Legal

Privacy Policy

Last updated: June 14, 2026

Ruben Hernandez ("we", "us"), trading as Atlas, respects your privacy. We are the data controller for the personal data described in this policy. This Privacy Policy explains what personal data we collect, why we collect it, how we use and share it, and the choices you have. It applies to the Atlas website, applications, and services (the "Service").

1. Data We Collect

  • Account data: name, email address, password hash (or OAuth identifier from a sign-in provider such as Google), and account preferences.
  • Content you provide: items you track (subscriptions, bills, documents, appointments), notes, and chat messages you send to the Atlas AI assistant.
  • Connected sources (optional): if you choose to connect email, calendar, financial accounts, or document storage, we receive data from those sources via their official APIs, scoped to the permissions you grant.
  • Usage & device data: log data, IP address, browser, device type, and timestamps. Used for security, debugging, and analytics.
  • Payment data: handled by our payment processor Paddle. We receive transaction metadata (plan, status, last 4 digits) but never your full card number.

2. How We Use Your Data

  • To provide, maintain, and improve the Service.
  • To generate insights, summaries, and reminders personalised to you.
  • To process payments, manage subscriptions, and prevent fraud.
  • To communicate with you about your account, security, and product updates.
  • To comply with legal obligations and enforce our Terms.

We do not sell your personal data. We do not use your private content (emails, financial records, documents) to train third-party foundation models.

3. AI Processing

Atlas uses AI models, including models provided by third parties (e.g., Google, OpenAI, Anthropic via the Lovable AI Gateway), to analyse the items you store and respond to your questions. When data is sent to a model provider it is processed under their enterprise/API terms, which prohibit using the data to train their public models. We send only the minimum data needed to fulfil a request.

4. Sharing

We share personal data only with:

  • Infrastructure providers hosting our database, authentication, and application servers.
  • Payment processor Paddle.com Market Limited, for billing and tax compliance.
  • AI model providers, as described above, strictly to fulfil your requests.
  • Authorities, where legally required (subpoena, court order, lawful request).

5. Data Retention

We retain your data while your account is active and for a reasonable period afterwards to comply with legal and accounting obligations. You can delete individual items at any time, and you can delete your entire account from the in-app settings; we will then erase or anonymise your personal data within 30 days, except where retention is required by law.

6. Security

We use industry-standard safeguards: encryption in transit (TLS), encryption at rest, hashed passwords, role-based access controls, and audit logging. No system is perfectly secure, but we work hard to protect your data and we notify affected users in the event of a qualifying breach.

7. Your Rights

Depending on where you live, you may have the right to access, correct, export, restrict, or delete your personal data, and to object to certain processing. To exercise these rights, email privacy@atlas-app.io. You can also withdraw consent for any connected source at any time from the Connections page.

8. International Transfers

Atlas is operated globally and may transfer personal data to countries other than your own. Where required, we use appropriate safeguards such as Standard Contractual Clauses.

9. Children

Atlas is not directed to children under 18 and we do not knowingly collect personal data from children.

10. Changes

We may update this Privacy Policy from time to time. Material changes will be notified by email or in-product before they take effect.

11. Contact

Privacy questions or requests: privacy@atlas-app.io.