Privacy Policy

Introduction

Atlantic AI ("we", "our", or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, and safeguard your information when you use our AI-powered platform and services.

Information We Collect

We collect information that you provide directly to us, including:

• Account information (name, email address, organization details)
• Profile data and preferences
• Usage data and interaction patterns with our AI tools
• Communication records and support requests
• Payment and billing information (processed securely through third-party providers)
• Integration data from connected services and APIs

How We Use Your Information

We use the information we collect to:

• Provide and maintain our AI services and platform
• Process your requests and deliver personalized AI experiences
• Send you service updates, security alerts, and support messages
• Improve our platform capabilities and develop new features
• Ensure platform security and prevent fraud or misuse
• Analyze usage patterns to optimize performance
• Comply with legal obligations and enforce our terms

Google Workspace Data (Google API Services User Data Policy)

Atlantic AI's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

When you connect your Google Workspace account to Atlantic AI, you grant our platform OAuth-scoped access to specific Google services. We request only the scopes necessary to deliver agentic features that you explicitly trigger. We do not sell, rent, or share Google user data with third parties for advertising, market research, or any unrelated purpose.

Scopes we request and how we use them

• Gmail (gmail.modify) — Read, draft, send, and label messages on your behalf when you ask an Atlantic agent to triage your inbox, reply to threads, or send a message you have approved. Message contents are processed in-memory and are not retained beyond the agent run, except for short-form summaries you explicitly save to your workspace.
• Google Calendar (calendar, calendar.events) — Read your event list, create and update events, and propose meeting times when you ask an agent to schedule, reschedule, or summarize your calendar. Event payloads are processed in-memory; we retain only event IDs and minimal metadata required to keep your scheduled workflows accurate.
• Google Drive (drive, drive.file) — List, read, create, and update files you reference in chat or that an agent must operate on to fulfill your request. File contents are processed in-memory for the duration of the agent run and only persisted when you explicitly attach a document to a knowledge base or save an agent-generated artifact back to your Drive.
• Google Docs (documents) — Read and modify Google Docs when you ask an agent to summarize, edit, or generate document content. Document text is processed in-memory; persistent storage occurs only on explicit user save.
• Google Sheets (spreadsheets) — Read and write spreadsheet cells when you ask an agent to analyze data, generate reports, or update tracked metrics. Cell values are processed in-memory and not retained beyond the agent run.
• Google Slides (presentations) — Read and modify slide decks when you ask an agent to draft, refine, or summarize a presentation. Slide content is processed in-memory and not retained beyond the agent run.

Limited Use commitments

In addition to the general data-handling commitments in this policy, for data obtained through Google APIs we specifically commit that:

• We use Google user data only to provide or improve user-facing features that are prominent in our requesting application.
• We do not transfer Google user data to third parties except as necessary to provide or improve user-facing features, comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users.
• We do not use Google user data for serving advertisements, including retargeting, personalized, or interest-based advertising.
• We do not allow humans to read Google user data except with your explicit consent for specific messages, for security investigations (such as suspected abuse), to comply with applicable law, or in aggregated and fully anonymized form for internal operations.
• No Google user data is used to train generalized or third-party AI/ML models. Per-conversation context is provided only to the specific model serving your active session.

Revoking access and deleting data

You can disconnect Atlantic AI from your Google account at any time from your Google Account permissions page, or from the Integrations panel inside Atlantic AI. On disconnect, we revoke stored OAuth tokens immediately and purge cached Google user data within 30 days. To delete all account data, contact info@getatlantic.ai.

Data Security

We implement comprehensive security measures including end-to-end encryption, multi-factor authentication, access controls, and regular security audits. All data is encrypted both in transit and at rest using industry-standard protocols.

Data Sharing

We do not sell your personal information. We may share your data only in these limited circumstances:

• With your explicit consent
• With trusted service providers who help us operate our platform
• When required by law or to protect our legal rights
• In connection with a business transaction (merger, acquisition)

Your Rights

You have the right to:

• Access and review your personal data
• Correct inaccurate or incomplete information
• Request deletion of your personal data
• Export your data in a portable format
• Opt-out of marketing communications
• Withdraw consent for data processing

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: