Aura Kingdom: Allure of The Past
Sign in

Privacy Policy

Last updated: June 29, 2026

The Service is offered in multiple languages, but this document is maintained in English. The English version is authoritative and prevails over any translation in the event of any conflict or discrepancy.

1. Introduction

This Privacy Policy describes how the operators of Aura Kingdom: Allure of The Past (the “Service”, “we”, “us”, or “our”) collect, use, disclose, and safeguard information about you when you access or use the Service, including the web portal at aurakingdom.net and the associated game client and services. By using the Service, you consent to the practices described in this Policy. This Policy should be read together with our Terms of Service.

2. Information We Collect

We collect the following categories of information:

  • Account information: the username you choose, your email address, and a securely hashed (not plaintext) representation of your password.
  • Authentication and session data: session tokens, login timestamps, and the “remember me” preference, stored to keep you signed in and to secure your account.
  • Technical and device data: your Internet Protocol (IP) address, browser user-agent string, approximate location inferred from your IP, and similar diagnostic information collected automatically when you interact with the Service.
  • Gameplay data: characters, progression, in-game activity, play time, and related records necessary to operate the game.
  • Transaction data: a record of purchases, amounts, currency, and status. Payment card details are collected and processed by our third-party payment processors and are not stored by us.
  • Communications and links: messages you send to support, and identifiers associated with optional integrations you choose to connect, such as a linked Discord account.

3. How We Collect Information

We collect information directly from you when you register, sign in, make a purchase, link an external account, or contact us; automatically through cookies and similar technologies as you use the Service; and from third parties such as payment processors and security or infrastructure providers acting on our behalf.

4. Cookies and Similar Technologies

We use a small number of strictly necessary cookies and similar technologies to operate the Service, including a session cookie used to authenticate you and to maintain your signed-in state. These technologies are essential to providing the Service and cannot be disabled without impairing core functionality. We do not use the portal to serve third-party advertising.

5. How We Use Information

We use the information we collect to:

  • Create, operate, and maintain your account and provide the Service;
  • Authenticate you, keep you signed in, and protect the security and integrity of your account;
  • Process and deliver purchases and maintain transaction records;
  • Send transactional communications such as email verification, password recovery, security notices, and receipts;
  • Detect, investigate, and prevent fraud, abuse, cheating, and violations of our Terms;
  • Diagnose technical problems, monitor performance, and improve the Service;
  • Comply with applicable legal obligations and enforce our agreements.

6. Legal Bases for Processing

Where applicable data-protection law (such as the GDPR) governs our processing, we rely on the following legal bases: performance of a contract with you (to provide the Service and process purchases); our legitimate interests (to secure, maintain, and improve the Service and prevent abuse), provided those interests are not overridden by your rights; your consent (where specifically requested, such as for optional integrations); and compliance with legal obligations.

7. How We Share Information

We do not sell your personal information. We share information only as necessary to operate the Service and as described below:

  • Service providers and processors who perform functions on our behalf, including payment processing, content delivery and security, email delivery, and hosting, each bound to handle information consistent with this Policy;
  • Optional integrations you choose to enable, where information is shared with that platform at your direction;
  • Legal and safety disclosures, where we believe in good faith that disclosure is necessary to comply with a law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of the Service, our users, or the public;
  • Business transfers, in connection with a merger, transfer of operations, or similar event, subject to this Policy.

8. Data Retention

We retain personal information for as long as your account remains active or as needed to provide the Service, and thereafter only as necessary to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our agreements. Short-lived data such as verification codes and session tokens expires automatically after a limited period. When information is no longer required, we take reasonable steps to delete or anonymize it.

9. Security

We implement reasonable technical and organizational measures designed to protect your information, including hashing passwords, storing session and recovery tokens only in hashed form, encrypting traffic in transit, and applying rate-limiting and access controls. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your credentials confidential.

10. International Transfers

The Service and its providers may process and store information in countries other than your own, where data-protection laws may differ from those in your jurisdiction. Where required, we take steps to ensure that such transfers are subject to appropriate safeguards.

11. Children’s Privacy

The Service is not directed to children under the age of thirteen (13), and we do not knowingly collect personal information from children under thirteen. If you believe that a child under the applicable minimum age has provided us with personal information, please contact us so that we may take appropriate action, including deleting that information.

12. Your Rights and Choices

Depending on your location, you may have rights regarding your personal information, including the rights to access, correct, update, delete, restrict, or object to certain processing, to data portability, and to withdraw consent where processing is based on consent. You can update certain account information directly within the portal, or contact us to exercise your rights. We will respond consistent with applicable law. You also have the right to lodge a complaint with your local data-protection supervisory authority.

13. California Privacy Notice

If you are a California resident, you may have additional rights under the California Consumer Privacy Act, including the right to know the categories of personal information collected, the right to request deletion, and the right not to be discriminated against for exercising your rights. We do not sell personal information as that term is defined under applicable law.

14. Third-Party Links and Services

The Service may contain links to, or integrations with, third-party websites and services that are not operated by us. This Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third party before providing them with your information.

15. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version becomes effective upon posting unless otherwise stated, and the “Last updated” date above will reflect the most recent revision. Where required by law, we will provide additional notice of material changes. Your continued use of the Service after the effective date constitutes your acknowledgment of the updated Policy.

16. Contact

If you have questions or requests regarding this Privacy Policy or your personal information, please reach us through the support page available within the Service.