Privacy Policy.

You filled out one of our two forms — to apply to the cohort, or to send a brief. We use what you typed only to read your application or evaluate the partnership, and to write back. We keep the record for 24 months and then delete it automatically. We do not sell it, share it for advertising, or pass it to anyone outside the people doing the evaluation. If you ever want it gone sooner, one email gets it gone.

The rest of this notice is the same thing said with the precision the Digital Personal Data Protection Act, 2023 requires.

The AURA Creators website is operated by ANAMDC Technologies Private Limited, a company incorporated under the Companies Act, 2013, with its registered office in Bengaluru, India (referred to in this notice as “AURA”, “we”, “us”, or “our”). For the personal data described in this notice, we act as the Data Fiduciaryunder the Digital Personal Data Protection Act, 2023 (“DPDP Act”).

We only collect what you give us through one of the two forms on this site, along with a small amount of operational metadata generated at the moment you submit:

• Creator application form— full name, email address, phone number (optional), primary content platform, handle or profile URL, follower band, content niche, hours per week you can commit, and your written response to the “why join” question.
• Brand partnership form — company name, contact name, email address, phone number (optional), budget band, campaign shape, target niches, timeline, and your written campaign goals.
• Operational metadata on every submission— server timestamp, a one-way salted hash of your IP address (we do not store the IP itself), your browser’s user-agent string (truncated), and the version of this notice you consented to.

We do not collect financial information, government identifiers (Aadhaar, PAN), passwords, biometric data, location data, or any data category classified as sensitive under any applicable Indian law through these forms.

We process the data above for the following specified purposes only:

• To evaluate your application to the AURA creator cohort and to write back to you with the outcome.
• To evaluate your brand partnership inquiry and to write back to you with a creator shortlist or proposal.
• To detect and prevent spam, abuse, and automated submissions, using Cloudflare Turnstile.
• To maintain a minimal audit log demonstrating that we honoured the retention and consent rules in this notice.

We do not use form data for behavioural advertising, profiling for unrelated purposes, training AI models, or onward sale to third parties.

Under DPDP Act §6, we process your personal data on the basis of the free, specific, informed, unconditional, and unambiguous consent you give by ticking the consent checkbox before submitting either form. The version of this notice you agreed to (v1.1) is recorded against your submission so that the scope of your consent is provable.

You may withdraw consent at any time by writing to the grievance officer below. Withdrawal will lead to deletion of your record within 30 days, and does not affect the lawfulness of processing carried out before withdrawal.

Form submissions are retained for 24 months from the date of submissionand are then automatically purged from our database by an automated job. After purging, only an anonymised audit row remains in our internal deletion log (date, table name, submission reference) — sufficient to demonstrate compliance with this retention rule, but not sufficient to identify you.

We will delete your record sooner on receipt of a verified erasure request, unless an overriding legal obligation requires retention for a longer period (for example, a specific tax or regulatory record-keeping rule that applies to a concluded engagement). Where that exception applies, we will tell you why and for how long.

We do not sell or rent personal data. We share form data only with:

• Our infrastructure providers, acting as Data Processors under our written instructions: Cloudflare, Inc. (site hosting, the D1 database, the Turnstile anti-spam widget, and email transit), MailChannels (transactional email delivery), and Discord, Inc. (an internal triage notification surface — see below for the field-level subset that flows to Discord).
• Internal triage notifications via Discord (Discord, Inc., USA):a strictly limited subset of each submission is mirrored into a private, invite-only Discord workspace so that authorised AURA reviewers can triage applications and briefs in their working environment. The fields that flow to Discord are: your name (or company and contact name for a brand brief), your content platform and handle (or campaign budget band and shape for a brief), follower band, niche, hours per week (or timeline and target niches for a brief), an excerpt of your “why join” or campaign-goals response, the submission reference, and the consent version. Your email address, phone number, and IP-hash are never sent to Discord and remain only in our D1 database. Retention in Discord matches the 24-month retention rule below; the triage notifications are deleted on the same schedule.
• Our internal staff and reviewers: limited to the people who need access to evaluate your application or inquiry, under a contractual obligation of confidentiality.
• Authorities: only where disclosure is required by Indian law or in response to a lawful order from a competent authority. We will give you notice where we are legally permitted to do so.

Some of the processors named above may store data outside India. Where they do, they do so under terms permitted by §16 of the DPDP Act and any rules made under it.

As a Data Principal, you have the following rights:

• Right of access (§11) — to a summary of the data we hold about you, the processing we carry out, and the entities we have shared it with.
• Right to correction and erasure (§12) — to correct, complete, update, or erase your data.
• Right to grievance redressal (§13) — to raise concerns with our grievance officer.
• Right to nominate (§14) — to nominate another individual to exercise these rights in the event of your death or incapacity.

To exercise any right, write to the grievance officer below. We will acknowledge your request and respond within 30 days. If you are not satisfied with our response, you may approach the Data Protection Board of India as constituted under the DPDP Act.

The AURA cohort is open only to applicants aged 18 and above. We do not knowingly process the personal data of any individual under 18 through these forms, and we ask that no one under 18 submits a form. If we discover that we have inadvertently collected data from a person under 18, we will delete it promptly. This is consistent with the additional protections for minors set out in §9 of the DPDP Act.

Form data is transmitted over HTTPS and stored in Cloudflare D1, with access restricted to authorised AURA personnel through credentialed administrative tooling. Your IP address is one-way hashed with a daily-rotating salt before storage, so we retain a forensic signal sufficient for spam-and-abuse analysis without retaining the IP itself. Administrative read access is logged.

No transmission or storage system is perfectly secure. In the event of a personal-data breach affecting your data, we will notify the Data Protection Board of India and affected Data Principals as required by §8(6) of the DPDP Act.

The AURA Creators site itself does not set any analytics, advertising, or tracking cookies. The Cloudflare Turnstile widget on each form sets a small number of strictly-necessary cookies (such as cf_clearance) for the sole purpose of distinguishing humans from automated bots; these cookies are required for the form to submit at all. We do not embed third-party advertising pixels.

We may update this policy from time to time. Any material change will be reflected by a new version number at the top of this page, with a fresh “last updated” date. The version you consented to (recorded against your submission) governs the data we collected from you at the time. We will not apply a later, more permissive version retroactively to existing data without fresh consent.

For any privacy question, request to exercise your DPDP rights, or grievance, please write to:

Grievance Officer
ANAMDC Technologies Private Limited
Email: privacy@auralogiclabs.com
Bengaluru, India

We aim to acknowledge within seven working days and resolve within thirty days of acknowledgement.