Auro logo Auro

Privacy policy

We respect the fact that you are trusting us with your browsing.

This document describes what Auro collects, how we use it, and the choices you have. Last updated: October 22, 2025.

1. Who we are

Auro ("we", "us") provides a browser extension that helps shoppers earn affiliate rewards or donate a portion to charity. Our servers are hosted in the United States.

2. Data we collect

  • Account information. Email address, hashed password, and optional display name so the extension can show personalised greetings.
  • Authentication tokens. Refresh/access tokens stored locally in your browser; hash values stored in our database.
  • Reward activity. When you click "Activate rewards", we store a pseudonymous tracking reference (sid), the merchant, amount, and payout status. This is required to credit your purchase.
  • Optional donations and payout details. We keep records needed to route funds to your chosen charity or payout destination.

We do not collect your full browsing history, banking credentials, credit-card numbers, or personal messages. The extension only injects tracking code after you explicitly activate rewards on a supported store.

3. How we use information

  • Authenticate and secure your account.
  • Track affiliate conversions, calculate rewards, and process payouts/donations.
  • Prevent fraud, abuse, and comply with legal obligations (e.g., anti-money laundering).
  • Provide aggregated analytics that help us negotiate better commissions.

4. When data is shared

  • Affiliate networks (e.g., CJ). We send an anonymous sid and metadata required to receive commission confirmation.
  • Payment processors. PayPal, Venmo, or similar services handle payouts and donations under their own privacy policies.
  • Service providers. Hosting, analytics (aggregated/anonymous), email support.

We never sell your personal data and we do not share browsing information beyond the activation you explicitly request.

5. Extension permissions & cookies

  • Storage: To keep your tokens and preferences on-device.
  • Active Tab: Used only when you click "Activate rewards", so we can redirect through the affiliate link.
  • Scripting: Injects minimal code on eligible merchants to confirm activation.

Cookie windows are created by merchants to remember that Auro referred the purchase. The duration (typically 7–60 days) is displayed inside the extension. We do not place third-party tracking cookies on unrelated sites.

6. Retention

Account data is retained while your account remains active. Transaction records are kept as long as necessary to satisfy accounting, tax, and compliance requirements. You may request deletion at any time — we will remove non-essential data within 30 days, subject to legal obligations.

7. Security

We encrypt data in transit, hash all passwords, regularly review access logs, and restrict employee access to the minimum required. Despite safeguards, no system can be 100% secure; contact us immediately if you suspect unauthorized access.

8. Your rights

Depending on where you live, you may have rights to access, correct, delete, or port your data. We also honour opt-outs from marketing emails and honour “do not sell or share” requests. Email privacy@auro.cash to exercise these rights.

9. Contact

Email: privacy@auro.cash
Mailing address: Auro Privacy, 548 Market St PMB 12345, San Francisco, CA 94104