Who We Are
Aura 300 Inc. is a Delaware C-Corp providing AI assistants (e.g., Emma, Yuki, Nami) that automate salon communication, scheduling, marketing, and analytics.
Who This Applies To
Salon owners and their authorized staff using Aura 300 Services.
End customers of salons who interact with AI agents by phone, SMS, WhatsApp, or other channels.
What Personal Data We Process
From Salon Clients: Name, business contact info, CRM login or API credentials, subscription and usage data.
From Salon Customers (on behalf of salon): Name, contact info (email, phone), booking history, preferences, and responses to AI agents.
Meta/WhatsApp Data: Message content, delivery status, opt-in/out preferences (as applicable).
Legal Basis for Processing
Aura processes personal data:
As a data processor on behalf of salons (the data controller), per GDPR Art. 28.
As a data controller for limited administrative data (e.g., salon accounts, support logs) under legitimate interests or contractual necessity.
Data Use
We use data to:
Deliver our AI reception, booking, marketing, and analytics services.
Authenticate and sync with CRM systems.
Improve our AI performance and customer experience.
Comply with legal obligations and enforce our terms.
Sharing and Sub-Processors
We use third-party sub-processors to deliver services, including:
Twilio (telephony and SMS)
Meta (WhatsApp Business)
OpenAI/Anthropic/Retell.ai (language models)
AWS (infrastructure hosting)
All sub-processors are under contract with equivalent data protection obligations. A current list is available upon request.
International Transfers
We use Standard Contractual Clauses and UK Addendum where required for transfers outside the EU/UK.
Data Retention
Salon account data is retained while the subscription is active.
Customer data processed on behalf of salons is deleted within 30 days of termination unless otherwise instructed by the salon.
Your Rights (if applicable)
Depending on your jurisdiction, you may have the right to:
Access personal data held about you
Request correction or deletion
Object to certain types of processing
Withdraw consent where processing is based on consent
Security
We implement encryption, access controls, audit logs, and regular testing to protect data.
Children
Aura services are not directed at individuals under the age of 16. Salons are responsible for ensuring lawful data collection from minors where applicable.
Marketing Communications
All marketing communications sent via Aura AI are governed by the salon’s lawful basis and consent mechanisms. We honor opt-out preferences at all times.
Changes to this Policy
We may update this policy periodically. Significant changes will be notified via email or platform dashboard.
Mergers and Acquisitions
In the event of a merger, acquisition, or sale of Aura 300 Inc., personal data may be transferred to the acquiring party, provided they commit to data protection standards no less protective than those in this Policy.
15. Contact
Email: privacy@aura300.ai