Last updated: March 5, 2026

1. Introduction

AuroraVault ("we", "our", "us") operates the AuroraVault mobile application (the "Service"). This Privacy Policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service.

2. Information We Collect

We collect the following types of information:

• Account Information: Email address, first name, last name, and preferred language when you create an account.
• Security Information: Encrypted PIN codes and recovery phrases for wallet authentication. These are stored securely and encrypted.
• Identity Verification (KYC): Government-issued identification documents, selfie photos, and live photos for identity verification purposes as required by applicable regulations.
• Transaction Data: Records of cryptocurrency transactions including amounts, wallet addresses, timestamps, and transaction hashes.
• Device Information: Device type, operating system version, and app version for providing technical support.

3. How We Use Your Information

We use your information for the following purposes:

• To provide and maintain our cryptocurrency portfolio management Service
• To process and record cryptocurrency transactions
• To verify your identity as required by Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations
• To send you transaction confirmations and account notifications via email
• To provide customer support through our in-app chat system
• To detect and prevent fraudulent activity
• To comply with legal obligations

4. Data Security

The security of your data is important to us. We implement the following security measures:

• BIP39 recovery phrases are encrypted before storage
• PIN codes are hashed using industry-standard algorithms
• All data transmission is encrypted using TLS/SSL
• Sensitive credentials are stored using platform-native secure storage (Keychain on iOS, Keystore on Android)
• Server-side data is stored in encrypted PostgreSQL databases

5. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your data only in the following circumstances:

• With blockchain networks to process your cryptocurrency transactions
• With regulatory authorities when required by law
• With email service providers to send you transaction notifications

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our Service. Transaction records are retained as required by applicable financial regulations.

7. Your Rights

You have the following rights regarding your personal data:

• Access: You can request a copy of your personal data.
• Correction: You can request correction of inaccurate data.
• Deletion: You can request deletion of your account and associated data, subject to legal retention requirements.
• Export: You can export your transaction history at any time.

8. Camera and Photo Access

Our app may request access to your device camera and photo library solely for:

• Scanning QR codes for cryptocurrency wallet addresses
• Capturing identity documents and selfies for KYC verification

Photos taken for KYC purposes are transmitted securely and stored only for verification purposes.

9. Biometric Data

Our app may use biometric authentication (fingerprint, Face ID) as an additional security layer. Biometric data is processed entirely on your device and is never transmitted to our servers.

10. Children's Privacy

Our Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal data from children under 18.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us:

• Email: support@auroravault.market
• Website: cryptovault.market

13. GDPR Compliance (EU Users)

For users in the European Union, we comply with the General Data Protection Regulation (GDPR). Our legal basis for processing personal data includes:

• Performance of a contract (providing our Service to you)
• Legitimate interest (improving our Service and preventing fraud)
• Legal obligation (compliance with AML/KYC regulations)
• Consent (for optional features and communications)

You may contact our Data Protection Officer at security@auroravault.market.