AuraX ("we", "our", "us") is a service of S P LUMINOUS INFORMATION TECHNOLOGY L.L.C, located at Dubai Investments Park – Dubai, 15804 64561, Schon Business Park, Office 350-051. We operate a VPN service. This Privacy Policy explains how we collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable laws.
1. Data Controller
The data controller is S P LUMINOUS INFORMATION TECHNOLOGY L.L.C, Dubai Investments Park – Dubai, 15804 64561, Schon Business Park, Office 350-051. For privacy-related inquiries, data subject requests, or the controller's registered address, contact us via the channel below.
2. Data We Collect
- Account identifier: User ID and email (for EN), used to authenticate and associate your account with VPN access.
- Minimal technical metrics: Connection timestamps, server assignments, and access status for service delivery, billing, and fraud prevention. We do not log browsing content, traffic payload, DNS queries, or the IP addresses of sites you visit.
- No traffic or browsing logs: We do not log, store, or inspect your browsing activity or the content of your internet traffic. We retain only the minimal data necessary to operate the service and comply with the law.
3. Legal Basis for Processing
We process your data based on: (a) contract performance (providing VPN service); (b) legitimate interest (fraud prevention, security); (c) legal obligation where required by law.
4. How We Use Your Data
- Providing and maintaining VPN access
- Processing payments and managing access periods
- Preventing fraud and abuse
- Responding to legal requests when required by law
5. Data Retention
We retain account and usage data for as long as your account is active and for up to 12 months after account closure for legal and dispute purposes. Financial records are retained as required by tax law.
6. Your Rights (GDPR)
If you are in the EU/EEA or UK, you have the right to:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate data
- Erasure: Request deletion of your data
- Portability: Receive your data in a structured format
- Object: Object to processing based on legitimate interest
- Restrict: Restrict processing in certain circumstances
To exercise these rights, contact us via support. You may also lodge a complaint with a supervisory authority in your country (e.g., your local Data Protection Authority).
7. Data Sharing and Sub-Processors
We do not sell your data. We may share data with: (a) Paddle — our payment processor and Merchant of Record. Card details are processed directly by Paddle; we do not store full card numbers. See Paddle's Privacy Policy. (b) Hosting providers under GDPR-compliant data processing agreements; (c) Authorities when required by law.
8. International Transfers
Data may be stored outside the EU. We ensure appropriate safeguards (e.g., standard contractual clauses) when transferring data to third countries.
9. Security
We use industry-standard encryption and security measures to protect your data. Access to personal data is restricted and audited.
10. Changes
We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated "Last updated" date. Continued use of the service after changes constitutes acceptance.
11. Contact
For privacy inquiries, data subject requests, or to contact our data protection contact: email support@aurax-services.online. You may also refer to our Terms of Service, Refund Policy, and Cookie Policy.