Privacy Policy

Last Updated: June 23, 2026

This Privacy Policy explains how Auronis ("we," "us," or "our") collects, uses, and protects your information when you visit auronis.app (the "Site").

For the purposes of the General Data Protection Regulation (GDPR), the Data Controller is Kami Susnis, located at 7305 Shannondale Rd, Mechanicsville, VA 23116.

1. Information We Collect

We collect data in three ways: information you explicitly give us, technical data necessary for the site to function, and limited analytics data that helps us understand and improve the Site.

A. Information You Provide (Explicit Consent)

When you book a demo or contact us, we collect only the data fields you fill out, which may include:

  • Name
  • Email Address
  • Company Name
  • Role
  • Company Size
  • Intended Use Case
  • Referral Source

B. Technical Data (Legitimate Interest)

When you access our Site, our servers automatically process your IP address and standard server log information (e.g., browser type, operating system).

  • Limitation: This data is processed solely to establish a connection to the website and for security purposes (e.g., preventing DDoS attacks).

C. Analytics and Product Usage Data

We use PostHog to understand how visitors use the Site and to improve our website, messaging, and product experience. PostHog may collect information such as page views, referring pages, device and browser details, approximate location derived from network information, anonymous visitor identifiers stored through cookies or similar browser storage, and interactions such as CTA clicks, demo requests, contact submissions, and demo usage events.

If session replay is enabled, PostHog may record interaction data such as clicks, scrolling, navigation, and page content to help us diagnose usability issues. PostHog masks input fields by default, and we do not intentionally use session replay to collect the contents of contact or demo form fields.

2. How We Use Your Information

  • Demo Scheduling: To schedule and conduct the product demonstration you requested.
  • Demo Request Management: To understand your use case and tailor follow-up about your demo.
  • Communication: To answer your specific inquiries.
  • Network Security: To maintain the technical operation and security of the Site (processing IP addresses).
  • Site Analytics and Improvement: To understand aggregate website usage, measure which pages and calls to action are effective, and debug usability issues.

3. Legal Basis for Processing (GDPR)

  • Explicit Consent (Art. 6(1)(a)): For all data submitted via forms (such as Name, Email, Company Name, Company Size, Intended Use Case, and Referral Source). We process this only after you submit the relevant form.
  • Legitimate Interests (Art. 6(1)(f)): For the processing of IP addresses and limited analytics data. Our legitimate interests are ensuring the security and technical availability of our website, understanding how the Site performs, and improving the experience for visitors.

4. International Data Transfers

Auronis is based in the United States.

  • Transfer Mechanism: By submitting your personal data, you explicitly acknowledge the transfer of your data to the United States. We rely on Article 49(1)(b) GDPR (transfer necessary for the performance of a contract) to facilitate the demo scheduling or follow-up you requested.

5. Data Retention: How Long We Keep Your Information

We only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, and whether we can achieve our purposes through other means.

Our specific retention windows include:

  • Waitlist and Marketing Data: If you sign up for our waitlist or request a demo, we retain your contact information until you withdraw your consent or ask us to delete your data. If we notice you are completely inactive (e.g., not opening emails or responding to outreach) for a period of 12 months, we will safely delete or anonymize your data.
  • Account and Services Data: If you create an account, we keep your personal data (stored securely via Supabase) for the duration of your active account. If you close your account, your data is permanently deleted from our primary databases within 30 days, though it may persist in secure, encrypted backups for up to an additional 30 days before being completely overwritten.
  • Analytics and Technical Logs: Server logs and website interaction data processed via our infrastructure (PostHog, Vercel, Netlify) are automatically deleted or fully anonymized after 90 days, unless a security incident requires a longer investigation.

If you request that we erase your data, we will do so immediately, subject to any legal obligations that require us to maintain certain records (such as financial or tax compliance).

6. Sharing Your Data

We share data only with the following processors required to deliver our service:

  • Calendly (Scheduling)
  • PostHog (Analytics and Session Replay)
  • Supabase (Demo Request Database)
  • Netlify, Vercel (Hosting and Infrastructure)

7. Your Data Protection Rights

Under the GDPR, you have the following specific rights regarding your data:

  1. Right to Access: You have the right to request copies of your personal data.
  2. Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  3. Right to Erasure ("Right to be Forgotten"): You have the right to request that we erase your personal data under certain conditions.
  4. Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.
  5. Right to Object to Processing: You have the right to object to our processing of your personal data (specifically regarding data processed under "Legitimate Interests").
  6. Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, in a structured, machine-readable format.
  7. Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.
  8. Rights regarding Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling. (Note: We do not currently use automated decision-making or profiling).

To exercise any of these rights, please contact us at contact@auronis.app.

8. Right to Lodge a Complaint

If you believe we have not adequately addressed your rights, you have the right to lodge a complaint with a Data Protection Authority (DPA) in your country of residence within the EEA.

9. Contact Us

  • Email: contact@auronis.app
  • Address: 7305 Shannondale Rd, Mechanicsville, VA 23116