Koru Privacy Policy
Last Updated: 23 December 2025
This Privacy Policy explains how Aether Apps LTD (“Koru,” “we,” “us”) collects, uses, discloses, and protects information when you use our websites, mobile applications, and related services (collectively, the “Services”).
‍Data Controller: Aether Apps LTD
Contact: support@aetherapps.ai
1) Scope
‍This Policy applies to information processed through the Services. It does not cover third-party services you may access through links or platform features (e.g., Apple, Google), which have their own privacy policies.
‍2) Information We Collect
‍We collect the following categories of information:
‍A) Information you provide
Account information: email address; name (optional); country/region (optional).
‍Support communications: messages you send to us, attachments, and information you choose to share.
‍Web purchase information: billing contact details and transaction metadata when you purchase through our website.
‍Payment card details are handled by Stripe and are not stored by Koru.
B) Information collected automatically
Device and app information: device type, operating system, app version, language, time zone, IP address, and app identifiers.
‍Usage and interaction data: feature usage, screens viewed, session duration, and in-app events.
‍Diagnostic data: crash reports and performance data.
‍C) Subscription status (App Stores)
‍If you subscribe via Apple App Store or Google Play, we may receive limited information needed to confirm subscription status (e.g., active/expired), to provide Premium access.
‍3) How We Use Information
‍We use information to:
‍Provide and operate the Services (account, preferences, Premium access)
‍Process payments and manage subscriptions (web purchases via Stripe; subscription status via app stores)
‍Improve performance and reliability (analytics, debugging, crash reporting)
‍Measure and optimize acquisition (attribution and marketing performance)
‍Provide customer support and communicate about your account and the Services
‍Protect the Services (security, fraud prevention, abuse detection)
‍Comply with legal obligations (tax/accounting, lawful requests)
‍4) Legal Bases (EEA/UK GDPR)
‍Where GDPR/UK GDPR applies, we rely on:
‍Contract: to provide the Services and Premium features you request.
‍Legitimate interests: to secure, maintain, and improve the Services; understand usage; prevent fraud (balanced against your rights).
‍Consent: for certain tracking technologies where required (including certain marketing/attribution identifiers), and for marketing emails where required.
‍Legal obligation: compliance and record-keeping.
‍5) Service Providers and Third Parties We Use
‍We do not sell your personal data.We share personal data with trusted providers only as needed to operate the Services:
‍Firebase Analytics (Google): app usage analytics and aggregated measurement.
‍Firebase Crashlytics (Google): crash reporting and diagnostics.
‍Stripe: web payment processing (Koru does not store full card numbers).
‍AppsFlyer: marketing attribution (e.g., measuring which campaigns bring installs/conversions).
‍Apple / Google: app distribution and subscription purchase processing (if you subscribe via app stores).These providers act as processors (or in some cases independent controllers) depending on the context and their role.
They are subject to contractual and legal obligations to protect data.
‍6) Marketing Attribution (AppsFlyer)
‍We use AppsFlyer to understand how users find Koru and to measure marketing effectiveness. This may involve processing identifiers such as device advertising identifiers (for example IDFA on iOS and GAID/AAID on Android, where available and permitted by your device settings), IP address, app event timestamps, and attribution parameters.
Where required by law, we will request your consent before enabling non-essential tracking (including certain attribution identifiers) and provide a way to manage your choices.
‍7) Cookies and Similar Technologies (Website)
‍Our website may use cookies and similar technologies for:
‍strictly necessary purposes (security, core functionality),
‍analytics (understanding site performance),
‍marketing/attribution (where enabled and permitted).Where required, you can manage cookie preferences through a consent banner or settings.
‍8) International Transfers
‍We may process and store information outside your country, including outside the EEA/UK. When personal data is transferred internationally, we use appropriate safeguards such as:
‍EU Standard Contractual Clauses (SCCs) and/or
‍UK transfer mechanisms,
plus additional safeguards where appropriate.
‍9) Data Retention
‍We retain personal data only as long as necessary for the purposes described:
‍Account data: while your account is active; deleted/anonymized within a reasonable time after you request deletion, unless legally required to retain it.
‍Billing records (web): retained as required by tax/accounting laws.
‍Analytics and diagnostics: retained for a limited period and then deleted or aggregated.
‍Support communications: retained for operational and legal needs, then deleted.
‍10) Security
‍We use reasonable technical and organizational measures to protect data (encryption in transit, access controls, least privilege, monitoring). No method of transmission or storage is fully secure.
‍11) Your Rights (EEA/UK/Switzerland)
‍Depending on your location, you may have rights to:
access, correct, delete your personal data;
object to or restrict processing;
data portability;
withdraw consent (where processing is based on consent);
lodge a complaint with your local data protection authority.
To exercise rights, contact support@aetherapps.ai. We may request verification before fulfilling your request.
‍12) Push Notifications and Emails
Push notifications: you can turn them off in device settings.
‍Service emails: we may send essential messages about your account, security, or subscriptions.
‍Marketing emails (if any): where required, only with opt-in and you can unsubscribe any time.
‍13) Children’s Privacy
‍Koru is not intended for children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided data, contact us and we will delete it.
‍14) Third-Party Links
‍The Services may include links to third-party sites. We are not responsible for their privacy practices.
‍15) Changes to This Policy
‍We may update this Policy from time to time. If changes are material, we will provide reasonable notice (e.g., in-app notice or email). The “Last Updated” date reflects the latest revision.
‍16) Contact Aether Apps LTD
Email: support@aetherapps.ai