Privacy Policy

Last updated: February 13, 2026

1. Introduction

SAIN Industries, Inc. ("Company," "we," "us," or "our") respects your privacy and is committed to protecting it through the practices described in this policy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our moreaura service ("Service").

2. Information We Collect

2.1 Information You Provide

• Account information (name, email address, password)
• Profile information and preferences
• Payment and billing information
• Communications with our AI assistant
• Content you create, upload, or share through the Service
• Information from third-party integrations you connect

2.2 Information Collected Automatically

• Device information (browser type, operating system)
• Log data (IP address, access times, pages viewed)
• Usage data (features used, actions taken)
• Cookies and similar tracking technologies

3. How We Use Your Information

• Provide, maintain, and improve the Service
• Process transactions and send related information
• Send you technical notices and support messages
• Respond to your comments and questions
• Develop new features and services
• Monitor and analyze trends, usage, and activities
• Detect, investigate, and prevent fraudulent or unauthorized activity
• Personalize and improve your experience

4. AI and Data Processing

Our Service uses artificial intelligence to process your requests and provide assistance. When you interact with our AI assistant:

• Your conversations may be processed by AI models to generate responses
• We do not use your Google user data or connected integration content to train general-purpose AI models. Any future use of other customer content for product improvement will require appropriate notice, controls, and consent.
• You can request deletion of your conversation history at any time; some agent runtime session data, billing records, security logs, and provider records may have technical or legal retention limitations.
• Native integration credentials are encrypted before storage. Some integrations are processed by subprocessors, such as Composio, that store and proxy credentials on our behalf.

5. Third-Party Integrations

When you connect third-party services (such as Google, Slack, or Salesforce) to moreaura, we access the data needed to provide the features you request and authorized through the provider's consent screen. Each integration operates under its own privacy policy, and we encourage you to review those policies. You can disconnect integrations at any time through your account settings.

5a. Composio (Integration Sub-Processor)

For most third-party integrations — including Google Workspace, Slack, Tavily, and others — moreaura uses Composio as a sub-processor that brokers OAuth authorization and securely proxies tool calls to those services. When you connect an integration:

• You consent to the integration's required scopes through that provider's standard OAuth screen.
• Composio holds the resulting OAuth tokens on our behalf, encrypted at rest, and proxies our agents' requests to the underlying service (e.g., the Gmail API).
• The data returned (e.g., email contents, calendar events) flows through Composio to your moreaura agent. Composio's processing of that data is governed by its privacy policy and applicable service terms or data-processing terms.
• You may disconnect any integration at any time from within moreaura; we will instruct Composio to revoke and delete the corresponding stored tokens.
• For users connected before the Composio rollout, integrations remain on the legacy direct-OAuth path until migrated; you will be notified before any migration of your active connections.

Composio is engaged as a service provider/sub-processor for integration brokerage. Its use of data is governed by Composio's applicable service terms, privacy policy, security documentation, and any data-processing terms in place with moreaura.

5b. Google API Services — Limited Use Disclosure

When you connect your Google account, moreaura requests access to the following Google API scopes:

• Gmail (read & send): To read, summarize, and draft email responses on your behalf through your AI agent.
• Google Calendar (read & write): To view your schedule and create or modify events when you ask your AI agent to manage your calendar.
• Google Drive (read-only): To search metadata and retrieve files you reference in conversations with your AI agent. moreaura does not request the broad Drive scope used for Drive deletion.
• Google Docs, Sheets, and Slides (read & edit): To read and edit document, spreadsheet, and presentation content when you ask your AI agent to work on those files.
• User profile (email & profile): To identify your Google account and display your name and email within the Service.

moreaura's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically:

• We only use Google data to provide and improve the features you explicitly request.
• We do not use Google data for advertising, selling to third parties, or training general-purpose AI models.
• We do not allow humans to read your Google data except where necessary for security purposes, to comply with applicable law, or with your explicit consent.
• OAuth tokens are encrypted at rest. You can revoke access at any time by disconnecting Google in your chat settings or at myaccount.google.com/permissions.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: With vendors who assist in providing the Service
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• Legal Requirements: When required by law or to protect our rights
• With Your Consent: When you have given us permission to share

7. Data Security

We implement technical and organizational measures intended to protect your personal information, including authenticated access controls, encrypted transport, provider-managed encryption at rest for core infrastructure, encrypted native credential storage, and audit logging for selected actions. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

7a. User Controls and Approval Flows

moreaura provides controls intended to help users manage how their agent uses data and takes action:

• Saved memories can be reviewed and deleted.
• Core account data can be exported through authenticated app flows.
• Core Aura-owned account data can be deleted, subject to billing, security, provider, and legal retention limits.
• Sensitive agent actions can require a persisted approval request before execution, and approval decisions are recorded in audit logs.

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with legal obligations, resolve disputes, maintain security records, and enforce our agreements. Conversation/session data stored in agent runtime systems may have different export or deletion behavior than core application data.

9. Your Rights

Depending on your location, you may have the following rights:

• Access and receive a copy of your personal data
• Rectify inaccurate personal data
• Request deletion of your personal data
• Object to or restrict processing of your data
• Data portability
• Withdraw consent at any time

To exercise these rights, please contact us at business@sainindustries.com.

10. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, please contact us at:

SAIN Industries, Inc.
Email: business@sainindustries.com