Privacy Notice
Last updated: 30 April 2026
1. Who we are
Atlas Workspace is operated by Ugo Maronilli ("we", "us", "our"), the data controller for personal data processed in connection with your use of Atlas Workspace (the "Service"). For payment processing, our reseller Paddle.com Market Limited acts as the Merchant of Record and as an independent controller of payment-related personal data.
2. What personal data we collect
- Account data — name, email address, password (hashed), authentication identifiers.
- Profile and content data — contacts, tasks, reminders, calendar entries, meeting minutes, documents, conversations and other content you create in the Service.
- Support communications — messages you send to us, including any attachments.
- Usage and device data — log data, IP address, browser and device identifiers, pages visited, features used, timestamps, and crash diagnostics.
- Cookies and similar technologies — see section 9 below.
3. How and why we use your data
| Purpose | Legal basis (UK / EU GDPR) |
|---|---|
| Create and operate your account; provide the core Service. | Performance of a contract. |
| Generate AI briefings, summaries and assistant responses on your behalf. | Performance of a contract. |
| Customer support and communications about the Service. | Performance of a contract / legitimate interests. |
| Security, fraud prevention, abuse detection and audit logs. | Legitimate interests / legal obligation. |
| Service improvement, debugging and analytics. | Legitimate interests. |
| Marketing communications about Atlas Workspace. | Consent (you can withdraw at any time). |
| Compliance with legal obligations. | Legal obligation. |
4. AI processing
When you use AI features, the content you submit (and relevant context from your account) is sent to large-language-model providers acting as our processors so that they can generate a response. We do not authorise these providers to use your content to train their general-purpose models. Do not submit information you would not want a third-party AI provider to process.
5. Who we share data with
- Hosting and infrastructure providers — for storing your data and running the Service.
- AI model providers — to generate responses to your requests.
- Paddle (Merchant of Record) — for sale of subscriptions, payment processing, subscription management, tax compliance and invoicing. Paddle's privacy practices are described at paddle.com/legal/privacy.
- Analytics, error monitoring and support tooling — to understand how the Service is used and to fix problems.
- Professional advisers — such as legal and accounting advisers, where necessary.
- Authorities — where we are required to do so by law, or to protect our rights, property or safety, or that of others.
We do not sell your personal data.
6. International transfers
Some of our service providers are located outside the UK and the European Economic Area. Where we transfer personal data internationally, we rely on appropriate safeguards such as adequacy decisions or the UK International Data Transfer Agreement / EU Standard Contractual Clauses.
7. Data retention
We keep your personal data for as long as your account is active and as long as we need it to provide the Service. When your account is deleted, we delete or anonymise your personal data within a reasonable period, except where we are required to retain it for legal, accounting or security reasons (for example, transaction records held by Paddle).
8. Your rights
Depending on your jurisdiction, you may have rights to access, rectify, erase, restrict or object to processing of your personal data, to data portability, and to withdraw consent where processing is based on consent. You may also lodge a complaint with your local data protection authority (in the UK, the Information Commissioner's Office). We aim to respond to verified rights requests within one month.
To exercise your rights, contact us using the details in section 11.
9. Cookies
We use strictly necessary cookies to keep you signed in and to keep the Service secure. We may also use limited analytics cookies to understand aggregate usage. Where required by law, we will ask for your consent before setting non-essential cookies. You can manage cookies through your browser settings.
10. Security
We use appropriate technical and organisational measures to protect personal data, including encryption in transit, access controls, and regular review of our security practices. No system is completely secure, and we cannot guarantee absolute security.
11. Contact
For privacy questions or to exercise your rights, contact the email address listed in your account, or reach out to Paddle for billing and payment-related data via paddle.net.
See also our Terms of Service and Refund Policy.