Overview
UploadAura (the “Service”) is a thin storage layer over Amazon S3. This policy explains what data we collect, how we use it, and the choices you have. By using the Service you agree to the practices described here.
Your files
Files you upload are stored in the S3 bucket associated with your account and served back exactly as uploaded. We do not scan, read the contents of, train on, or resell your files. Objects that you mark private are never exposed via a public URL unless you explicitly generate a signed link.
Account data
We collect the information you provide at sign-up (email address and password, stored hashed) plus usage metadata such as storage consumed and request counts. This is used to operate your account, enforce plan limits, and provide support.
Logs & analytics
We retain request logs (timestamps, object keys, response codes, byte counts) for up to 30 days to debug errors and prevent abuse. These logs are not used to profile the contents of your files and are deleted on a rolling basis.
Data retention
Your files remain available as long as your account is active. If an account is cancelled, stored objects and associated metadata are permanently deleted within 30 days. You may delete individual files at any time, which removes them immediately.
Security
All traffic is encrypted in transit with TLS. Objects at rest are encrypted by Amazon S3. Access is scoped per-account via signed API keys, and private files require short-lived signed URLs that expire automatically.
Third parties
The Service relies on Amazon Web Services for storage and CDN delivery. We do not share your personal data with advertisers. Service providers who process data on our behalf are bound by confidentiality obligations consistent with this policy.
Your rights
You may request access to, correction of, or deletion of your personal data at any time. To exercise these rights or ask questions, contact us at privacy@uploadaura.dev.
Changes
We may update this policy as the Service evolves. Material changes will be announced via the email on file or a notice in the dashboard. Continued use after changes take effect constitutes acceptance of the revised policy.