Privacy Policy

Effective date: July 16, 2026

This policy explains how TipaSoft Inc. ("we," "us," "our") collects, uses, stores, and deletes data when you use Aura Blaster (the "Service"). It covers both your data and the data of the people who message you through your connected channels.

1. What We Collect

  • Account data — your email address, authentication identifiers, organization names, and billing status.
  • Channel credentials — access tokens and configuration you authorize when connecting channels (Instagram, Messenger, WhatsApp, SMS, email, website chat, Calendly). Tokens are stored to operate the connection and are never sold or shared for advertising.
  • Conversation data — messages exchanged through your connected channels, including sender identifiers, message text, and timestamps, so the Service can display conversations and draft replies.
  • Persona and settings data — the business information, scripts, and preferences you enter to shape AI drafts.
  • Payment data — handled by Stripe. We store subscription status and Stripe identifiers, never card numbers.

2. How We Use Data

We use the data above solely to provide and improve the Service:

  • displaying your conversations and queues;
  • generating AI reply drafts — conversation context and your persona settings are submitted to our AI provider to produce a draft; our AI provider does not use this data to train its models under our agreement with them;
  • sending messages you approve through the channel they belong to;
  • operating billing, support, and service notifications.

We do not sell personal data and we do not use your conversation data for advertising.

3. Google User Data (Gmail)

If you connect a Gmail account, we access it through the Gmail API with the permissions you grant (reading incoming mail and sending mail on your behalf). We use this access only to show incoming email in your queue, draft replies for your approval, and send the replies you approve. Aura Blaster's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. You can revoke this access at any time from your Google account security settings or by disconnecting the channel.

4. Sharing

We share data only with the processors needed to run the Service:

  • infrastructure and database hosting providers;
  • our AI provider (to generate drafts, as described above);
  • the messaging platforms you connect (to deliver the messages you send);
  • Stripe (for payments).

We may also disclose data if required by law or to protect the rights, safety, or property of our users or the public.

5. Retention and Deletion

We retain your data while your account is active. When you disconnect a channel, its credentials are removed. When you delete your account — or ask us to — we delete your account data, conversation data, and stored credentials within 30 days, except where the law requires longer retention (for example, billing records). To request deletion, email vladimir@vbar.io.

6. Security

Data is encrypted in transit, access to production systems is restricted, and channel credentials are stored in access-controlled databases. No system is perfectly secure; if a breach affects your data, we will notify you as required by applicable law.

7. Your Rights

Depending on where you live, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. Contact us at vladimir@vbar.io and we will respond within the timelines required by applicable law. The Service is not directed at children under 16, and we do not knowingly collect their data.

8. Changes and Contact

We may update this policy; significant changes will be announced by email or in the Service. Questions: vladimir@vbar.io.