Privacy Policy

This explains what personal information I collect when you use The Aurora Code, why I collect it, and what rights you have over it. It’s written in plain English because legal privacy notices don’t have to be complicated.

Last updated: 22 April 2026

Who I am

I’m Kelly Wright, trading as The Aurora Code. I’m a sole trader based in the UK, providing remote sound-frequency and wellness sessions.

For the purposes of UK GDPR, I am the data controller — which means I decide what data to collect and why.

You can reach me at theauroracode222@gmail.com or on WhatsApp at 07404 545042.

What information I collect

I only collect the information I genuinely need. That’s:

If you contact me through the website form

  • Your name
  • Your email address
  • Which session you’re interested in (optional)
  • The message you send
  • Basic technical info (the page you submitted from, where you came from)

If you book a session via Beacons

Beacons handles your booking and payment on my behalf. They collect:

  • Your name and contact details
  • Payment information (processed by their payment providers — I never see your card details)
  • Any booking notes you add

Beacons has their own privacy policy: beacons.ai/privacy.

If you send me input for your personalised session

To create your session audio, I need specific input from you (sent by email or WhatsApp after you book). This may include voice recordings or written responses. I store this only as long as needed to create and deliver your session, then I delete it.

Why I collect it (the legal bit)

Under UK GDPR, I need a “lawful basis” for each kind of data. Here’s mine:

  • To reply to your enquiry — legitimate interests (you contacted me, so it’s expected)
  • To deliver a session you’ve booked — contract (I need this to fulfil what you’ve paid for)
  • To keep basic records of bookings — legal obligation (HMRC require me to keep business records)
  • If I ever want to send you an update or news — consent (I’d ask you first, and you could unsubscribe anytime)

How long I keep it

  • Enquiry messages: up to 12 months after our last contact, then deleted
  • Session input (voice recordings, forms): deleted within 30 days of your session being delivered, unless you ask me to keep it
  • Booking and payment records: 6 years, as required by UK tax law
  • Delivered audio files: kept on request only — otherwise deleted from my systems after delivery (you keep your own copy)

Who I share your information with

I keep things as simple as possible. The only third parties who might handle your data on my behalf are:

  • Beacons — booking and payment processing
  • Brevo — the email service that delivers enquiry emails to me (they process, they don’t store long-term)
  • WhatsApp (Meta) — if you message me on WhatsApp, their privacy terms apply to that conversation
  • My web host (DigitalOcean) — stores the website and processes any contact-form enquiries in transit

I don’t sell your data to anyone, ever. I don’t share it for marketing. If I were ever legally required to share information (by a court order, for example), I would.

Your rights

Under UK GDPR, you have the right to:

  • Ask what I hold about you — and get a copy
  • Correct it if something’s wrong
  • Ask me to delete it (within reason — I have to keep some things for tax)
  • Restrict or object to how I use it
  • Take it with you to another service (data portability)
  • Withdraw consent if that was the basis for the processing

Just email me at theauroracode222@gmail.com and I’ll get back to you within 30 days.

Cookies

This website uses no tracking cookies, no analytics, and no advertising pixels. Your visit isn’t tracked in any meaningful way beyond basic server logs (the kind every website has).

If that changes in the future, I’ll add a cookie banner and update this policy.

If you’re not happy

If you think I’ve handled your data badly, please tell me first — I want to put it right. Email theauroracode222@gmail.com.

You also have the right to complain to the UK Information Commissioner’s Office (ICO):

Changes to this policy

If I update this policy, I’ll change the “last updated” date at the top. For significant changes that affect how I use your data, I’ll let you know by email if I have your address.

Note: This policy is written as a clear, good-faith summary of how I handle your data. It is not intended as formal legal advice. If you have a specific concern about your data, please contact me directly.