Back to Privacy Overview

Privacy Policy

Effective Date: January 1, 2026

Executive Summary

ATLAS is a personal world modeling platform built for executives, strategic investors, and decision-makers who operate with sensitive, proprietary information. We believe your professional context—relationships, decisions, analyses, market intelligence—is your competitive moat. Our architecture ensures this information remains cryptographically inaccessible to us, our staff, and our cloud infrastructure. This policy describes the technical, contractual, and operational controls that make this guarantee enforceable.

I. Core Commitments

1. You Control Your Model
The AI model trained on your data belongs to you. You can export it, delete it, or revoke access. We have no rights to it.

2. We Cannot Access Your Data
ATLAS is architected so that decryption is structurally impossible for our systems and personnel. Your encryption keys never leave your device. Decryption happens only inside hardware-isolated enclaves that have no persistent storage and no operator access.

3. Verify Us, Don't Trust Us
Our security-critical code is open source. You can audit it, reproduce builds, and verify that what runs on our servers matches our published code.

4. Keys Don't Persist
Encryption keys are generated, used, and destroyed within a single session. We don't store master keys, backup keys, or recovery keys. This means past sessions are permanently undecryptable—even to us.

5. No Derivative Use
Your data is never used to train other systems, improve products for other users, train foundation models, or share with third parties. Period.

6. Built for Regulated Professionals
ATLAS exists for people bound by attorney-client privilege, healthcare confidentiality, securities law, fiduciary duty, and similar constraints. Our architecture reflects these legal realities.

II. What Data We Collect & How We Store It

Data handling depends on your account tier:

Pro Users: Data encrypted and stored on ATLAS infrastructure
Ultra Users: Data remains exclusively on your infrastructure; ATLAS processes but never stores

Your Personal Intelligence (Encrypted & Private)

For Pro Users: Data remains encrypted at rest on ATLAS infrastructure and is decrypted temporarily inside a secure enclave during processing.

For Ultra Users: Data never exists on ATLAS infrastructure. You maintain the data on your own systems. ATLAS accesses and processes it only when you request, with no persistent storage on our systems.

Types of Data We Process:

  • Professional context (emails, calendar, notes, documents, meeting transcripts, strategic analyses)

  • Communication patterns (how you make decisions, vocabulary, tone, negotiation style)

  • Knowledge base (wikis, research, frameworks, relationship maps)

  • Decision logs (past decisions, outcomes, reasoning)

  • Searchable metadata (hashed search tokens that cannot be reversed)

  • Vector embeddings (encrypted semantic representations for intelligent search)

    Account & Infrastructure Data:

  • Email address, authentication credentials

  • Device information for cross-platform sync

  • Billing information (processed by third-party payment providers)

  • Settings and preference data

    • III. Technical Architecture & Security

    Hardware-Isolated Processing

    ATLAS executes sensitive operations inside Trusted Execution Environments (TEEs) — hardware-isolated secure zones where code runs without exposure to the general system.

    Technical Isolation:

  • Decryption only occurs inside the TEE

  • The TEE's memory is inaccessible from outside—system administrators, root processes, and cloud providers structurally cannot read it

  • The TEE has no disk storage and no remote access mechanisms

  • Physical server attacks do not grant access to TEE memory

    Cryptographic Code Verification:

  • The TEE generates a cryptographic fingerprint (hash) of its running code and signs it with the hypervisor's key

  • Your device retrieves this signed attestation and checks that the code hash matches our open-source repository

  • If someone modified the TEE code, the hash would not match and your device rejects the connection

    Key Management & Ephemeral Cryptography

    We use a distributed key architecture where decryption requires pieces held by both you and the TEE:

    Client-Side:

  • Your master encryption key is generated locally and stored in your device's secure storage

  • This key never leaves your device unencrypted

  • You control whether the key can be accessed (biometric, PIN, passphrase)

    Server-Side:

  • We do NOT store your master key

  • When processing begins, the TEE generates temporary session keys that exist only in volatile RAM

  • These session keys are destroyed when the session ends

  • This guarantees forward secrecy: even if ATLAS infrastructure is compromised, attackers cannot decrypt past sessions

    Data Flow & Isolation:

    Your Device → ATLAS Backend (Relay Layer) → ATLAS TEE (Isolated Processing) → LLM Providers

    The backend layer is a blind relay—it handles authentication and routing, but structurally cannot decrypt data. The TEE is the only place where plaintext exists, and only for the duration of processing.

    • IV.5 Account Tiers & Data Architecture

    Pro Tier

  • Data encrypted and stored on ATLAS infrastructure

  • You maintain encryption keys (device-based)

  • ATLAS provides backup, sync, and disaster recovery

  • Data retention: Until you delete or close account

  • Best for: Teams with moderate data sensitivity

    Ultra Tier

  • Data never stored on ATLAS infrastructure

  • You maintain all data sources on your systems

  • ATLAS accesses data only during processing (no persistence)

  • Data retention: Processing logs only (30 days)

  • Best for: Executives with highest confidentiality requirements

    • V. Large Language Model Integration & Zero Data Retention

    Pro Users: We operate under enterprise Zero Data Retention agreements with Anthropic (Claude API). This contract legally binds them to:

  • No Training: Your data is never used to train or fine-tune their models

  • No Retention: Data sent via API is discarded immediately after generating a response

  • No Reuse: Your data is not used for any other purpose

  • No Access: Anthropic cannot log, analyze, or inspect your plaintext data

    Ultra Users: Use local models on your infrastructure (no external LLM API calls)

    • VI. Data Retention & Deletion

    Pro Users:

  • Your Personal Intelligence: Retained indefinitely, encrypted at rest, until you delete it or close your account

  • Raw Sensor Data: Deleted immediately after processing

  • Encrypted Backups: Maintained for 90 days for disaster recovery

  • Logs & Metadata: Retained for 30 days, then deleted

  • Account Data: Retained until account deletion

    Ultra Users:

  • Your Personal Intelligence: Never stored on ATLAS infrastructure; remains exclusively on your systems

  • Processing Cache: Temporary cache cleared immediately after processing

  • Logs & Metadata: Retained for 30 days (activity logs only, no data content)

  • Account Data: Retained until account deletion

    Your Right to Delete:

    Pro Users: You have absolute control—delete specific items, entire categories, or your full account. Deletion renders encrypted data mathematically irretrievable. Backups purged within 30 days.

    Ultra Users: By design, nothing is stored on ATLAS to delete. Revoke access immediately, request deletion of activity logs, and request confirmation that no data remains in ATLAS cache.

    • VII. Third-Party Data & LLM Providers

    What We Do NOT Share
    We do not sell your data. We do not share it with advertisers, brokers, or marketing companies.

    Service Providers (under confidentiality agreements):

  • Cloud hosting: Stores encrypted blobs only

  • Payment processing: Financial data only

  • Security partners: Fraud prevention metadata only

    Legal Obligations

  • Valid court orders or subpoenas requiring data disclosure

  • Government requests (we notify you when legally permitted)

  • Law enforcement investigations of illegal activity

    Third-Party Integrations You Control
    You can connect external services (Gmail, Notion, Slack, etc.):

  • You explicitly authorize each connection

  • You can revoke access immediately

  • We store only encrypted metadata about the connection

  • We never retain raw data from these sources

    • VIII. Security & Threat Model

    Pro Users - What ATLAS Defends Against:

  • Service Operator Snooping: Enclave isolation makes data inaccessible to ATLAS staff

  • Database Hacks: Attackers only obtain encrypted ciphertext

  • Cloud Provider Surveillance: Blind relay prevents cloud provider from reading traffic

  • Retroactive Decryption: Forward secrecy—historical keys no longer exist

  • Malware on Your Device: Master keys stored in secure OS keychain

  • Man-in-the-Middle Attacks: All traffic encrypted with TLS; enclave verifies peer identity

  • Insider Threats: Enclave isolation prevents administrators from accessing data

    Ultra Users - What ATLAS Defends Against:

  • ATLAS Infrastructure Breach: No data stored on ATLAS systems

  • Cloud Provider Access: Data never on cloud provider systems

  • ATLAS Operator Snooping: Data not stored on ATLAS

  • Retroactive Decryption: No historical data stored to decrypt

  • Insider Threats: Data under your administrative control

    Limitations & Transparency:

    Pro Users:

  • Key Loss: If you lose your device and have no backup, we cannot recover your data (by design)

  • LLM Provider Breach: If an LLM provider violates their ZDR contract, we cannot prevent it (though legally liable)

  • Unpatched Vulnerabilities: Zero-days in hardware or OS could theoretically compromise an enclave

  • Compromised Device: Malware on your device could capture data before encryption

    Ultra Users:

  • Your Key Management: You manage encryption keys for your data sources

  • Your Infrastructure Security: ATLAS cannot secure your internal networks

  • LLM Provider Risk: Same as Pro users

  • Your Device Security: Your systems are your responsibility

    • IX. Your Privacy Rights

    You have the following rights:

    Access & Portability

  • Access all data we hold about you

  • Export data in standard formats

  • Transfer to other services

    Correction

  • Update inaccurate personal information

  • Correct profile data or preferences

    Deletion

  • Delete specific data or entire account

  • Selective removal of integration sources

  • Permanent data destruction with verification

    Opt-Out

  • Disable analytics and optional data sharing

  • Revoke third-party integrations

  • Disable LLM processing (use local models only)

    To Exercise Your Rights

  • Use your account dashboard for self-service options

  • Email contact@thinkv1.com for assistance

  • Request a Data Subject Access Request (DSAR) if required by law

    • X. International Data Transfers

    ATLAS is operated by Impossible Technology, Inc., incorporated in the State of Delaware, United States. Your data may be transferred to and processed in the United States or other jurisdictions.

    We comply with international data protection standards:

  • Standard contractual clauses (SCCs) for EU/EEA data transfers

  • GDPR compliance (where applicable)

  • No unrestricted international data sharing

    • XI. Children & Minors

    ATLAS is designed for executives and knowledge workers 18+ with professional data security requirements. We do not knowingly collect data from minors. If you believe a minor's data was submitted, contact us immediately for deletion.

    XII. Changes to This Policy

    We may update this policy as we evolve our architecture or legal requirements change.

    Material Changes: We'll notify you via email and provide a comment period
    How to Object: Contact contact@thinkv1.com if you disagree with changes

    XIII. Contact Information

    For privacy questions, concerns, or to exercise your rights:

    Email: contact@thinkv1.com
    Website: https://thinkv1.com