Last updated: November 26, 2025
PT AURACHAT INDO MEDIA (“us,” “we,” or “our”) operates the AuraChat website and mobile application (the “Service”). We respect our users’ privacy and are committed to protecting personal data in compliance with applicable laws, including the European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Indonesian Law No. 27 of 2022 concerning Personal Data Protection (“UU PDP 2022”).
By using our Service, you agree to this Privacy Policy and consent to the collection, storage, use, transfer, and disclosure of your information as described below. If you do not agree, you must not use the Service.
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to purchase the Service and to contact or identify you. Personally identifiable information may include, but is not limited to, your email address, name, phone number, postal address, or credit card or other financial information (“Personal Information”).
If you are using the Service as an Advisor, you may also be required to provide additional information, including but not limited to:
Even though you may provide us with financial information, AuraChat does not process or store credit card or payment instrument details directly. All payment transactions are processed through carefully selected licensed third-party payment service providers in Indonesia (such as Midtrans, Xendit, or other providers registered with Bank Indonesia and/or the Otoritas Jasa Keuangan (OJK)), or through global platforms such as Google or Apple.
The following is a list of personal information collected by AuraChat:
Your Personal Data provided to such third parties will be processed only in accordance with their respective terms and conditions and in compliance with applicable Indonesian data protection laws. We retain the right, at our sole discretion, to change or appoint another third-party payment service provider from time to time.
You understand and agree that the provision of Personal Data is voluntary, but certain services may not be available if the required information is not provided. Your Personal Data may be used for the following purposes:
We will process, store, and retain your Personal Data only as long as necessary for the purposes above or as required under applicable law, in accordance with UU PDP 2022.
This information will be stored on third party partner servers (Cloudflare) for as long as your account is active. User data is hosted on servers belonging to third parties with whom we have signed Data Processing Agreements. All third party partners are GDPR-compliant. All communications on AuraChat are stored, and are used for analytics purposes, for quality assurance, and to maintain long term relationships between clients and advisors.
AuraChat is committed to ensuring that all personal information shared by Clients through the platform is handled responsibly, securely, and in accordance with applicable laws and regulations, including the Indonesian Personal Data Protection Law (Law No. 27 of 2022).
During the use of AuraChat Services, Clients may voluntarily provide personal information to Advisors to help deliver more accurate and personalized readings.
This information may include, but is not limited to:
By providing such information, the Client acknowledges and consents that this information may be used solely for the purpose of performing the advisory, spiritual, or reading services requested through the AuraChat Platform.
All information disclosed by Clients to Advisors through AuraChat must be treated as strictly private and confidential.
Advisors are prohibited from:
Advisors are required to uphold the highest standards of professional confidentiality, including the security of communications and the protection of any personal data received during consultations.
AuraChat acts as a Data Controller with respect to Client information collected through the platform.
Client personal data is processed and stored in compliance with UU PDP 2022 and related implementing regulations.
AuraChat may use anonymized and aggregated data for service improvement, analytics, and fraud prevention, but will never sell or share identifiable personal data with third parties without consent.
Payment information, if provided, is processed securely by third-party payment processors (such as Midtrans, Google, or Apple) in accordance with their respective privacy policies.
While Advisors are required to handle information with care and discretion, AuraChat cannot guarantee that any information voluntarily disclosed by Clients during a live session will remain entirely confidential if such disclosure is made outside the AuraChat Platform or via other means not monitored or secured by AuraChat.
Clients are therefore encouraged to share only the information necessary to perform the desired service and to avoid sharing sensitive data not directly relevant to the reading or consultation.
Depending on your location, we process your personal data under the following legal bases:
Under certain circumstances, users based in the EU have rights under data protection laws in relation to your personal data, namely:
You can exercise any of these rights by contacting us.
This section contains information about policies that apply solely to California residents who use Site and/or Services. If you are a California resident, as of January 2020 you have certain rights regarding your personal information under the California Consumer Privacy Act of 2018 (“CCPA”):
(1) Right to Know About Personal Information Collected, Disclosed, or Sold
You may request that we provide you with the following information:
Details about the personal information we collect can be found in the “Information Collection and Use” section of this Privacy Policy. The supplemental policy for the CCPA regarding the personal information we have collected over the last 12 months, including the categories of personal information, business purposes, and whether we collect or sell your personal information are provided below:
Categories of personal information | Business purpose | Collected? | Sold? | ||
A. Identifiers, such as full name, login name/nickname, street address, unique personal identifier, online identifier, date of birth, device type, unique device ID, browser type, Internet Protocol (IP) address, email address, account ID number, social security number, driver's license number, passport number, signature, or other similar identifiers. | To provide our products and services to you. To personalize, develop, and improve our products and services. To create, customize, maintain, and secure your account with us. To process your purchases, transactions, and payments. To prevent fraudulent transactions and fraudulent usage of our products and services. To provide you with customer support. | YES | NO | ||
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code 1798.80(e)), such as: social security number, address, telephone number, passport number, driver's license or state identification card number, PayPal payer ID, PayPal email address, bank account number, credit/debit card number, or any other financial information. "Personal information" does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records. |
| YES | NO | ||
C. Protected classification characteristics under California or federal law, including (but not limited to): age, race, color, citizenship, religion, marital status, sex/gender/gender identity, sexual orientation. | Same as category A above (only the information provided by you voluntarily is collected). | YES | NO | ||
D. Commercial information, such as products or services purchased or other purchasing or consuming histories or tendencies. | Same as category A above. | YES | NO | ||
E. Biometric information | Not applicable | NO | NO | ||
F. Internet or other electronic network activity, such as app/website usage history and information regarding interaction with our apps, websites, or advertisements. | Same as category A above. | YES | NO | ||
G. Geolocation data | Same as category A above. | YES | NO | ||
H. Sensory data, such as photographs, video recordings, or voice recordings. | Same as category A above. | YES | NO | ||
I. Professional or employment-related information | Same as category A above. | YES | NO | ||
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) | Not applicable | NO | NO | ||
K. Inferences drawn from other personal information, such as consumer preferences, characteristics, trends, and behavior. | Same as category A above. | YES | NO |
Sources of Your Personal Information
The personal information we collect is obtained from the following sources:
(2) Right to Request Deletion of Personal Information
Subject to certain limitations, you may request that we delete the personal information that we have collected about you. Upon verification of your request, we will queue your request for processing and notify you. If your request is denied, we will reply explaining why.
(3) Right to Opt Out of the Sale of Personal Information
Your personal information is “sold” (as we understand the term “sell” to be defined in the CCPA) when it is shared with a third party for monetary or other valuable consideration for a purpose that is not a “business purpose” as defined in the CCPA. We do not sell your personal information.
If you would like to opt out of promotional email messages, you may do so by clicking the “Unsubscribe” link in any of the email messages you receive.
(4) Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights
We will not discriminate against you for exercising your rights under the CCPA.
To exercise the “Right to Know” or the “Right to Request Deletion”, please email Customer Support. Before processing your request, we may ask to verify your identity or the identity of your authorized agent. Requests will be handled within the timeframes specified in the CCPA.
This section contains information about policies that apply solely to users residing in Indonesia in accordance with Undang-Undang No. 27 Tahun 2022 tentang Perlindungan Data Pribadi (“UU PDP 2022”). If you are an Indonesia resident, you have the following rights regarding your personal information:
(1) Right to Obtain Information and Access
You may request confirmation regarding whether we process your personal data and obtain access to such data, including the purpose of processing and how your data is being used.
(2) Right to Rectification and Completion
You may request correction or completion of inaccurate or incomplete personal data that we hold about you.
(3) Right to Erasure
You may request the deletion of your personal data in certain circumstances, including when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent.
(4) Right to Restrict or Terminate Processing
You may request limitation or termination of the processing of your personal data if the processing is unlawful, inaccurate, or no longer relevant to the original purpose.
(5) Right to Withdraw Consent
Where processing is based on consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
(6) Right to Data Portability
You may request transfer of your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another data controller, when technically feasible.
(7) Right to Object to Automated Decision-Making
You may object to decisions made solely on automated processing, including profiling, if such decisions significantly affect your rights.
(8) Right to Compensation
You are entitled to compensation for any violations of your personal data rights as stipulated under the UU PDP 2022.
Your personal information will be used primarily in connection with operating and facilitating the Service. However, we may send your Personal Information to other companies or people:
In addition, we may use third party services such as Google Analytics that collect, monitor and analyze this type of information in order to increase our Service's functionality. This analysis helps us to (i) better understand your use of, or interest in, our products, services, content, as well as the products, services and content offered by others; (ii) communicate with you via email, regular mail, telephone and/or mobile devices about products or services that you may be interested in; and (iii) develop, display, and tailor content and advertising to your interests.
Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive. Cookies allow your server or device to store its own information and can be used to customize pages and automatically recognize you based on your past usage. Cookies can help streamline your user experience and specifically tailor your information for your experience.
We use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. Rejecting cookies, however, may affect your ability to use the Service and some program features or services may not function properly if cookies are disabled. If you do not reject cookies, we assume that you consent to the use of cookies.
The information you provide to us will be kept in our database. The security of your Personal Information is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security and any transmission of Personal Information is done at your own risk. We rely on professional hosting solutions that use reasonable care in maintaining security measures to protect you and our systems against unauthorized access to, or alteration, disclosure, destruction or loss of personal data hosted on our system. These protections, however, are not a replacement for the security measures in your control. It is important that you protect against unauthorized access to your password and to your computer or mobile device.
We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
This Policy exclusively addresses our activities from our servers and does not make promises or guarantees as to other third party sites or services that may be used in conjunction with our Service. We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Servicerelated services or to assist us in analyzing how our Service is used. We take care to select and enter into agreements with third parties capable of maintaining appropriate security measures that are in line with our policies and relevant privacy laws and regulations. These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. These third party service providers have their own privacy policies addressing how they use such information.
Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.
We will disclose your Personal Information where required to do so by law or subpoena or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service. We reserve the right to release all types of information to law enforcement agencies if we determine, in our sole judgment, that either you have violated our policies, or the release of information about you may protect the rights, property, or safety of us or another person.
If PT AURACHAT INDO MEDIA is involved in a merger, acquisition, asset sale, bankruptcy or reorganization, your Personal Information may be shared, as well as retained by us. By providing us with your Personal Information, you consent to that transfer.
Our Service is not marketed to under the age of 13, or the equivalent minimum age in the relevant jurisdiction, and we do not knowingly collect personally identifiable information from children. We encourage parents to be involved in the online activities of their children to ensure that no information is collected from a child without verifiable parental permission. If we become aware that a child has provided us with Personal Information, we will delete such information from our servers as soon as possible.
To use AuraChat you must be at least 18 years of age. If you are under 18 years of age, please do not use our Service.
We reserve the right to replace, modify or amend this Policy from time to time. It is your responsibility to review this Policy periodically for any changes. Changes to this Policy are effective when they are posted on this page, as reflected by updating the date at the beginning of this Policy, and your continued use of our Service represents your consent to any changes in our Policy. Any changes made will apply to information collected after the revised date.
If your Personal Information changes, or if you no longer desire our Service, you may correct, update, delete, or deactivate it by making the change on the member information page or by emailing us at support@aurachat.id.
If you give the company your Personal Information and you wish to opt-out of receiving communications from us, our partners, or our third party providers, simply click on the opt-out link provided in the e-mail communication.
Please also visit our Terms of Use and our Advisor Terms and Conditions which explain the use, disclaimers, and limitations of liability governing your use of our Service.
In the event of a data breach, we will notify the owners of AuraChat accounts within 72 hours of the discovery of said breach.
If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:
PT AURACHAT INDO MEDIA
Jalan Umalas Klecung, Gang 9, No. 5
Kuta Utara, Bali, 80361
Indonesia
Email: jessiearjuna@aurachat.id
Website: www.aurachat.id