Aura | Internet Brand Markets

Aura Privacy Policy

Last Modified: September 2, 2025

Aura is a product operated by KIKI World, Inc. ("KIKI," "we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use the Aura application, websites, and related services (collectively, the "Services"). It also describes your choices and rights.

If you have any questions about this Privacy Policy or our practices, contact privacy@kikiworld.io or:

KIKI World, Inc.
501 Santa Monica Blvd., Suite 501
Santa Monica, CA 90401
USA

For EU/UK inquiries, our local representative can be reached at eu@kikiworld.io.

Important: Aura enables Creators to run presales that may result in the issuance of brand/community tokens ("Tokens"). Participation is experimental and risky. Tokens are not investment products, do not represent equity or ownership in KIKI or a Creator, and may have limited or no functionality. Certain information (e.g., wallet addresses and on‑chain transactions) is public and may be immutable once written to a blockchain.

1. Who This Policy Covers

This policy applies to:

Users of Aura (including Creators launching presales and Supporters who participate), and visitors to our websites.

People we contact or who contact us regarding the Services.

It does not cover how Creators independently collect or use data from their own audiences. Creators are independent controllers of any personal information they collect outside Aura; please review their privacy notices as applicable.

2. Personal Information We Collect

We collect the following categories of information, depending on how you use Aura:

A. Account & Identity Data

Name, display name, username/handle

Email address and (optionally) phone number

Age confirmation (e.g., 13+/18+)

Profile photo, biography, links

B. Creator & Presale Data

Project details, descriptions, media and updates

Presale terms (e.g., goal, timeline, perks/utility)

Communications with Supporters

C. Wallet & Transaction Data

Public wallet address(es) you connect

Network(s) used, signatures you approve, smart‑contract interactions

Presale participation amounts and status (e.g., pledged USDC, refunds if targets not met)

Resulting Token issuance and on‑chain events

We never store your private keys or seed phrases. Never share them with anyone claiming to be from KIKI.

D. Technical & Usage Data

Log files (IP address, device identifiers, browser type/version, language, date/time stamps)

App and page views, referring/exit pages, clickstream data

Session metadata, diagnostics, crash data, and performance analytics

Cookie and similar technology data (see Cookies & Similar Technologies)

E. Communications & Support

Messages you send to us (including email and in‑app support)

Feedback and surveys

F. User Content

Media you upload (images, videos, audio), text, comments, and other content you submit

G. Third‑Party Sources

Service providers and partners (e.g., analytics, fraud prevention, CRM)

Public blockchains and public sources (e.g., open profiles)

Social platforms, if you connect or interact via them

We collect information you provide directly, automatically via the Services, and from third parties consistent with this Policy and applicable law.

3. How We Use Personal Information

We use personal information to:

Provide and operate the Services (including presales, Token issuance workflows, refunds when presale goals are not met, and Creator–Supporter communications)

Secure the Services (fraud prevention, abuse/threat detection, incident response)

Comply with legal/contractual obligations and enforce our Terms of Use

Communicate with you (service announcements, updates, support, and—with consent where required—marketing)

Improve and develop features, including research, testing and analytics

Personalize your experience (e.g., remembering settings, suggested content)

Facilitate payments/refunds via third‑party processors and infrastructure providers

We may aggregate or de‑identify data so it can no longer reasonably identify you. We use and share such data for product insights, safety, and business analytics.

4. Legal Bases for Processing (EEA/UK Only)

Where GDPR/UK GDPR applies, we process your data under these legal bases:

Contract: to provide the Services you request

Legitimate interests: to secure and improve Aura, prevent fraud/abuse, and communicate about similar services (balanced against your rights)

Consent: for certain marketing, cookies, and where required for optional features

Legal obligations: to comply with applicable laws and regulatory requirements

You may withdraw consent at any time (this will not affect processing prior to withdrawal).

5. Cookies & Similar Technologies

We use cookies, local storage, and similar technologies to enable core functionality (e.g., security, session management), remember preferences, and perform analytics. Where required, we display a consent banner with controls. You can manage cookies in your browser settings; disabling some cookies may impair the Services.

6. How We Share Information

We do not sell personal information. We share information as follows:

A. Service Providers (Processors)

With carefully selected vendors that help us operate (e.g., hosting, infrastructure, security, analytics, customer support, email/SMS, wallet connection, blockchain nodes, payment and stablecoin services). They act under contracts and may only process data per our instructions.

B. Creators & Supporters

If you are a Creator, certain project/presale details and your updates are visible to Supporters and visitors.

If you are a Supporter, your connected wallet address and on‑chain activity are publicly visible on the relevant blockchain. Creators may see aggregate presale participation and fulfillment data.

C. Public Blockchains

On‑chain transactions (e.g., presale contributions, Token issuance, refunds) are public, indexable, and may be permanent. We cannot edit or delete on‑chain records.

D. Corporate Transactions

If we are involved in a merger, acquisition, financing, restructuring, or sale of assets, information may be transferred as part of that transaction, subject to standard confidentiality and continuity protections.

E. Legal, Compliance & Safety

We may disclose information if required by law or in good faith to: (i) comply with legal process; (ii) protect the rights, property, or safety of KIKI, users, or the public; (iii) enforce our Terms; or (iv) detect, prevent, or address fraud, security, or technical issues.

7. Your Choices & Rights
Marketing

You may opt out of marketing emails by using the unsubscribe link in our emails or contacting privacy@kikiworld.io. You may manage SMS (if offered) via in‑message instructions. You will still receive transactional/service messages.

Access, Correction, Deletion & Portability

Depending on your location, you may have rights to access, correct, delete, or receive a copy of your personal information. We will honor these to the extent required by law. Note: we cannot modify or delete public blockchain records.

U.S. State‑Specific Rights (e.g., CA/VA/CO/CT/UT)

Residents of certain U.S. states may have additional rights (e.g., to know/access, correct, delete, portability, opt‑out of targeted advertising and certain disclosures). We do not sell personal information. You can exercise applicable rights by emailing privacy@kikiworld.io. Where available by law, you may submit an appeal of our decision by replying to our response.

EEA/UK Rights

Where GDPR/UK GDPR applies, you may have rights to access, rectify, erase, restrict or object to processing, and data portability, and the right to lodge a complaint with your supervisory authority. Contact eu@kikiworld.io or privacy@kikiworld.io.

8. Data Retention

We retain personal information for as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements. Certain records (e.g., on‑chain data) may be retained indefinitely due to technical or legal requirements.

9. Security

We use administrative, technical, and physical safeguards designed to protect personal information. However, transmission over the Internet or storage systems cannot be guaranteed 100% secure. If you believe your account or wallet has been compromised, contact us immediately at security@kikiworld.io or privacy@kikiworld.io.

Reminder: We will never ask for your seed phrase or private keys.

10. International Data Transfers

We are based in the United States and may transfer, store, and process information in the U.S. and other countries where we or our service providers operate. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for cross‑border transfers.

11. Children’s Privacy

Aura is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided personal information, contact us and we will take appropriate action, including deletion where feasible.

12. Do Not Track & Global Privacy Control

Some browsers transmit "Do Not Track" or global privacy signals. Our Services may not respond to all such signals. Where required by law, we will treat recognized opt‑out signals as a request to opt‑out of targeted advertising or similar disclosures.

13. Automated Decision‑Making

We do not engage in automated decision‑making that produces legal or similarly significant effects without human involvement. We may use automated systems for fraud detection, abuse prevention, and service performance.

14. Third‑Party Links & Integrations

The Services may contain links to third‑party websites, wallets, or integrations. We are not responsible for their privacy practices. Please review their privacy policies.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version with a new "Last Modified" date. Material changes will be notified via the Services or by email where required by law. Your continued use of the Services after the effective date constitutes acceptance.

16. Contact Us

Questions, requests, or complaints regarding this Privacy Policy or your personal information:

Email: privacy@kikiworld.io
EU/UK Representative: eu@kikiworld.io
Mail: KIKI World, Inc., 501 Santa Monica Blvd., Suite 501, Santa Monica, CA 90401, USA

Supplemental California Notice (CPRA)

This section applies to California residents:

Categories Collected: identifiers (e.g., email, wallet address), commercial information (presale participation), Internet/network activity, geolocation (approximate), user content, and inferences (product preferences). We may collect limited sensitive data (e.g., account authentication tokens) but not precise geolocation, financial account numbers, or government IDs.

Sources: you, your devices, service providers, public blockchains, public sources.

Purposes: see Section 3 above.

Disclosure for Business Purposes: to service providers/processors and as described in Sections 6(A)–(E).

Sale/Sharing: we do not sell personal information. We may disclose for cross‑context behavioral advertising consistent with law; you can opt‑out by emailing privacy@kikiworld.io or via any available in‑product controls. We do not knowingly sell/share data of users under 16.

Rights: to know/access, delete, correct, portability, opt‑out of sale/share/targeted advertising, limit use/disclosure of sensitive PI (where applicable), and non‑discrimination. Submit requests at privacy@kikiworld.io. If we deny your request, you may appeal by replying to our response.

Effective Date: September 2, 2025