Privacy Policy

1. Controller

ATI Agency ("we," "us"). Contact: contact@atiagency.io

2. Data We Collect

Through our request form: name, email, service description. Legitimate interest basis (GDPR Art. 6(1)(f)) — processing inquiries for potential business relationships.

3. Use

• Evaluate and respond to service requests
• Create project proposals
• Business communications

4. Storage & Retention

• EU servers (Supabase)
• Retained indefinitely unless you request deletion
• Deletion requests processed within 30 days

5. Client Project Data

Project-specific data handling varies per contract. Clients may host data on their own infrastructure or use our hosting. Details specified in each service agreement.

6. Third-Party Tools

We may use third-party AI/software tools (OpenAI, Anthropic, etc.) per project needs. Each tool is subject to their own terms. Specified in proposals.

7. No Sharing

We don't sell or share your data with third parties except as required by law or specified in project contracts.

8. Your Rights (GDPR)

• Access your data
• Rectification
• Erasure ("right to be forgotten")
• Data portability
• Object to processing
• Lodge complaint with your local data protection authority

Contact us at contact@atiagency.io to exercise rights.

9. Security

Industry-standard encryption and access controls. No method is 100% secure.

10. Changes

We may update this policy. Check date above for latest version.