Privacy Policy

1. Who We Are

Aurelia Method operates the website aureliamethod.com and the private member portal at vault.aureliamethod.com. We provide personalized 1:1 wellness coaching programs and digital wellness products. For privacy questions, contact us at support@aureliamethod.com.

2. Information We Collect

Information you provide directly:

• Name, email address, and phone number when you submit a contact or intake form
• Wellness and coaching goals you share in our intake forms
• Payment information — collected and processed securely by Stripe. We do not store your credit card number, CVV, or full payment details on our servers.
• Login credentials for The Vault (email and password, stored encrypted via Supabase Auth)
• Support messages and communications you send to us
• Supply orders placed through the member portal

Information collected automatically:

• IP address and browser type when you visit our website
• Pages viewed and time spent on each page
• Last login time and device type when accessing The Vault

Information from third parties:

• Payment confirmation data from Stripe (payment status, amount, subscription ID — not card details)
• Delivery confirmation and tracking data from shipping carriers

3. How We Use Your Information

We use the information we collect to:

• Process your enrollment and payments
• Create and manage your member account and vault access
• Deliver your personalized coaching plan and program materials
• Send transactional emails including purchase confirmations, shipment tracking, vault invitations, and program reminders via SendGrid
• Send SMS notifications for shipment tracking and payment links via Twilio (if you provided a phone number)
• Respond to your support requests
• Improve our programs, website, and services
• Comply with our legal obligations

We do not sell your personal information to any third party. We do not share the health or wellness goals you describe in our intake forms with any advertising platform.

4. Third-Party Service Providers

We work with the following trusted service providers who may process your data on our behalf:

• Stripe, Inc. — Payment processing. PCI-DSS Level 1 certified. Stripe Privacy Policy
• Supabase, Inc. — Database hosting and authentication. Supabase Privacy Policy
• Twilio SendGrid — Transactional email delivery. Privacy Policy
• Twilio, Inc. — SMS notifications. Privacy Policy
• Netlify, Inc. — Website and serverless function hosting. Netlify Privacy Policy

5. Data Retention

• Account data is retained for as long as your account exists. Deletion requests are processed within 30 days, except where required by law.
• Payment records and transaction logs are retained for 7 years in accordance with financial record-keeping requirements.
• Support communications are retained for 2 years.

6. Your Rights and Choices

• Access: Request a copy of the personal information we hold about you
• Correction: Request that we correct inaccurate or incomplete information
• Deletion: Request deletion of your personal data (subject to legal retention requirements)
• Opt-out of SMS: Reply STOP to any text message at any time
• Opt-out of emails: Use the unsubscribe link in any marketing email. Transactional emails (receipts, tracking, vault access) cannot be opted out of while your program is active.

To exercise any of these rights, email support@aureliamethod.com. We will respond within 30 days.

7. Cookies and Tracking

Our public website uses cookies necessary for site functionality and a limited set of measurement tags to understand how visitors arrive at and interact with our pages. Specifically, we use:

• Google Ads measurement (gtag.js): measures whether a visitor who arrived from a Google ad submitted a contact or consultation form. We do not pass any health, wellness goal, or sensitive content from your form into this tag.

If we add additional measurement tags in the future (for example, a Meta or TikTok measurement pixel), we will update this section to disclose them and will continue to exclude any health, wellness goal, or sensitive form content from what is sent. The Vault uses a secure session token to keep you logged in — this is a functional requirement only.

8. Data Security

We use encrypted data storage via Supabase, HTTPS on all pages, secure password hashing, and Row Level Security policies ensuring each member can only access their own data. Payment information is never stored on our servers — all payment data flows directly through Stripe's PCI-compliant systems.

9. Children's Privacy

Our services are intended for adults aged 18 and older. We do not knowingly collect personal information from anyone under 18. Contact support@aureliamethod.com immediately if you believe a minor has submitted information to us.

10. California Privacy Rights (CCPA)

California residents have rights under the CCPA including the right to know what personal information we collect, the right to delete it, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your California rights, contact support@aureliamethod.com.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the date at the top of this page and, where appropriate, notify you by email.

12. Contact Us

• Email: support@aureliamethod.com
• Website: aureliamethod.com