Privacy Policy
Last updated: July 2, 2026
This Privacy Policy explains how the Aura Maxxing app (the “App”) handles information. The App is operated by an independent individual developer (“we,” “us,” or “our”), not by a company. We designed the App to keep your photos private: we process your selfie only to generate your aura reading, delete the uploaded copy as soon as the reading is complete, and keep your results on your device.
By using the App, you agree to the practices described here. If you do not agree, please do not use the App.
1. The short version
- We do not require an account, and we do not ask for your email or phone number to use the App.
- The selfie you submit is uploaded temporarily to secure cloud storage, sent to an AI provider to generate your reading, and then deleted.
- Your aura reading is stored only on your device, not on our servers.
- We do not sell your data, use your selfie to advertise to you, or use it to train our own models.
2. Information we process
(a) The selfie you submit
To produce a reading, you provide a selfie (a photo you take or choose). A photo of your face is personal information and may be considered biometric or sensitive information in some jurisdictions. We process it solely to generate your aura reading, as described in Section 3, and we delete the uploaded copy immediately afterward.
(b) Context you provide
You may choose a focus for your reading (for example love, career, growth, or a general reading) and optionally provide a first name and date of birth. These inputs are optional and are used only to tailor your reading.
(c) A device identifier and anonymous authentication
The App generates a random identifier stored on your device and uses an anonymous authentication token to securely call our backend. This does not identify you personally and is not linked to a name, email, or social account.
(d) Subscription information
If you purchase a subscription, the transaction is handled by the Apple App Store. We (through our subscription provider) receive your subscription status and a non-identifying purchase identifier so we can unlock premium features. We do not receive or store your payment-card details.
(e) Support communications
If you email us, we receive your email address and the contents of your message so we can respond.
(f) Limited technical data
Our infrastructure providers may process limited technical information (such as device type, app version, and timestamps) as a normal part of operating and securing the Service.
We do not knowingly collect more personal information than is necessary to provide the App.
3. How your selfie is handled (and deleted)
This is the core of how the App works:
- On your device: your selfie is compressed before it leaves your phone.
- Temporary upload: the image is uploaded to a private, access-controlled folder in secure cloud storage, scoped to your anonymous session.
- Analysis: our backend sends the image to a third-party AI provider, which generates the structured aura reading and returns it.
- Deletion: the uploaded copy is deleted from cloud storage immediately after the reading completes (whether it succeeds or fails). We do not retain your selfie on our servers, and we do not store your reading on our servers.
- On your device: the finished reading is returned to the App and saved locally so you can view it again. It stays under your control and is removed if you delete it or uninstall the App.
4. Face data
Because the App reads a selfie, we want to be explicit about how we treat images of your face (“face data”).
- What we collect: the single selfie you choose to submit for a reading (for compatibility, two selfies). It is an ordinary photo that contains a face. We do not create, derive, or store a faceprint, face template, facial geometry, face mesh, or any other biometric identifier, and we do not use facial recognition to identify or authenticate anyone.
- How we use it: solely to generate your for-fun aura reading. We do not use face data for identification, security, authentication, advertising, profiling, or to train any AI model.
- Sharing and where it is stored: to create the reading, the selfie is uploaded transiently to a private, access-controlled folder in Google Firebase Cloud Storage (scoped to your anonymous session) and sent to OpenAI’s API, which returns the reading. It is not shared with any other third party and is never sold. Per OpenAI’s API data-usage policy, images sent to the API are not used to train OpenAI’s models.
- How long it is retained: the uploaded selfie is deleted from cloud storage immediately after the reading completes, whether it succeeds or fails. We do not retain your selfie or your reading on our servers. A compressed copy of your selfie may be saved only on your own device so your saved readings show a thumbnail; it never leaves your device and is deleted when you delete the reading or uninstall the App.
5. How we use information
- To generate and return your aura reading;
- To operate, secure, and troubleshoot the App;
- To manage subscriptions and unlock premium features;
- To respond to your support requests; and
- To comply with legal obligations and prevent abuse or misuse.
We do not use your selfie or reading for advertising, and we do not use them to train our own models.
6. Legal bases (where applicable, e.g. EEA/UK)
Where data-protection law requires a legal basis, we rely on: your consent (which you give by choosing to submit a selfie for a reading); performance of a contract (to provide the features you request, including subscriptions); and our legitimate interests (to secure and improve the App and prevent abuse). Where processing a facial image is treated as special-category or biometric data, we rely on your explicit consent, which you can withdraw at any time by not submitting further selfies.
7. Service providers and sub-processors
We use a small number of trusted third parties to operate the App. They process information only as needed to provide their service to us:
- Google Firebase (Google Cloud): anonymous authentication, temporary cloud storage of the uploaded selfie, and the backend function that orchestrates the reading.
- OpenAI: generates the AI aura reading from the image we transmit. The image is sent to OpenAI’s API solely to return your result.
- RevenueCat: manages and verifies your subscription entitlement.
- Apple: processes your purchase through the App Store and provides the platform the App runs on.
Each provider operates under its own terms and privacy commitments. We encourage you to review the policies of OpenAI, Google, RevenueCat, and Apple.
8. Data retention
The uploaded selfie is retained only transiently and is deleted right after the reading completes. Your aura readings are stored only on your device for as long as you keep them. Our service providers may retain limited technical or transaction records for the period required to operate their services, ensure security, and meet legal obligations.
9. Security
We use reasonable technical and organizational measures to protect information, including encrypted transport, access-controlled storage scoped to your session, and prompt deletion of the uploaded selfie. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
10. International data transfers
Our providers may process information on servers located in the United States and other countries. By using the App, you understand that your information may be processed outside your country of residence, where data-protection laws may differ.
11. Your rights
Depending on where you live, you may have rights to access, correct, delete, or restrict the processing of your personal information, to object to processing, and to data portability. Because we do not retain your selfie or readings on our servers and do not hold account-identifying data, the most direct way to delete your data is to delete your readings within the App or uninstall the App. For any other request, contact us at auramaxxingapp@outlook.com, and we will respond as required by applicable law.
12. Other people in your photos
Please submit only selfies of yourself. Do not upload photos of other people without their consent, and do not submit images you are not permitted to share. You are responsible for ensuring you have the right to submit any image for a reading.
13. Children’s privacy
The App is not intended for children. You must be at least 17 years old to use it, and it is not directed to anyone under 13. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will take appropriate steps.
14. Changes to this Policy
We may update this Privacy Policy from time to time. If we make material changes, we will update the “Last updated” date above and, where appropriate, provide additional notice in the App. Your continued use of the App after changes take effect constitutes acceptance of the updated Policy.
15. Contact us
If you have questions or requests about this Privacy Policy or your information, contact the developer at auramaxxingapp@outlook.com.