The short version: we collect only what is necessary to run MyAurum. We do not sell your data, share it with third parties, or use it for advertising. Your portfolio data belongs to you.
MyAurum is a web-based precious metals portfolio tracker available at myaurum.app. It is operated by Aurum Fintech, registered in India.
| Data | Why We Collect It | Storage |
|---|---|---|
| Name and email address | To create and manage your account, send verification emails, and deliver price alerts you set | Encrypted · Deleted on account closure |
| Password (hashed) | To authenticate you. Passwords are transformed into an unreadable fingerprint — we cannot read, recover, or share your password. | Encrypted · Deleted on account closure |
| Portfolio holdings you enter | To calculate and display the value of your metals. Sensitive fields are encrypted before reaching our database — unreadable even to us. | Encrypted · Deleted on holding or account closure |
| Price alert preferences | To notify you when gold or silver crosses a price you set | Encrypted · Deleted on alert or account closure |
| Google account details (if you sign in with Google) | To authenticate you via Google OAuth. We receive your name and email only. | Encrypted · Deleted on account closure |
| Google Sheets access token (if you use export) | To create a spreadsheet in your Google Drive on your behalf. The token is temporary and never stored on our servers. | Not stored · Session only, expires within 1 hour |
We do not collect behavioural data, browsing history, device fingerprints, location data, or any information beyond what is listed above. We do not build user profiles, run targeted advertising, or share data with data brokers.
If you sign in with Google, we receive your name and email address from Google. We use this solely to create and identify your MyAurum account. We do not access any other Google account data.
If you use the Google Sheets export feature, we request a temporary access token to create a spreadsheet in your Google Drive. This token is used only during the export operation and is never stored on our servers. We do not read, modify, or access any existing files in your Google Drive.
Our use of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements.
Your data is stored on enterprise cloud infrastructure in the United States. We use industry-standard encryption for data in transit (TLS) and at rest. Passwords are hashed using bcrypt and are never stored in readable form. Estate notes are encrypted on your device before they reach our servers — we store only ciphertext we cannot read.
We have designed MyAurum's security architecture with multiple independent layers of protection. In the unlikely event of any security incident, we will notify affected users promptly and take all reasonable steps to contain and address it.
We use Google Analytics (GA4) to understand how visitors use MyAurum — pages visited, time on site, and general geographic region. This data is aggregated and anonymous. We do not use advertising cookies or track individual users across other websites.
You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.
To operate MyAurum, we work with a small number of carefully selected infrastructure and service providers — covering hosting, transactional email delivery, payment processing, and authentication. Each provider is subject to their own privacy policy and data handling standards.
We share only the minimum data each provider needs to perform their function. No provider receives your portfolio holdings or estate notes.
You have the right to access the personal data we hold about you, correct inaccurate data, request deletion of your account and all associated data, and withdraw consent at any time.
To exercise any of these rights, email us at [email protected]. We will respond within 30 days.
You can request deletion of your account and all associated data at any time by emailing [email protected]. We will permanently delete your data within 7 days of receiving your request.
MyAurum is not intended for use by anyone under the age of 18. We do not knowingly collect data from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.
We may update this policy from time to time. We will notify registered users of material changes by email. The effective date shown in the footer of this page will always reflect the most recent version.
For any privacy-related questions or requests, contact us at [email protected].
← Back to MyAurum