Privacy Policy

Last Updated: February 2026

1. Data Controller

This policy outlines how AuraInsights ("Provider", "we", "us") collects, stores, and processes your personal data to provide our multi-currency financial engine.

2. Personal Data We Collect

• Account & Service Data: The minimum scope of data required to set up your account includes your first name, last name, e-mail address, login credentials, language, and currency.
• Financial & Open Banking Data: We process your transactions, incomes, expenses, and budgets. If you use the bank synchronization feature, we securely process read-only transaction details, balances, and account data.
• AI Receipt Scanner: When utilizing the Magic AI Scan feature, we process the receipt images and extracted data (such as merchant name, date, total amount, currency, and tax information) to automatically generate entries.
• AML Compliance: If required to comply with Anti-Money Laundering (AML) laws, we may process identification data including sex, birth date, address, and citizenship.
• Social Logins: If you use third-party platforms (like Google or Apple) to log in, we process the identification details provided by those respective platforms.

3. Purpose and Legal Basis of Processing

• Service Provision: To operate the AuraInsights platform, securely sync your EU banks, and ensure the functionality of your application.
• Marketing & Profiling: We may use your email to send direct marketing communications until you opt out. We may also use profiling to personalize your ad experience and financial advice. This profiling does not result in automated decision-making that produces legal effects.
• Legitimate Interests: We utilize anonymized data for developing and improving the application.

4. Data Retention

• General personal data is processed only for the necessary period of time, maximum until you delete your account or terminate the agreement.
• Data related to potentially suspicious transactions under AML acts is stored for a period of 10 years, even after the deletion of your account.

5. Third-Party Processors

We may appoint third-party processors (such as Google Cloud, Open Banking API providers, and AI-based extraction tools) to perform data processing operations. These are conducted under strict written agreements, and AI extraction is performed strictly under our instructions.

6. Data Security

Your Personal Data is stored and processed automatically in electronic form on secure servers located within the European Union. We apply high data protection standards, including AES-256 encryption.

7. Your Rights

• Access and Export: You have the right to access your data and the right to export your personal financial information to another controller at any time.
• Objection and Erasure: You may object to certain processing, withdraw marketing consent at any time within the app, or request complete data erasure.

8. Cookies

We use cookies to maintain your settings, ensure security, analyze app usage, and target advertisements. You can block or delete cookies through your browser settings or our consent banner.