top of page
#aura
#aura_privacy

PRIVACY

YOUR TRUST IS OUR MOST VALUABLE ASSETS

Hany Saad at White Huse.png

At Aura Solution Company Limited, data security is not an operational task—it is a fiduciary obligation.In a world where information moves instantly and risks evolve constantly, Aura was built with a clear conviction: trust can only exist where protection is absolute. Every system we design, every process we approve, and every decision we make reflects this responsibility.

We protect data with the same discipline and foresight that define our approach to capital stewardship. Our security framework is anchored in institutional-grade governance, layered technological defenses, continuous monitoring, and strict access controls. These measures are not reactive—they are proactive, designed to anticipate threats rather than merely respond to them.

 

Equally important is our human discipline. At Aura, security is a culture. Our professionals are trained, accountable, and bound by ethical standards that go beyond compliance. Confidentiality, integrity, and discretion are not policies—they are expectations.

 

We do not view data as a byproduct of business.
 

We recognize it as an extension of trust placed in us.

 

As digital ecosystems grow more complex, Aura remains steadfast in its commitment to safeguarding information across borders, platforms, and generations. Our objective is simple and uncompromising: to ensure that every piece of data entrusted to Aura is protected with resilience, consistency, and respect.

 

Trust is earned through protection.
 

Protection is sustained through discipline.
 

Discipline defines Aura.

hany_Saad_signature

Hany Saad

President of the Aura Solution Company Limited

Website Data Protection Policy and Privacy Notice

1. INTRODUCTION

Aura Solution Company Limited (“Aura”, “we”, “us”, “our”) is committed to compliance with applicable legal and regulatory requirements relating to data protection, privacy and cybersecurity, as further set out in our Code of Business Conduct and Ethics. At Aura, we respect your privacy and this Policy, together with our Website Terms of Use and our Cookie Policy, governs how Aura collects, processes (as defined below) and uses your Personal Data (as defined below) when you use our websites (as defined below).

Annex A provides additional information for residents of certain U.S. states that supplements the information provided throughout this Policy and sets out privacy rights relevant to residents of such states.

This Policy applies to users of the Websites (as defined below).

For the purposes of applicable laws and regulations relating to data protection and privacy (“Data Protection Legislation”), Aura acts as a controller in respect of your Personal Data.

This Policy may change from time to time and you should review it periodically.

This Policy was last updated on August 29, 2025.

 

2. DEFINITIONS

The following definitions shall apply to this Policy:

“Aura”, “we”, “us”, “our” means Aura Solution Company Limited and any of its affiliated entities to which a Website relates.

“Personal Data” has the meaning given to it or any similar term (e.g., “personal information”, “non‑public personal information”, “PII”, “personally identifiable information”) in applicable Data Protection Legislation and, for the avoidance of doubt, means any information which directly or indirectly identifies or otherwise relates to an individual, which is in the possession or under the control of Aura (or its representatives or service providers). Such Personal Data may include, without limitation, name, age, identification number, email address, address, telephone number, location data, financial data, or an online identifier. In addition to factual information, such Personal Data includes any expression of opinion about an individual and any indication of the intentions of Aura or any other person in respect of an individual.

 

“Process” or “Processing” means any operation that is carried out in respect of Personal Data, including but not limited to collecting, storing, using, disclosing, transferring or deleting Personal Data.

“Sensitive Personal Data” has the meaning ascribed to this or any similar term provided by applicable Data Protection Legislation (e.g., “sensitive personal information”, “sensitive data”, or “special categories of personal data”).

“Websites” means Aura websites that link to this Policy unless such websites have their own data protection policy and privacy notice, including without limitation https://www.aura.co.th.

 

3. THE TYPES OF PERSONAL DATA WE COLLECT

If you are an Aura employee or an Aura investor, Aura’s policies and practices regarding the collection and processing of your Personal Data are detailed in Aura’s Employee and Personnel Data Protection Policy and Privacy Notice and Investor Data Protection Policy and Privacy Notice, respectively. If you make an application for employment with Aura, the collection and processing of your Personal Data is detailed in Aura’s Applicant Data Protection Policy and Privacy Notice, which will be provided to you via our applications partner website before you submit your application.

For all other individuals, Aura may collect and process the following categories of Personal Data about you from the sources identified below:

 

a) Website Data. When you browse the Websites, depending on how you interact with them, we may collect (i) information submitted through online forms (including name, age, date of birth, email address, address, telephone number, identification number, online identifier, location, gender, nationality, citizenship and contact information); and (ii) technical information collected by cookies and similar technologies regarding your use of the Websites, which may include device‑specific information, navigation data, technical and browsing preferences, location and entry point to the Websites. If you do not provide certain Personal Data when requested (and where relevant, provide consent), we may be unable to provide access to all areas of the Websites or related services.

 

b) Identity Verification Data. Identity verification information such as images of government‑issued identification (passport, national ID card, or driving license), as permitted by applicable law, or other authentication information.

 

c) Communications Data. Personal Data you provide when you contact Aura for any reason, including to request information, submit enquiries, use “Contact Us” features, subscribe to communications, attend events or download content. This may include name, job title, company name, phone number, location and email address.

 

d) Reputation & Background Check Data. If you are a service provider, business partner, or a representative thereof, Personal Data obtained from you and third parties concerning contact details, business practices, creditworthiness, reputation, business history, and roles or job titles.

 

e) Data Generated by Aura. Personal Data generated through our interactions with you or in the course of providing services, including information about your relationship with Aura or the services provided.

 

Cookies. Please refer to our Cookie Policy, which forms part of this Policy.

Do Not Track. Browsers may permit “do not track” signals. Due to the absence of an industry standard, Aura does not currently respond to such signals. Third parties (e.g., analytics providers) may collect Personal Data across websites; their practices are governed by their own privacy policies.

 

4. HOW WE COLLECT YOUR PERSONAL DATA

Aura may collect Personal Data:

a) directly from you (e.g., via the Websites, email, visits to our premises or other communications);

b) through automated technologies (e.g., cookies and similar tools);

c) from within Aura and our affiliates;

d) from third parties acting on your behalf (e.g., intermediaries, legal counsel or service providers);

e) from publicly available sources; and

f) from other organizations (e.g., fund administrators and service providers).

 

5. HOW WE USE YOUR PERSONAL DATA

Aura collects and processes Personal Data for the purposes and on the legal bases described below, including to:

a) provide marketing communications and business updates;

b) understand your needs and respond to enquiries;

c) analyze and improve services;

d) manage and administer our business;

e) provide subscribed products and services;

f) comply with applicable laws, regulations, codes and internal policies;

g) verify identity and conduct due diligence and sanctions screening;

h) detect, investigate and prevent fraud or malpractice;

i) conduct or defend legal proceedings and obtain legal advice;

j) administer databases and IT systems;

k) meet contractual obligations;

l) maintain Website security, functionality and resilience;

m) analyze Website traffic and usage trends;

n) enable Website features and access;

o) conduct cybersecurity threat detection and analysis; and

p) other purposes set out in this Policy.

Aura relies on one or more of the following legal bases: performance of a contract; consent (where required); compliance with legal obligations; establishment, exercise or defense of legal rights; and legitimate business interests that do not override your rights.

Where required by law, by accepting this Policy you consent to the collection, use, processing and disclosure of your Personal Data as described.

 

6. DISCLOSURE OF YOUR PERSONAL DATA TO THIRD PARTIES

Aura may share Personal Data with affiliates and third‑party service providers for business management, service provision, database administration, professional services, system protection, legal compliance, business transactions or change‑of‑control events. All recipients are expected to be subject to appropriate confidentiality and data protection obligations.

 

Aura may also share anonymized or aggregated data. We do not make automated decisions based solely on Personal Data.

7. LINKS TO OTHER WEBSITES

The Websites may contain links to third‑party websites not governed by this Policy. Aura is not responsible for those sites or their content.

 

8. TRANSFERS OF PERSONAL DATA

Aura operates globally and may transfer Personal Data to jurisdictions outside your own. Where required, Aura will ensure appropriate safeguards (such as standard contractual clauses) or obtain explicit consent in accordance with applicable law.

 

9. HOW WE SAFEGUARD YOUR PERSONAL DATA

Aura maintains commercially reasonable technical and organizational measures to protect Personal Data, including access controls, physical security and employee confidentiality obligations.

 

10. RETENTION AND DESTRUCTION OF PERSONAL DATA

Personal Data is retained only as long as necessary for its purposes and legal obligations. When no longer required, Aura will securely delete, destroy or anonymize the data.

 

11. YOUR RIGHTS

Subject to applicable law, you may have rights to access, correct, delete, restrict or object to processing, withdraw consent, request portability, receive information on disclosures, and lodge complaints with regulators. Requests may require completion of a Subject Access Request Form.

 

12. CHILDREN

The Websites are intended for individuals aged 18 and over. Aura does not knowingly collect Personal Data from children under 18.

 

13. MARKETING COMMUNICATIONS

Where permitted by law, Aura may send marketing communications unless you opt out. Opting out does not affect non‑marketing communications or lawful internal processing.

 

14. ADDITIONAL INFORMATION FOR CERTAIN U.S. STATE RESIDENTS

Aura does not sell Personal Data or process sensitive data requiring opt‑in under applicable U.S. state privacy laws. De‑identified data, where applicable, will not be re‑identified.

 

15. CALIFORNIA PRIVACY NOTICE

For California residents, Aura complies with the CCPA/CPRA. Aura does not sell or share Personal Information for cross‑context behavioral advertising.

 

16. CONTACT

For questions or to exercise your rights, please contact the Privacy Officer at PrivacyOfficer@aura.co.th.

#aura_privacy

WEB FRAUD

Aura Solution Company Limited (“Aura”) is a global investment and financial services institution. Cybercriminals may attempt to misuse Aura’s name, brand, logos, websites, or the identities of our executives and employees to conduct fraudulent schemes.

These schemes may occur through fake websites, emails, text messages, phone calls, social media platforms, messaging applications, job postings, or other communication channels. Such activities are designed to deceive individuals and unlawfully obtain personal, financial, or confidential information. Many of these attempts constitute phishing, vishing, or impersonation fraud.

Fraud tactics continuously evolve. We encourage all stakeholders to remain vigilant and informed.

 

Common Fraud Schemes

Be alert to the following common types of scams falsely associated with Aura:

  • Investment Scams
    Unsolicited offers promising “high-yield,” “guaranteed,” or “exclusive” investments using Aura’s name or reputation are almost always fraudulent.

  • Email or Text Phishing
    Messages containing suspicious links, attachments, or requests for personal, login, or banking details.

  • Phone Fraud (Vishing)
    Urgent or threatening phone calls impersonating Aura representatives, regulators, or law enforcement agencies.

  • Payment or Wire Instruction Changes
    Sudden requests to redirect funds, change bank account details, or expedite transfers under pressure.

  • Employment and Social Media Scams
    Fake job offers, paid “interviews,” or recruitment messages sent via chat apps or social media platforms.

  • Fake Websites or Applications
    Look-alike domains or mobile applications imitating Aura branding or online presence.

Best Practices to Protect Yourself

 

To help safeguard yourself and your organization:

  • Verify the Source
    Aura’s official website is https://www.aura.co.th. Official communications originate from verified Aura email domains. If in doubt, contact us directly through our website.

  • Read Communications Carefully
    Watch for spelling errors, unusual formatting, unfamiliar links, unexpected attachments, or overly urgent language.

  • Never Share Credentials
    Aura will never request passwords, verification codes, or multi-factor authentication details.

  • Avoid Suspicious Downloads
    Only download applications or files from trusted, official sources.

  • Be Cautious with Unsolicited Contact
    Do not provide personal, financial, or identification information to unknown callers or messages.

  • Independently Confirm Payment Instructions
    Always verify any change to payment or wiring details using previously established and trusted contact information.

  • Exercise Caution with Job Offers
    Aura does not charge candidates at any stage of recruitment. All legitimate opportunities are communicated through official Aura channels.

 

How to Report Suspected Fraud

If you believe you have been targeted by, or have identified, a suspicious activity involving Aura:

  1. Stop engaging immediately. Do not click links, download files, or transfer funds.

  2. Verify directly using trusted Aura contact channels or by visiting https://www.aura.co.th.

  3. Report the incident to your local law enforcement authorities and relevant cybercrime agencies in your jurisdiction.

Aura reserves all rights to protect its name, brand, systems, and stakeholders. We are not responsible for third-party content and provide external references for informational purposes only.

 

Contact Us

If you have any questions regarding the authenticity or security of a communication purported to be from Aura, or if you wish to report a suspicious website or message, please contact us through our official website:

Aura Solution Company Limited
🌐 https://www.aura.co.th

bottom of page