Privacy Policy

1.1 Information You Provide Directly

When you create an account or use our services, you provide:

• Account Information: Name, email address, username, password, profile picture
• Payment Information: Billing details, payment method (processed securely by Stripe)
• Creator Profile: Channel URL, niche, goals, content preferences
• Communication Data: Messages with support, freelancers, or team members
• User-Generated Content: Scripts, video ideas, feedback, and uploaded files

1.2 Information We Collect Automatically

When you use AuraSpeed, we automatically collect:

• Device Information: Browser type, operating system, IP address, device identifiers
• Usage Data: Pages viewed, features used, time spent, click patterns
• Performance Data: Load times, errors, diagnostic information
• Location Data: General location based on IP address (city/country level)

1.3 Information from Third-Party Services

With your explicit authorization, we collect:

• YouTube Data: Channel analytics, video performance, subscriber counts, watch time, comments (via YouTube Data API v3 & Analytics API)
• Google OAuth: Basic profile information if you sign in with Google (name, email, profile picture)
• Social Media: Public profile data if you connect other platforms

2.1 Service Delivery

• • Create and manage your account
• • Process payments and manage subscriptions
• • Provide access to DFY, DWY, and DIY programs
• • Generate analytics dashboards and performance reports
• • Facilitate communication between creators and freelancers

2.2 AI-Powered Features

• • Power Fiora AI assistant with personalized recommendations
• • Generate content ideas, titles, descriptions, and scripts
• • Analyze thumbnails, SEO scores, and competition
• • Predict video performance and suggest optimization strategies
• • Provide real-time alerts and growth insights

2.3 Platform Improvement

• • Analyze usage patterns to improve features
• • Debug technical issues and optimize performance
• • Conduct research and development for new AI tools
• • Ensure platform security and prevent fraud

2.4 Communication

• • Send transactional emails (password resets, payment confirmations)
• • Notify you of important updates or security alerts
• • Respond to support requests and feedback
• • Send marketing communications (with your consent, opt-out anytime)

3.1 Fiora AI Assistant

Our multilingual voice assistant uses OpenAI's GPT-4 and Whisper models:

• i.Voice Processing: Audio recordings are sent to OpenAI Whisper API for transcription, then immediately deleted from our servers
• ii.Context Awareness: Fiora accesses your channel data (subscribers, views, recent videos) to provide personalized advice
• iii.Language Support: Your language preferences are stored locally in your browser
• iv.No Training: Your conversations with Fiora are NOT used to train OpenAI's models per our data processing agreement

3.2 Content Generation Tools

AI-powered tools for titles, descriptions, scripts, and hashtags:

• i.Input Data: We send your video topic, niche, and target keywords to OpenAI GPT-4
• ii.Generated Content: Stored in your account and can be edited or deleted anytime
• iii.Ownership: You retain full ownership of all AI-generated content

3.3 Analytics & Prediction AI

AI models that analyze your channel performance:

• i.Data Sources: YouTube Analytics data (views, watch time, CTR, engagement) from your connected channel
• ii.Processing: AI analyzes patterns to predict video performance, detect trends, and suggest improvements
• iii.Aggregation: We may use anonymized, aggregated data to improve prediction models
• iv.Transparency: All AI recommendations include confidence scores and reasoning

3.4 Third-Party AI Providers

We partner with trusted AI providers who comply with strict data protection standards:

• •OpenAI: GPT-4 for text generation, Whisper for voice transcription (Data Processing Addendum in place)
• •Vercel AI SDK: Infrastructure for AI model integration with automatic failover and rate limiting
• •Data Sharing: Only necessary data is shared with AI providers, never your password or payment information

4.1 YouTube Channel Connection

When you connect your YouTube channel via OAuth:

• i.Authorization: You explicitly grant AuraSpeed read-only access to your YouTube Analytics data
• ii.Stored Tokens: OAuth refresh tokens are encrypted and stored securely in our database
• iii.Automatic Refresh: Access tokens are refreshed automatically to maintain connection without repeated logins
• iv.Revocation: You can disconnect your channel anytime from Settings, which immediately deletes tokens

4.2 Data We Collect from YouTube

• Channel Metrics: Subscribers, total views, channel name, description, thumbnail
• Video Analytics: Views, watch time, average view duration, likes, comments, shares, CTR
• Audience Data: Demographics, traffic sources, viewer retention graphs
• Performance History: Historical data for trend analysis and growth tracking
• Comments: Public comments for sentiment analysis (never shared publicly)

4.3 How We Use YouTube Data

• i.Dashboard Display: Show your channel analytics in an easy-to-understand format
• ii.Performance Insights: Identify top-performing videos, engagement patterns, and growth opportunities
• iii.AI Recommendations: Feed data to our AI systems for personalized strategy suggestions
• iv.Benchmarking: Compare your metrics against anonymized aggregate data from similar channels

4.4 Data Retention & Deletion

Your YouTube data is handled with care:

• • Data is refreshed periodically (you control refresh frequency)
• • Historical analytics are stored to show growth trends
• • Disconnecting your channel deletes all associated YouTube data within 30 days
• • Deleting your account permanently removes all YouTube data within 90 days

5.1 Essential Cookies (Always Active)

Required for core functionality:

• Authentication: Keep you logged in securely (Supabase auth tokens)
• Security: Prevent CSRF attacks and unauthorized access
• Session Management: Remember your dashboard state between page loads
• Cookie Consent: Store your cookie preferences

5.2 Analytics Cookies (Optional)

Help us understand how you use AuraSpeed:

• Usage Tracking: Pages visited, features used, time spent
• Performance Monitoring: Load times, errors, user flows
• A/B Testing: Compare different versions of features
• Providers: Google Analytics (if enabled), Vercel Analytics

5.3 Functional Cookies (Optional)

Enhance your experience:

• Theme Preference: Dark/light mode selection
• Language Settings: Fiora AI language preference
• Dashboard Layout: Customized dashboard configurations
• Notification Preferences: Email and in-app notification settings

5.4 Managing Cookies

• • Update preferences anytime via the cookie settings link in the footer
• • Browser settings: Most browsers allow you to block or delete cookies
• • Note: Disabling essential cookies will prevent you from using AuraSpeed

6.1 Service Providers

• Supabase (Database & Auth): Stores user accounts, channel data, and analytics securely
• Vercel (Hosting & CDN): Hosts our application and delivers content globally
• Stripe (Payments): Processes payments securely, subject to Stripe's privacy policy
• OpenAI (AI Processing): Powers AI features, does not train on your data per agreement
• Google (YouTube API): Authenticates your channel and retrieves analytics data
• Email Service: Sends transactional and marketing emails

6.2 Freelancers & Team Members

If you use DFY or DWY services:

• • Freelancers see limited channel data necessary to complete your projects
• • All freelancers sign NDAs and confidentiality agreements
• • You control what data is shared via permission settings

6.3 Legal Requirements

We may disclose your information if required by law or to:

• i. Comply with legal obligations or court orders
• ii. Protect our rights, property, or safety
• iii. Prevent fraud or security threats
• iv. Enforce our Terms of Service

6.4 Business Transfers

If AuraSpeed is acquired or merged, your data may be transferred to the new entity. We'll notify you before any transfer and give you the option to delete your account.

7.1 Technical Safeguards

• Encryption: All data transmitted via HTTPS/TLS, sensitive data encrypted at rest
• Access Controls: Role-based permissions, multi-factor authentication available
• Secure Infrastructure: Hosted on Vercel with SOC 2 Type II compliance
• Database Security: Supabase Row-Level Security (RLS) policies prevent unauthorized access
• Token Protection: OAuth tokens encrypted with AES-256
• Regular Audits: Automated security scans and penetration testing

7.2 Organizational Safeguards

• Limited employee access to user data on a need-to-know basis
• All team members sign confidentiality agreements
• Regular security training and awareness programs
• Incident response plan for data breaches

7.3 Your Responsibilities

• • Use a strong, unique password
• • Enable two-factor authentication (recommended)
• • Keep your login credentials confidential
• • Log out on shared devices
• • Report suspicious activity immediately

8.1 Access & Portability

• • Access: View all your data in Settings → Account Data
• • Export: Download a complete copy of your data (JSON format)
• • Request: Email us for a detailed data report

8.2 Correction & Updates

• • Update your profile, email, and password anytime in Settings
• • Correct inaccurate information directly in your dashboard
• • Contact support for assistance with data corrections

8.3 Deletion & Erasure

• • Account Deletion: Settings → Delete Account (permanent, cannot be undone)
• • Data Removal: All personal data deleted within 90 days (except legal obligations)
• • YouTube Disconnect: Remove YouTube data anytime by disconnecting your channel
• • Exceptions: We may retain transaction records for legal/tax purposes

8.4 Opt-Out & Preferences

• • Marketing Emails: Unsubscribe link in every email or Settings → Notifications
• • Cookies: Manage via cookie banner or footer link
• • AI Features: Disable specific AI tools in Settings → AI Preferences
• • Data Sharing: Control freelancer access via Team Management

8.5 GDPR & CCPA Rights

If you're in the EU or California, you have additional rights:

• i. Right to Object: Object to data processing for marketing purposes
• ii. Right to Restrict: Limit how we process your data
• iii. Right to Withdraw Consent: Revoke consent for optional data processing
• iv. Right to Complain: File a complaint with your local data protection authority
• v. Do Not Sell: We do NOT sell your personal information

12.1 Payment Information Collection

• i.What We Collect: Billing name, address, email, and last 4 digits of your card
• ii.What We DON'T Store: Full credit card numbers, CVV codes, or banking credentials
• iii.PCI DSS Compliance: All payment processing meets Payment Card Industry Data Security Standards

12.2 Stripe Integration

We use Stripe as our payment processor:

• •Direct Processing: Your payment details go directly to Stripe's secure servers, not ours
• •Tokenization: Stripe creates encrypted tokens representing your payment method
• •Transaction Data: We receive transaction IDs, amounts, dates, and payment status
• •Stripe Privacy: View Stripe's privacy policy at stripe.com/privacy

12.3 Subscription & Billing Data

For subscription management, we store:

• • Subscription plan type (Creator Starter, Pro, Enterprise)
• • Billing cycle (monthly/annual) and renewal dates
• • Payment history and invoices (for your records and tax purposes)
• • Failed payment attempts and reasons
• • Refund requests and processing status

12.4 Freelancer Payouts

For freelancers receiving payments:

• i.Payout Information: Bank account or PayPal details (encrypted and stored securely)
• ii.Tax Documentation: W-9 or W-8 forms for tax reporting (US law requirement)
• iii.Earnings History: Transaction logs for your financial records
• iv.1099 Reporting: Annual tax forms sent if earnings exceed $600 (US freelancers)

13.1 Freelancer Profile Data

When you create a freelancer profile:

• i.Public Information: Display name, profile picture, skills, portfolio, ratings, and reviews
• ii.Private Information: Real name, email, phone number, payout details (never shown to clients)
• iii.Work History: Project titles, completion rates, earnings (aggregated, not per-project)
• iv.Verification Status: Identity verification, skill certifications displayed with badges

13.2 Project & Proposal Data

During project collaboration:

• • Proposals: Stored and visible only to the specific client
• • Messages: End-to-end encrypted communication between creator and freelancer
• • Deliverables: Files and assets stored securely in Vercel Blob Storage
• • Project Metadata: Timelines, milestones, and completion status

13.3 Rating & Review System

• i.Review Content: Public reviews displayed on freelancer profiles
• ii.Reviewer Information: Display name and profile picture shown, email hidden
• iii.Moderation: Reviews screened for inappropriate content using AI and manual review
• iv.Disputes: Both parties can flag reviews for investigation

13.4 Background Checks & Verification

For premium freelancer verification:

• • Identity Verification: Government ID check via third-party service (Stripe Identity)
• • Skill Verification: Portfolio review and skill assessments
• • Data Storage: Verification data stored encrypted for compliance
• • Retention: Verification records kept for 5 years for legal protection

14.1 Team Member Access

When you add team members to your account:

• i.Granular Permissions: You control what data each team member can access (analytics, content, settings)
• ii.Activity Logs: All team member actions are logged for security and accountability
• iii.Data Visibility: Team members only see data you've explicitly granted access to
• iv.Removal: When removed, team members immediately lose all access

14.2 Shared Content & Assets

Collaboration features and data sharing:

• • Content Calendar: Shared access to scheduled posts and video plans
• • Scripts & Ideas: Collaborative editing with version history
• • Analytics Reports: Team members see aggregated data, not individual viewer information
• • Comments & Notes: Internal team communication stored securely

14.3 Role-Based Access Control (RBAC)

Different roles have different data access levels:

• • Owner

  Full access to all data, settings, billing, and team management

• • Admin

  Access to analytics, content, and team management (no billing access)

• • Editor

  Can create and edit content, view analytics (cannot invite members)

• • Viewer

  Read-only access to analytics and content (no editing or settings)

15.1 Types of Communications

We send different types of emails with different opt-out options:

• i. Transactional Emails (Cannot Opt-Out)

  Password resets, payment confirmations, security alerts, account changes

• ii. Service Updates (Cannot Opt-Out)

  Critical platform updates, Terms changes, maintenance notifications

• iii. Product Notifications (Can Opt-Out)

  New features, AI tool updates, educational content

• iv. Marketing Emails (Can Opt-Out)

  Promotions, webinars, case studies, partner offers

• v. Growth Tips & Analytics (Can Opt-Out)

  Weekly performance summaries, growth insights, personalized recommendations

15.2 Email Data Collection

When you receive emails from us, we may collect:

• • Open Rates: Whether and when you opened an email
• • Click Tracking: Which links you clicked within emails
• • Device Information: Email client, device type, location (general)
• • Purpose: To improve email relevance and timing, not sold to third parties

15.3 Managing Your Preferences

Control your communication preferences:

• •Unsubscribe Link: Every marketing email includes a one-click unsubscribe option
• •Email Preferences: Settings → Notifications → Email Preferences for granular control
• •Frequency Control: Choose daily, weekly, or monthly digest options
• •Processing Time: Opt-out requests processed within 48 hours

15.4 In-App Notifications

Push notifications and in-app alerts:

• • Browser Notifications: Can be disabled in browser settings or app settings
• • Real-Time Alerts: Fiora insights, milestone achievements, critical updates
• • Data Used: Your activity patterns to send timely, relevant notifications
• • Do Not Disturb: Set quiet hours in Settings → Notifications

16.1 Detection & Response

• i.24/7 Monitoring: Automated systems detect unusual access patterns
• ii.Immediate Containment: Security team acts within minutes to isolate affected systems
• iii.Forensic Analysis: Determine scope, affected users, and compromised data types
• iv.Remediation: Fix vulnerabilities, update security protocols, enhance monitoring

16.2 User Notification Timeline

• • Within 72 Hours: Email notification to all affected users (GDPR requirement)
• • Regulatory Filing: Report to data protection authorities as required by law
• • Public Disclosure: Transparent blog post if breach affects >1000 users
• • Ongoing Updates: Regular communication until situation is fully resolved

16.3 What We'll Tell You

Our breach notifications will include:

• i.Nature of Breach: What happened and how the breach occurred
• ii.Data Affected: Specific types of data that were accessed or stolen
• iii.Recommended Actions: Steps you should take to protect yourself
• iv.Support Resources: Dedicated support team and credit monitoring services (if applicable)
• v.Prevention Measures: What we're doing to prevent future breaches

17.1 Contract Performance

Processing necessary to provide services you've requested:

• • Account creation and management
• • Subscription billing and payment processing
• • YouTube analytics dashboard and reports
• • AI-powered content generation tools
• • Freelancer marketplace connections

17.2 Legitimate Interests

Processing for our legitimate business interests (balanced against your rights):

• • Platform Security: Fraud prevention, abuse detection
• • Service Improvement: Usage analytics, feature development
• • Customer Support: Responding to inquiries, resolving issues
• • Business Operations: Internal research, quality assurance

17.3 Consent

Processing based on your explicit consent (you can withdraw anytime):

• • Marketing emails and promotional communications
• • Optional analytics cookies and tracking
• • YouTube account connection and data access
• • Voice recordings for Fiora AI assistant
• • Newsletter subscriptions and educational content

17.4 Legal Obligations

Processing required by law:

• • Tax reporting and financial record retention
• • Compliance with court orders and legal requests
• • Anti-money laundering checks for high-value transactions
• • Data protection impact assessments

18.1 Your CCPA Rights

• i. Right to Know

  Request disclosure of personal information collected, used, shared in the past 12 months

• ii. Right to Delete

  Request deletion of personal information (subject to legal exceptions)

• iii. Right to Opt-Out

  We do NOT sell your personal information, so no opt-out needed

• iv. Right to Non-Discrimination

  Exercise your rights without receiving discriminatory treatment

• v. Right to Correct

  Request correction of inaccurate personal information

18.2 Categories of Information Collected

In the past 12 months, we've collected:

• • Identifiers: Name, email, username, IP address
• • Commercial Information: Purchase history, subscriptions, payment methods
• • Internet Activity: Browsing history, interactions with our website
• • Professional Information: YouTube channel data, content creator profile
• • Inferences: Preferences, characteristics, behavior predictions from AI analysis

18.3 How to Exercise Your Rights

Submit a verifiable consumer request:

• • Email privacy@auraspeed.com with "CCPA Request" in the subject line
• • Use the "Request My Data" form in Settings → Privacy
• • We'll verify your identity and respond within 45 days (max 90 days for complex requests)
• • No charge for up to 2 requests per year; excessive requests may incur a fee

19.1 AI-Powered Recommendations

Automated systems that provide suggestions:

• i.Content Ideas: Fiora analyzes your niche, audience, and trends to suggest video topics
• ii.Posting Times: Algorithm predicts optimal upload times based on your audience activity
• iii.Freelancer Matching: AI matches creators with suitable freelancers based on skills, ratings, and project fit
• iv.Human Override: All AI suggestions are advisory only; you maintain full control

19.2 Automated Moderation

Systems that automatically filter or flag content:

• • Spam Detection: AI filters spam comments, proposals, and messages
• • Content Safety: Automated checks for inappropriate reviews or user-generated content
• • Fraud Prevention: Transaction monitoring for suspicious activity
• • Appeal Process: Can contest automated decisions via support ticket

19.3 Profiling for Personalization

We create user profiles to personalize your experience:

• i.Data Used: Channel analytics, content preferences, usage patterns, engagement history
• ii.Purpose: Tailor dashboard layout, prioritize relevant tools, customize Fiora responses
• iii.No Significant Impact: Profiling doesn't affect pricing, access to features, or legal rights
• iv.Opt-Out: Disable personalization in Settings → AI Preferences → "Use Generic Experience"

19.4 No Solely Automated Decisions

We do NOT make decisions solely by automated means that significantly affect you, including:

• • Account suspension or termination (human review required)
• • Refund approvals (support team evaluates each case)
• • Freelancer verification (combination of AI and manual review)
• • Dispute resolution (human arbitration available)

Supervisory Authorities

If you're not satisfied with our response, you have the right to lodge a complaint with your local data protection authority:

• • EU Residents: Contact your national Data Protection Authority
• • UK Residents: Information Commissioner's Office (ICO) at ico.org.uk
• • California Residents: California Attorney General at oag.ca.gov/privacy

22.1 Marketplace Communication Channels

When freelancers and clients communicate through AuraSpeed's messaging system, we collect and process:

• Message Content: Text messages, file attachments, project briefs, delivery notes
• Communication Metadata: Timestamps, read receipts, response times
• Project Discussions: Scope negotiations, revision requests, milestone updates
• Feedback & Reviews: Public reviews, private feedback, ratings data

22.2 Data Access & Monitoring

• •Dispute Resolution: When either party files a dispute or complaint
• •Trust & Safety: Investigating fraud, scams, or policy violations
• •Legal Compliance: Responding to subpoenas, court orders, or legal requests
• •Platform Improvement: Anonymized analysis to improve user experience (no individual identification)

We do NOT: Read your messages for marketing purposes, sell communication data to third parties, or use AI to analyze private conversations without anonymization.

22.3 External Communication Privacy

If you choose to communicate with freelancers/clients outside AuraSpeed's platform (email, social media, video calls):

• Those communications are NOT protected by AuraSpeed's privacy policies
• We cannot access, monitor, or use those communications for dispute resolution
• You assume all risks associated with external communication channels
• We recommend keeping all project-related communication on AuraSpeed for your protection

22.4 Communication Data Retention

We retain freelancer-client communication data as follows:

• Active Projects: All messages retained during project duration and 90 days after completion
• Disputed Projects: All communications retained until dispute is resolved plus 180 days
• Account Deletion: Communications deleted within 30 days of account closure (unless involved in active disputes)
• Legal Holds: Communications preserved indefinitely if subject to legal proceedings

23.1 Freelancer Work Product Storage

When freelancers upload deliverables to AuraSpeed (thumbnails, edited videos, scripts, designs):

• Storage Duration: Files stored on Vercel Blob for the duration of the project plus 30 days after delivery
• Access Control: Only the freelancer who uploaded and the client who hired them can access files
• Automatic Deletion: Files automatically deleted 30 days after project completion (unless extended by mutual agreement)
• Download Rights: Clients are responsible for downloading and backing up deliverables before deletion

23.2 Client Project Briefs & Assets

When clients share project requirements, reference materials, or brand assets:

• Files are encrypted at rest and in transit (AES-256 encryption)
• Only the assigned freelancer(s) can access shared client materials
• Freelancers must delete client materials after project completion per their service agreement
• Clients can revoke access to materials at any time before project delivery

23.3 Portfolio & Showcase Usage

• ✓ Grant or deny portfolio showcase permissions during project setup
• ✓ Revoke portfolio permissions at any time after project completion
• ✓ Request removal of their work from freelancer portfolios
• ✓ Specify confidential projects as "NDA Protected" (never shown publicly)

23.4 Intellectual Property Data

AuraSpeed does NOT claim ownership of any work product created by freelancers or content owned by clients. However, we collect IP-related data for dispute resolution:

• Project scope documents defining deliverables and ownership terms
• File upload timestamps and version histories (for proving delivery dates)
• Revision request logs and approval confirmations
• Copyright transfer agreements or work-for-hire acknowledgments

This data is retained for 2 years after project completion to support potential intellectual property disputes.

24.1 Dispute Resolution Data Collection

When disputes arise between freelancers and clients, we collect:

• Dispute Claims: Detailed descriptions, evidence, screenshots, correspondence
• Counter-Claims: Responses, defenses, and supporting documentation from the other party
• Mediation Communications: Messages with AuraSpeed support team during resolution process
• Resolution Outcomes: Final decisions, refund amounts, account actions taken

24.2 Confidentiality of Dispute Information

Dispute information is confidential and will NOT be shared publicly or with other users, except:

• ! When required by law (subpoenas, court orders)
• ! To enforce Terms of Service violations (may result in profile warnings)
• ! In anonymized form for platform safety analysis (no user identification)

24.3 Dispute Data Retention

Dispute-related data is retained as follows:

• Resolved Disputes: Retained for 3 years after resolution date
• Unresolved/Appealed Disputes: Retained until final resolution plus 3 years
• Legal Disputes: Retained indefinitely if escalated to legal proceedings
• Fraud Cases: Retained indefinitely to prevent future fraudulent activity

24.4 User Reputation & Trust Scores

Dispute outcomes may affect internal trust scores used for fraud prevention. These scores are:

• NOT publicly visible on user profiles
• Used internally to flag high-risk transactions for additional review
• Based on dispute frequency, severity, and resolution outcomes
• Can be appealed through our support team if you believe they are inaccurate

25.1 What AuraSpeed IS Responsible For

We take responsibility for:

• Maintaining platform security and protecting stored data
• Processing payments accurately through our payment processor (Stripe)
• Enforcing our Terms of Service and Community Guidelines
• Providing customer support and dispute mediation services (but not guaranteeing outcomes)
• Maintaining uptime and platform functionality (subject to reasonable outages)

25.2 What AuraSpeed is NOT Responsible For

We explicitly disclaim responsibility for:

• Freelancer Work Quality: Skills, expertise, professionalism, or deliverable quality
• Project Completion: Whether freelancers finish projects on time or at all
• Client Behavior: Late payments, unclear requirements, scope creep, or unreasonable demands
• Intellectual Property: Copyright infringement, plagiarism, or unauthorized use of third-party assets
• External Communications: Agreements, contracts, or disputes handled outside our platform
• YouTube Violations: If freelancer work causes YouTube policy violations or channel strikes
• Financial Losses: Lost revenue, opportunities, or damages resulting from poor freelancer performance
• Personal Data Shared Externally: Information you share outside AuraSpeed's secure messaging system

25.3 User Due Diligence Requirements

Users are solely responsible for:

• Vetting freelancers before hiring (review portfolios, ratings, past work)
• Clearly defining project scope, deliverables, and deadlines in writing
• Reviewing deliverables promptly and requesting revisions within agreed timelines
• Verifying freelancer identity, credentials, and legal right to work
• Maintaining backups of all project files and communications
• Reporting policy violations, fraud, or suspicious activity immediately

25.4 Data Privacy in Marketplace Transactions

While we protect your data as described throughout this Privacy Policy, we cannot control:

• How freelancers or clients use data shared during project collaboration
• Whether parties honor confidentiality agreements made outside our platform
• Third-party service privacy practices (if you use external tools for collaboration)
• Data retention practices after project files are downloaded from our platform

We strongly recommend: Using NDAs for confidential projects, watermarking sensitive materials before sharing, and keeping all collaboration within AuraSpeed's secure environment.

25.5 Indemnification for Marketplace Activity

By using AuraSpeed's freelancer marketplace, you agree to indemnify and hold AuraSpeed harmless from any claims, damages, or legal actions arising from:

• Disputes between you and other users (freelancers or clients)
• Work product quality, copyright infringement, or intellectual property disputes
• Breach of contract between freelancer and client
• Violations of YouTube policies resulting from freelancer deliverables
• Tax obligations, employment classification disputes, or regulatory compliance issues