Privacy Policy

Last updated: April 3, 2026

Atlas Agent ("we", "us", "our") operates the atlasagent.dev platform. This Privacy Policy explains how we collect, use, and protect your information.

1. Information We Collect

Account Information: When you create an account, we collect your company name, email address, and password (hashed, never stored in plain text).

Email Data: If you connect your email account (via IMAP, SMTP, or Google OAuth), our AI agent accesses your emails to perform tasks you request (reading, summarizing, sending). We do not store your email content permanently — it is processed in real-time and only cached temporarily during task execution.

API Keys: API keys you provide for AI model providers (Anthropic, OpenRouter, xAI, etc.) are stored encrypted and used solely to make API calls on your behalf.

Usage Data: We log tool calls, automation runs, and session metadata to provide activity tracking and debugging. This data is scoped to your tenant and not shared.

2. How We Use Your Information

• To operate the AI agent and execute your requested tasks
• To run automations you configure (email monitoring, competitor tracking, etc.)
• To provide activity logs and usage statistics
• To improve the platform's reliability and performance

3. What We Don't Do

• We do not sell your data to third parties
• We do not use your data to train AI models
• We do not share your business intelligence with other tenants or companies
• We do not read your emails — only the AI agent processes them, based on your instructions

4. Third-Party Services

When you connect third-party services, your data is shared with those services according to their privacy policies:

• AI Model Providers (Anthropic, OpenRouter, xAI, etc.): Your prompts and agent interactions are sent to the selected AI provider for processing
• Google (if using Google OAuth): We access your Gmail via Google's API with the permissions you grant. We request read, send, and modify access to your email
• Email Servers (IMAP/SMTP): We connect to your email server using the credentials you provide

5. Data Storage and Security

Your data is stored on secure servers hosted by Fly.io. We use:

• Encrypted connections (HTTPS/TLS) for all data in transit
• Encrypted volumes for data at rest
• Per-tenant data isolation — each tenant's data is completely separated
• Bcrypt password hashing

6. Data Retention

We retain your data for as long as your account is active. You can request deletion of your account and all associated data at any time by contacting us.

7. Self-Hosting Option

Atlas Agent can be self-hosted on your own infrastructure. In this case, no data ever leaves your servers, and this privacy policy does not apply — you control all data.

8. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Delete your account and data
• Export your data
• Disconnect third-party services at any time

9. Google API Services User Data Policy

Atlas Agent's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only use Google user data to provide email functionality within the Atlas Agent platform as described above.

10. Contact

For privacy questions or data requests, contact us at privacy@atlasagent.dev.

11. Changes

We may update this policy from time to time. We will notify you of significant changes via email or in-app notification.