Privacy Policy
Last updated · May 2026This policy explains what personal data Atlas processes, why, the legal bases we rely on, and the choices and rights you have. We keep it short and in plain language.
01Who we are
Atlas is operated by Arthea ("Atlas", "we", "us"). For the personal data described here, Atlas is the data controller for its own account and marketing data, and a processor for the data inside your workspace (see our DPA).
For any privacy question, email atlas@arthea.ai.
02Data we collect
Account data you provide: name, work email, company, role, and billing details. Workspace data you connect: your store, channels, and the metrics, content, and records those integrations expose. Usage and device data: log data, IP address, browser type, and product telemetry needed to operate and secure the service. Support communications: the messages and context you share when you contact us.
We do not intentionally collect special-category personal data, and we ask that you not put it into the product.
03Data at a glance
A quick reference for what we process, why, the legal basis, who it is shared with, and how long we keep it.
Account data (name, work email, company, role). Purpose: run your account and the service. Legal basis: our contract with you. Shared with: hosting and email sub-processors. Retention: the life of your account, then up to 3 years.
Billing details. Purpose: take payment and meet tax duties. Legal basis: contract and legal obligation. Shared with: Stripe, which processes payments (we never store card numbers). Retention: as legally required.
Workspace and connected data (store, channels, metrics, content, records). Purpose: operate your workspace and run agents. Legal basis: our contract with you, and, for your customers’ data, processing on your instructions under our DPA. Shared with: hosting, model-inference, and analytics sub-processors. Retention: the contract term, then up to 1 year after cancellation.
Your customers’ personal data inside connectors (orders, profiles). Role: you are the controller, Atlas is your processor under the DPA. Legal basis: your instructions. Retention: per your DPA.
Usage and security logs (IP, device, telemetry). Purpose: operate, secure, and debug the service. Legal basis: our legitimate interest. Shared with: our error-tracking and observability tools (self-hosted, EU). Retention: 12 months.
Analytics cookies. Purpose: understand aggregate usage. Legal basis: your consent. Retention: up to 13 months.
Marketing email. Purpose: tell you about Atlas. Legal basis: your opt-in. Retention: until you unsubscribe.
04How we use data, and our legal bases
To provide the service and operate your workspace, including running agents on your behalf (performance of our contract with you). To secure, debug, and improve the service, and to understand usage in aggregate (our legitimate interests). To send service and, where permitted, marketing messages (consent or legitimate interests, with an opt-out in every marketing message). To meet legal, tax, and accounting obligations (legal obligation).
We never sell your data, and we never use your workspace data to train machine-learning models, ours or anyone else’s.
05Sharing and sub-processors
We share data only with vetted sub-processors that help us run the service, hosting, model inference, email delivery, payments, and analytics, under contracts that require equivalent protection. The current sub-processor list is published at /legal/sub-processors, and we give at least 30 days’ notice before adding or replacing one.
We may also disclose data where required by law, to protect our rights, or as part of a merger or acquisition (you will be notified of any change of controller).
06Connected integrations and Google user data
When you connect an integration (such as Shopify, Notion, or Google Drive), Atlas accesses only the data that integration’s scopes allow, to build and maintain your workspace and company brain. Connections are read-only by default; Atlas never writes to a source without an explicit action you approve. Access tokens are encrypted at rest with per-tenant keys, and you can disconnect any integration at any time from your workspace, which revokes Atlas’s access.
Atlas’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We use Google Workspace data (for example, the Google Drive documents you choose to connect) solely to provide and improve the user-facing features of Atlas; we do not sell it, we do not transfer it to third parties except as needed to provide the service, and we never use it to train generalized machine-learning models.
When you connect Meta (Facebook), Atlas accesses only your own brand’s ad-account insights and campaign metadata, under the ads_read and business_management permissions. We never access end-customer personal data, and we never access message or audience content. Meta access tokens are encrypted at rest with a per-tenant key, and the derived data is EU-resident (Frankfurt). Disconnecting Meta in Atlas revokes our access and purges the derived ad data; see our Data Deletion Instructions for the full path.
When you connect TikTok, Atlas stores an access token and your authorized TikTok account identifiers (such as your open id and display name) so it can publish or upload the videos you choose to your own TikTok account on your behalf, and read your basic profile to confirm which account is linked. We request only the user.info.basic, video.upload, and video.publish scopes; we never access another person’s account, your followers, your private messages, or your analytics beyond what those scopes return. TikTok access tokens are encrypted at rest with a per-tenant key. While our TikTok app is unaudited, any direct post is created as private (visible only to you) by default. Disconnecting TikTok in Atlas revokes our access at TikTok and removes the stored token.
When you connect TikTok Ads, Atlas accesses only your own authorized advertiser account’s spend, conversion, value, and creative reporting through the TikTok Marketing API, to surface paid-media performance in your workspace. We never access end-customer personal data, your followers, or message content. The TikTok Ads access token and advertiser identifiers are encrypted at rest with a per-tenant key, and the derived data is EU-resident (Frankfurt). Disconnecting TikTok Ads in Atlas removes the stored token and purges the derived ad data.
When you connect Pinterest, Atlas accesses only your own brand’s Pinterest Business ad accounts, campaigns, and analytics under the ads:read and ads:write permissions, to surface paid-media performance and, where you explicitly approve it, to create campaigns and forward consent-gated server-side conversions you choose to send. We never access end-customer personal data, your followers, or message content. Pinterest access and refresh tokens are encrypted at rest with a per-tenant key, and the derived data is EU-resident (Frankfurt). Disconnecting Pinterest in Atlas revokes our access and purges the derived ad data.
When you connect ChatGPT Ads (OpenAI Advertiser API), you paste your own advertiser API key and measurement Pixel ID; Atlas uses them only to read your own account’s campaigns and insights and, where you explicitly approve it, to create paused campaign drafts and forward consent-gated server-side conversions you choose to send. We never access end-customer personal data. The API key is encrypted at rest with a per-tenant key, and the derived data is EU-resident (Frankfurt). Removing the key in Atlas revokes our access and purges the derived ad data.
07Where your data lives, and transfers
Data is hosted in the European Union (Frankfurt) by default, with per-tenant Postgres row-level isolation so one workspace can never read another. Where a sub-processor requires a transfer outside the EEA, we rely on adequacy decisions or the European Commission’s Standard Contractual Clauses.
08How long we keep it
We keep account and workspace data for as long as your account is active. On closure, we export your shared memory as JSON on request and delete or anonymise personal data within 30 days, except where we must retain limited records to meet legal obligations.
09AI features and automated processing
Atlas uses AI to help you operate your business: an assistant (Alexia) and specialized agents read your connected data and your workspace context to surface insights, draft work, and propose actions. AI features are clearly labelled in the product, and AI-generated creative carries an "AI-generated" marker.
We do not make decisions that produce legal or similarly significant effects on you or your customers by automated means alone. Agents propose; a human on your team approves any action that sends, publishes, or spends. You stay in control, and every agent action is logged.
Inference runs on the models listed on our /ai page. We never use your workspace data to train any model, ours or a provider’s; it is used only to serve your own requests.
10Security
We protect data with encryption in transit and at rest, per-tenant isolation, least-privilege access controls, audit logging of agent actions, and regular review. SOC 2 Type II is in progress. No system is perfectly secure, but we treat your data as we treat our own. See /security for details and how to report a vulnerability.
11Your rights
Subject to applicable law, you can access, correct, export, restrict, or delete your personal data, object to certain processing, and withdraw consent at any time. Email atlas@arthea.ai and we respond within 30 days. You also have the right to lodge a complaint with your local supervisory authority.
12Cookies
We use a small set of essential and privacy-respecting analytics cookies. See the Cookie Policy for details and controls.
13Children
Atlas is a business product not directed to children, and we do not knowingly collect data from anyone under 16.
14Changes and contact
We will post material changes here and, where appropriate, notify you in-product or by email. Questions or requests: atlas@arthea.ai.