third-party partners may automatically collect certain information from or in connection with your device when visiting or interacting with our Services, such as the list below and in the sub-sections here:
• Log data, including internet protocol (IP) address, operating system, device type and version, browser type and version, browser id, the URL entered and the referring page/campaign, date/time of visit, other user agent string data, the time spent on our Services, and any errors that may occur during the visit to our Services). Log data may overlap with the other categories of data below.
• Analytics data, Including the electronic path you take to our services, through our services and when exiting our services, UTM source, as well as your usage and activity on our services, such as the time zone, activity information (first and last active date and time), usage history (flows created, campaigns scheduled, emails opened, total log-ins) as well as the pages, links, objects, products and benefits you view, click or otherwise interact with. We may also analyze the interaction between you and your customer using our Services.
• Location data, such as general geographic location that we or our third-party providers may derive from your IP address.
We and our third-party providers may use (i) cookies or small data files that are stored on an individual’s computer and (ii) other, related technologies, such as web beacons, pixels, embedded scripts, location-identifying technologies and logging technologies (collectively, “cookies”) to automatically collect this personal information. We may also use this information to distinguish you from other users of our Services. This helps us monitor and analyze how you use and interact with our Services. It also helps us and our partners to determine products and services that may be of interest to you.
For more information about these practices and your choices regarding cookies, please see the Cookie Notice.
Personal Information from Third Parties
We also obtain personal information from third parties; which we often combine with personal information we collect either automatically or directly from an individual.
We may receive the same categories of personal information as described above from the following third parties:
• Aura Entities: We may receive personal information from other companies and brands owned or controlled by Aura, and other companies owned by or under common ownership as Aura.
• Other Users or Individuals who Interact with our Services: We may receive your information from other users or other individuals who interact with our Services. For example, if you engage in one of our communications hosted on third-party platforms, we will be able to see any public communications made within that platform.
• Social Media: When an individual interacts with our Services through various social media networks, such as when someone “Likes” us on Facebook or follows us or shares our content on Facebook, Twitter, or other social networks, we may receive some information about individuals that they permit the social network to share with third parties. The data we receive is dependent upon an individual’s privacy settings with the social network, and may include certain profile information. Individuals should always review and, if necessary, adjust their privacy settings on third-party websites and social media networks and services before sharing information and/or linking or connecting them to other services. We use this information to operate, maintain, and provide to you the features and functionality of the Service, as well as to communicate directly with you, such as to send you email messages about products and services that may be of interest to you.
• Service Providers: Our service providers that perform services solely on our behalf, such as survey and marketing providers and payment processors, collect personal information and often share some or all of this information with us. The information may include contact information, demographic information, payment information, information about your communications and related activities, and information about your orders. We may use this information to administer and facilitate our services, your orders, and our marketing activities.
• Business Partners: We may receive your information from our business partners, such as companies that offer their products and/or services on our Services. We may use this information to administer and facilitate our services, your orders, and our marketing activities.
• Information we receive from authentication services you connect to our Service: We may offer Face ID as a log-in method if you access the Service through an Apple device equipped with authentication technology. We are only notified as to whether the authentication was successful and cannot access the data associated with the enrolled face. For more details, please refer to the security guides offered by your device provider.
• Other Sources: We may also collect personal information about individuals that we do not otherwise have from, for example, publicly available sources, third-party data providers, brand partnerships, or through transactions such as mergers and acquisitions. We use this information to operate, maintain, and provide to you the features and functionality of the Service, as well as to communicate directly with you, such as to send you email messages about products and services that may be of interest to you.
Through the provision of our Services, we may also process deidentified information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular consumer.
Additional Uses of Personal Information
We may use personal information we collect to:
• Fulfill or meet the reason the information was provided, such as to fulfill our contractual obligations, to deliver the Services you have requested and to process transactions;
• Verify your identity and entitlement to products or Services, when you contact us or access our Services
• Communicate with individuals, including via email, and push notifications;
• Send you technical notices (including sending you an SMS text code for multifactor authentication), security alerts, and support and administrative messages and to respond to your and others’ comments, questions, and customer service requests;
• For marketing and advertising purposes, including to market to you or offer you through email and push notifications, information and updates on products or services we think that you may be interested in (where applicable, we may send you marketing messages if you have given us your consent to do so or where we have relied on the soft opt-in rule);
• Administer, improve and personalize our Services, including by recognizing an individual and remembering their information when they return to our Services;
• Process payment for our Services;
• Facilitate customer benefits and services, including customer support;
• Identify and analyze how individuals use our Services;
• Conduct research and analytics on our customer and user base and our Services;
• Improve and customize our Services to address the needs and interests of our user base and other individuals we interact with;
• Test, enhance, update and monitor the Services, or diagnose or fix technology problems;
• Help maintain the safety, security and integrity of our property and Services, technology assets and business;
• To enforce our Terms of Service, to resolve disputes, to carry out our obligations and enforce our rights, and to protect our business interests and the interests and rights of third parties;
• Prevent, investigate or provide notice of fraud or unlawful or criminal activity;
• Comply with contractual and legal obligations and requirements;
• To fulfill any other purpose for which you provide personal information; and
• For any other lawful purpose, or other purpose that you consent to.
Where you choose to contact us, we may need additional information to fulfill the request or respond to inquiries. We may provide you with additional privacy-related information where the scope of the inquiry/request and/or personal information we require fall outside the scope of this Privacy Notice. In that case, the additional privacy notice will govern how we may process the information provided at that time.
3. Our disclosure of personal information
We may also share, transmit, disclose, grant access to, make available, and provide personal information with and to third parties, as follows:
• Aura Entities: We may share personal information with other companies owned or controlled by Aura, and other companies owned by or under common ownership as Aura, which also includes our subsidiaries (i.e., any organization we own or control) or our ultimate holding company (i.e., any organization that owns or controls us) and any subsidiaries it owns, particularly when we collaborate in providing the Services.
• Marketing Providers: We coordinate and share personal information with our marketing providers in order to communicate with individuals about the Services we make available.
• Customer Service and Communication Providers: We share personal information with third parties who assist us in providing our customer services and facilitating our communications with individuals that submit inquiries.
• Other Service Providers: In addition to the third parties identified above, we engage other third-party service providers that perform business or operational services for us or on our behalf, such as website hosting, infrastructure provisioning, IT services, analytics services, payment processing services, and administrative services.
• Ad Networks and Advertising Partners: We work with third-party ad networks and advertising partners to deliver advertising and personalized content on our Services, on other websites and services, and across other devices. These parties may collect information directly from a browser or device when an individual visits our Services through cookies or other data collection technologies. This information is used to provide and inform targeted advertising, as well as to provide advertising-related services such as reporting, attribution, analytics and market research. For more information, including how to opt out of interest-based advertising, please see the Cookie Notice.
• Business Partners: From time to time, we may share personal data with our business partners, or we may allow our business partners to collect your personal information. Our business partners will use your information for their own business and commercial purposes, including to send you any information about their products or services that we believe will be of interest to you.
• Business Transaction or Reorganization: We may take part in or be involved with a corporate business transaction, such as a merger, acquisition, joint venture, or financing or sale of company assets. We may disclose personal information to a third party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal information may also be disclosed in the event of insolvency, bankruptcy or receivership.
• Legal Obligations and Rights: We may disclose personal information to third parties, such as legal advisors and law enforcement:
• in connection with the establishment, exercise, or defense of legal claims;
• to comply with laws or to respond to lawful requests and legal process;
• to protect our rights and property and the rights and property of others, including to enforce our agreements and policies;
• to detect, suppress, or prevent fraud;
• to protect the health and safety of us and others; or
• as otherwise required by applicable law.
With Your Consent: We may disclose personal information about an individual to certain other third parties or publicly with their consent or direction. For example, with an individual’s consent or direction we may post their testimonial on our Sites or service-related publications.
4. Third-party data collection and online advertising
We may participate in interest-based advertising and use third-party advertising companies to serve you targeted advertisements based on your browsing history. We permit third-party online advertising networks, social media companies and other third-party services, to collect information about your use of our online services over time so that they may play or display ads on our Services, on other websites or services you may use, and on other devices you may use. Typically, though not always, the information used for interest-based advertising is collected through tracking technologies, such as cookies, web beacons, embedded scripts, location-identifying technologies, and similar technology, which recognize the device you are using and collect information, including click stream information, browser type, time and date you visited the Sites, AdID, precise geolocation and other information. We may share a common account identifier (such as a hashed email address or user ID) with our third-party advertising partners to help identify you across devices. We and our third-party partners use this information to make the advertisements you see online more relevant to your interests, as well as to provide advertising-related services such as reporting, attribution, analytics and market research. We may also use services provided by third parties (such as social media platforms) to serve targeted ads to you and others on such platforms. We may do this by providing a hashed version of your email address or other information to the platform provider.
Please see our Cookie Notice for more information, including to learn how you can opt out of interest-based advertising.
5. Control over your information
6. Children’s personal information
Our Services are not directed to, and we do not intend to, or knowingly, collect or solicit personal information from children under the age of 16. If an individual is under the age of 16, they should not use our Services or otherwise provide us with any personal information either directly or by other means. If a child under the age of 16 has provided personal information to us, we encourage the child’s parent or guardian to contact us to request that we remove the personal information from our systems. If we learn that any personal information we collect has been provided by a child under the age of 16, we will promptly delete that personal information.
7. Links to third-party websites or services
Our Services may include links to third-party websites, plug-ins and applications. Except where we post, link to or expressly adopt or refer to this Privacy Notice, this Privacy Notice does not apply to, and we are not responsible for, any personal information practices of third-party websites and online services or the practices of other third parties. To learn about the personal information practices of third parties, please visit their respective privacy notices.
8. Updates to this privacy notice
We may update this Privacy Notice from time to time. When we make changes to this Privacy Notice, we will change the “Last Updated” date at the beginning of this Privacy Notice. If we make material changes to this Privacy Notice, we will notify individuals by email to their registered email address, by prominent posting on our Services, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided.