AuraSpeed is a platform that connects YouTube creators with professional freelancers while providing powerful tools for channel growth and analytics. We process various types of data to deliver these services, including personal information, YouTube analytics data, payment information, and communications between users.

This policy applies to all users of AuraSpeed, whether you're a content creator, freelancer, or visitor. We are committed to transparency about our data practices and compliance with global privacy regulations including GDPR, CCPA, and other applicable laws.

Account Information

When you create an account, we collect:

• Full name and username
• Email address
• Password (encrypted and never stored in plain text)
• Profile photo/avatar
• Account type (Creator, Freelancer, or both)
• Country and timezone

Profile Information

Additional information you choose to provide:

• Bio and professional summary
• Skills and expertise
• Portfolio items and work samples
• Social media links
• Professional certifications

Usage Data

We automatically collect:

• IP address and geolocation
• Device information (browser, OS, device type)
• Pages visited and features used
• Time spent on pages
• Referring websites
• Click patterns and interaction data

We use the information we collect to:

• Provide Services: Create and manage your account, deliver requested features, process transactions
• Personalization: Customize your experience, recommend relevant freelancers or gigs, show personalized content
• Communication: Send service updates, respond to inquiries, provide customer support, send notifications about orders and messages
• Analytics: Analyze channel performance, generate insights, create reports and dashboards
• Platform Improvement: Debug issues, test new features, improve user experience
• Security: Detect fraud, prevent abuse, protect user accounts
• Legal Compliance: Fulfill legal obligations, enforce our terms of service
• Marketing: Send promotional emails (you can opt out anytime)

As a YouTube creator using AuraSpeed, we collect and process specific data to help you grow your channel:

YouTube Channel Data

• Channel name, ID, and subscriber count
• Video metadata (titles, descriptions, tags, thumbnails)
• Analytics data (views, watch time, demographics, traffic sources)
• Engagement metrics (likes, comments, shares)
• Revenue data (if monetized and connected)
• Content performance trends

Hiring & Orders

• Freelancer search history and preferences
• Order details (service type, specifications, deadlines)
• Communication with freelancers
• Feedback and ratings provided
• Budget and spending patterns

Team Management

• Team member information (names, roles, permissions)
• Team communications and channel messages
• Access logs and activity history
• Collaboration patterns

Your Control: You can disconnect your YouTube channel, delete team members, or remove order history at any time through your account settings.

As a freelancer on AuraSpeed, we collect and process data necessary to connect you with clients and manage your services:

Professional Profile

• Skills, expertise, and categories
• Portfolio items (videos, images, work samples)
• Service offerings (gigs) with pricing and descriptions
• Years of experience and certifications
• Languages spoken
• Availability status

Performance Metrics

• Order completion rate and average delivery time
• Client ratings and reviews
• Response time to messages
• Earnings history and revenue trends
• Cancellation rate
• Profile views and gig impressions

Order & Client Interactions

• Order details and requirements
• Deliverables and revisions
• Communication with clients
• Dispute history (if any)

Payment Information

• Withdrawal methods (PayPal, bank transfer details)
• Tax information (as required by law)
• Transaction history
• Pending and available balance

Visibility: Your profile is public on our marketplace to help clients find you. You control what information to display and can make your profile private or delete it anytime.

AuraSpeed's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

What YouTube Data We Access

When you connect your YouTube channel, we access:

• Channel Information: Name, description, subscriber count, thumbnails
• Video Data: Titles, descriptions, tags, thumbnails, publish dates
• Analytics: Views, watch time, likes, comments, demographics, traffic sources
• Comments: Comments on your videos (for Fiora AI analysis)
• Playlists: Playlist information and organization

How We Use YouTube Data

• Display channel analytics and performance metrics in your dashboard
• Generate insights and recommendations for content optimization
• Analyze comment sentiment with Fiora AI
• Create performance reports and trend analysis
• Provide thumbnail and title optimization suggestions
• Track video performance over time

What We DON'T Do with YouTube Data

• ❌ We do NOT sell your YouTube data to third parties
• ❌ We do NOT use your data for advertising purposes
• ❌ We do NOT share your analytics with other users without permission
• ❌ We do NOT modify or delete your YouTube content
• ❌ We do NOT transfer your data to other apps or services

Your Control Over YouTube Data

You have complete control:

• Disconnect your YouTube channel anytime from account settings
• Revoke access via your Google Account permissions page
• Request deletion of all stored YouTube data
• Choose which analytics features to enable

Data Retention

We store YouTube analytics data for up to 90 days to provide historical trend analysis. Older data is aggregated and anonymized. When you disconnect your channel, all associated YouTube data is deleted within 30 days, except as required for legal compliance.

You can sign in to AuraSpeed using your Google account through OAuth 2.0 authentication.

What We Receive from Google

• Email address (primary identifier)
• Name and profile photo
• Google account ID
• Email verification status

How Google Sign-In Works

1. You click "Continue with Google" on our sign-in page
2. Google asks for your permission to share basic profile information
3. We receive your profile data and create or link your AuraSpeed account
4. You're signed in securely without creating a password

Security & Privacy

• We never see or store your Google password
• OAuth tokens are encrypted and securely stored
• You can revoke AuraSpeed's access anytime through Google Account settings
• Signing in with Google doesn't automatically connect your YouTube channel (that's a separate permission)

Alternative: You can also create an account using email and password if you prefer not to use Google Sign-In.

We do not sell, rent, or trade your personal information. We only share your information in these limited circumstances:

With Other Users

• Freelancer Profiles: Public information (name, photo, skills, portfolio) is visible to all users
• Client-Freelancer Interactions: When you hire or get hired, relevant contact info and order details are shared
• Reviews & Ratings: Feedback you leave is public and associated with your account
• Team Members: Information you share within teams is visible to all team members

With Service Providers

We work with trusted third-party service providers:

• Payment Processors: Stripe for payment processing
• Cloud Hosting: Vercel and Supabase for infrastructure
• Email Services: Resend for transactional emails
• Analytics: Anonymous usage analytics to improve our service
• AI Services: OpenAI for Fiora AI features (data is anonymized)

All service providers are contractually bound to protect your data and use it only for specified purposes.

For Legal Reasons

We may disclose information if required to:

• Comply with legal obligations, court orders, or subpoenas
• Enforce our Terms of Service
• Protect our rights, property, or safety
• Investigate fraud or security incidents
• Protect users from harm or illegal activity

Business Transfers

If AuraSpeed is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our platform before your data is transferred and becomes subject to a different privacy policy.

We use cookies and similar tracking technologies to provide and improve our services.

What Are Cookies?

Cookies are small text files stored on your device that help websites remember information about your visit. We use both session cookies (deleted when you close your browser) and persistent cookies (stay on your device for a set period).

Types of Cookies We Use

Other Tracking Technologies

• Local Storage: Stores data locally in your browser for faster loading
• Pixels & Beacons: Track email opens and link clicks
• Fingerprinting: Device characteristics for fraud prevention

Managing Cookies

You have control over cookies:

• Adjust cookie preferences in your account settings
• Configure your browser to block or delete cookies
• Use browser privacy/incognito mode
• Opt out of analytics cookies

Note: Blocking essential cookies may impact your ability to use certain features of AuraSpeed.

We take security seriously and implement industry-standard measures to protect your data from unauthorized access, alteration, disclosure, or destruction.

Security Measures

• Encryption: All data in transit uses TLS/SSL encryption (HTTPS)
• Password Security: Passwords are hashed using bcrypt with salt
• Database Security: Row-level security (RLS) policies on Supabase
• Access Control: Role-based permissions and least privilege principle
• Regular Backups: Automated daily backups with encryption
• Security Monitoring: 24/7 monitoring for suspicious activity
• Vulnerability Scanning: Regular security audits and penetration testing
• Secure Infrastructure: Hosted on Vercel with enterprise-grade security

Your Role in Security

Help keep your account secure:

• Use a strong, unique password
• Enable two-factor authentication (2FA)
• Never share your password or access tokens
• Log out from shared devices
• Report suspicious activity immediately
• Keep your email account secure

Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

• Notify affected users within 72 hours
• Inform relevant authorities as required by law
• Provide details about what data was affected
• Outline steps we're taking to address the breach
• Advise on protective measures you should take

AuraSpeed uses Stripe, a PCI-DSS compliant payment processor, to handle all payment transactions securely.

Payment Information We Process

• Transaction amounts and currency
• Transaction dates and status
• Order IDs and descriptions
• Refund and dispute history

What We DON'T Store

For your security, we do NOT store:

• ❌ Full credit card numbers
• ❌ CVV/CVC security codes
• ❌ Bank account login credentials
• ❌ PIN codes or passwords

This sensitive payment data is handled entirely by Stripe and never touches our servers. We only receive tokenized references and transaction confirmations.

Freelancer Payouts

For freelancers receiving payments:

• Payout method details (PayPal email, bank info) are encrypted
• Tax information (W-9, W-8BEN forms) is securely stored as required by law
• Earnings history is maintained for financial records
• We report earnings to tax authorities as required by regulations

Financial Records Retention

We retain transaction records for 7 years to comply with tax laws and financial regulations. You can download your transaction history anytime from your account.

Platform Messages

Messages sent through AuraSpeed's messaging system are:

• Stored securely in our database
• Encrypted in transit and at rest
• Accessible only to sender and recipient
• Kept for dispute resolution and support purposes
• Automatically deleted after 2 years of inactivity

Email Communications

We send emails for:

• Transactional: Order confirmations, receipts, account security (you cannot opt out)
• Notifications: New messages, order updates, team activity (customizable in settings)
• Marketing: Product updates, tips, promotions (you can opt out anytime)
• Important Updates: Policy changes, service updates (rarely sent)

Team Channels

Team channels allow collaboration among your YouTube team:

• Messages are visible to all team members with access
• Channel admins can view message history
• Files shared in channels are accessible to all members
• When you leave a team, your messages remain but are attributed to "Former Member"

Content Monitoring

We may review messages to:

• Investigate reported violations of our Terms of Service
• Resolve disputes between users
• Prevent fraud, scams, or illegal activity
• Respond to legal requests or court orders

We do NOT routinely monitor private messages for any other purpose.

You have comprehensive rights regarding your personal data. These rights apply to all users globally, with additional protections for EU and California residents (see below).

Right to Access

Request a copy of all personal data we hold about you. We'll provide it in a structured, commonly used format within 30 days.

Right to Correction

Update or correct inaccurate or incomplete personal information. Most data can be edited directly in your account settings.

Right to Deletion

Request deletion of your personal data. We'll delete your data within 30 days, except:

• Financial records (kept 7 years for tax compliance)
• Data needed for active disputes or legal claims
• Aggregated/anonymized data used for analytics
• Public reviews you've left (anonymized to "Former User")

Right to Portability

Download your data in JSON or CSV format to transfer to another service.

Right to Object

Object to processing of your data for marketing, analytics, or other non-essential purposes.

Right to Restrict Processing

Request that we limit how we use your data while we investigate your concerns.

Right to Withdraw Consent

Withdraw consent for data processing based on consent (like marketing emails or optional features) at any time.

How to Exercise Your Rights

Contact us to exercise any of these rights:

• Email: privacy@auraspeed.com
• Account Settings: Many actions available in dashboard settings
• Privacy Request Form: Available at auraspeed.com/privacy-request

We'll verify your identity and respond within 30 days. There's no fee for reasonable requests.

If you're located in the European Economic Area (EEA), UK, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR).

Legal Basis for Processing

We process your data based on:

• Contract: To provide services you've requested (account creation, orders, payments)
• Legitimate Interest: To improve our platform, prevent fraud, ensure security
• Consent: For marketing emails, optional analytics, non-essential cookies
• Legal Obligation: To comply with tax laws, financial regulations, court orders

Enhanced Rights Under GDPR

In addition to rights listed above, you have:

• Right to Lodge a Complaint: File a complaint with your local data protection authority
• Right to Automated Decision-Making: Not be subject to solely automated decisions (we use human review)
• Right to Know About Data Transfers: Be informed when data is transferred outside the EEA

Data Controller

AuraSpeed is the data controller for personal data processed through our platform. Contact our Data Protection Officer at dpo@auraspeed.com for GDPR-related inquiries.

EU Representative

Our GDPR representative in the EU can be contacted at the same email address for any GDPR compliance questions.

If you're a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

Categories of Personal Information We Collect

• Identifiers: Name, email, username, IP address
• Commercial Information: Purchase history, transaction records
• Internet Activity: Browsing history, search history, interactions with our website
• Geolocation Data: Approximate location based on IP address
• Professional Information: Skills, work history, portfolio (freelancers)
• Inferences: Preferences, characteristics, behavior patterns

Your CCPA Rights

• Right to Know: Request details about what personal information we collect and how we use it
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the sale or sharing of personal information
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit: Limit use of sensitive personal information
• Right to Non-Discrimination: Equal service regardless of exercising privacy rights

We Do NOT Sell Your Personal Information

AuraSpeed does not sell, rent, or share personal information for monetary consideration or other valuable consideration. We do not share data with third parties for cross-context behavioral advertising.

How to Exercise CCPA Rights

Submit a verifiable consumer request:

• Email: ccpa@auraspeed.com
• Online Form: auraspeed.com/privacy-request

We'll verify your identity and respond within 45 days. You may designate an authorized agent to make requests on your behalf.

We retain your personal information only as long as necessary to provide our services and comply with legal obligations.

Retention Periods

• Account Data: Duration of account + 30 days after deletion request
• YouTube Analytics: 90 days (then aggregated/anonymized)
• Messages: 2 years of inactivity or account deletion
• Transaction Records: 7 years (legal requirement for financial records)
• Support Tickets: 3 years after resolution
• Usage Logs: 90 days
• Security Logs: 1 year
• Marketing Consents: Until withdrawn or 2 years of inactivity

Account Deletion

When you delete your account:

1. Your profile is immediately hidden from public view
2. Personal data is deleted within 30 days
3. Public content (reviews, ratings) is anonymized to "Former User"
4. Financial records are retained for 7 years (legal requirement)
5. Aggregated/anonymized data may be retained indefinitely

Inactive Accounts

Accounts inactive for 3+ years may be deleted after email notification. You'll have 60 days to log in and keep your account active.

AuraSpeed operates globally, and your data may be transferred to and processed in countries other than your own.

Where We Store Data

Our infrastructure is hosted in:

• Primary: United States (Vercel, Supabase, Stripe)
• Backup: EU regions for redundancy
• CDN: Global edge locations for faster performance

Safeguards for EU Data

For transfers from the EU to the US, we use:

• Standard Contractual Clauses (SCCs): EU-approved data transfer agreements
• Adequacy Decisions: Where available, we rely on EU adequacy decisions
• Additional Safeguards: Encryption, access controls, data minimization

Your Rights Remain Protected

Regardless of where your data is processed, you retain all privacy rights outlined in this policy and under applicable laws.

AuraSpeed is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

Age Verification

By creating an account, you confirm that you are at least 16 years old (or the legal age of majority in your jurisdiction). If you're hiring freelancers or making payments, you must be at least 18 years old.

Parental Rights

If you believe we've collected information from a child under 16, please contact us immediately at privacy@auraspeed.com. We'll delete the data within 24 hours of verification.

YouTube Content

If your YouTube channel targets children under 13, you must comply with COPPA (Children's Online Privacy Protection Act) and mark your content as "Made for Kids" in YouTube Studio. AuraSpeed analytics for such content will be limited per YouTube's policies.

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations.

How We Notify You

• Email: For material changes affecting your rights
• Dashboard Banner: Prominent notice when you log in
• Updated Date: "Last updated" date at the top of this policy
• Version History: Major changes are documented and accessible

Your Continued Use

By continuing to use AuraSpeed after policy changes take effect, you accept the updated terms. If you disagree with changes, you can close your account before they take effect.

Material Changes

For significant changes (like new uses of data or changes to your rights), we'll provide 30 days' notice and may require explicit consent before the changes apply to you.

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

We aim to respond to all privacy inquiries within 30 days. For urgent security concerns, please mark your email as "URGENT" in the subject line.