Atlas
PrivacyTerms
Legal

Atlas Privacy Policy

Atlas is a founder-operated beta product that helps users connect external services, index content, and search across their connected workspace. This Privacy Policy explains what Atlas collects, how Atlas uses it, and the choices users have today.

Last updated March 9, 2026

Recent updates

Short summary of the latest legal and product-surface changes reflected on this page.

  • Replaced placeholder legal copy with a connector-aware privacy policy tied to the live product surface.
  • Added explicit disclosures for previews, extracted text, encrypted connector credentials, and share links.
  • Added a generated current-integrations section so new live connectors cannot drift away from policy coverage.

Who Operates Atlas

Atlas is a founder-operated service. Questions, privacy requests, deletion requests, and other support inquiries can be sent to akhieleshsrirangam@gmail.com.

Atlas is offered on a US-first, global-ready basis. The service is designed for work-oriented use and is not directed to children under 16.

What Atlas Collects

  • Account and profile data, including name, email address, profile image, workspace association, and user preferences.
  • Authentication and session data, including session tokens, login provider details, and essential cookie data needed to keep users signed in.
  • Connector account data, including provider account labels, account email where available, granted scopes, token expiry details, and encrypted access or refresh tokens.
  • Indexed provider metadata, including file, page, repository, message, database, channel, and attachment records connected to a user account.
  • Searchable extracted text, OCR text where generated, preview HTML or plain text, and preview artifacts stored to support Atlas search and preview features.
  • Usage, activity, audit, notification, and sync records that help Atlas show history, detect failures, and operate the product.
  • Collection-sharing data, including share tokens and shared-collection URLs when a user enables public sharing from inside Atlas.
  • Technical logs and operational metadata needed for security, debugging, abuse prevention, and service reliability.

How Atlas Gets Data

  • Directly from the user during signup, sign-in, profile setup, connector authorization, and support requests.
  • From OAuth connector flows and provider APIs after a user chooses to connect a supported service.
  • From background syncs, provider webhooks, and subscription callbacks used to keep connected data current.
  • From user-triggered product actions such as searching, opening previews, downloading, enabling share links, or requesting supported file and repository actions.

How Atlas Uses Data

  • To authenticate users, maintain sessions, and secure workspaces.
  • To connect provider accounts, sync content, index metadata, generate previews, and power search.
  • To perform supported user-requested actions such as uploads, folder creation, file operations, share-link creation, branch creation, and repository file edits where a connector supports them.
  • To show activity history, notifications, analytics, and operational state inside Atlas.
  • To troubleshoot failures, protect the service, prevent abuse, and improve reliability.

Current Integrations

Atlas currently supports the live connectors below. Each profile reflects the current product surface, including auth model, supported actions, data classes, and connector-specific notices.

Google Drive

Liveoauth

Google Drive search, previews, downloads, uploads, folders, and file operations.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items, upload new files, create folders, rename items, move items, copy items, delete items, create share links

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Drive file and folder metadata
  • Extracted searchable text and generated previews
  • Preview artifacts, sync jobs, and usage events

Notices

  • Atlas uses a broad Google Drive OAuth scope because Drive actions can include uploads, folder creation, and existing-file operations.
  • Existing-file rename, move, copy, delete, and share-link actions are routed through Atlas document operations.

Gmail

Liveoauth

Mailbox search across threads, messages, labels, and supported attachments.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Message, thread, and attachment metadata
  • Extracted text and generated previews for supported email content
  • Sync jobs, notifications, and usage events

Notices

  • Gmail is read-only in the current product stage.
  • Background sync expands mailbox coverage over time; not every mailbox is hydrated at once.

Google Photos

Livepicker session

User-selected Google Photos media import using picker sessions rather than full-library background sync.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Selected media metadata and thumbnails
  • Imported preview and search records for chosen items
  • Session status, sync jobs, and usage events

Notices

  • Atlas only imports the media items selected in a Google Photos picker session.
  • Picker sessions are user-driven and do not create a standing full-library sync relationship.

OneDrive

Liveoauth + subscription

OneDrive search with previews, downloads, supported file operations, and Microsoft Graph subscriptions.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items, upload new files, create folders, rename items, move items, copy items, delete items, create share links

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • OneDrive metadata and previewable file content
  • Extracted text, preview artifacts, and share-link results
  • Subscription state, sync jobs, and usage events

Notices

  • Atlas registers Microsoft Graph subscriptions to keep OneDrive content fresh.
  • Share-link actions can create anonymous links through the connected OneDrive account when the provider allows them.

Dropbox

Liveoauth

Dropbox search with previews, downloads, supported file operations, and share-link creation.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items, upload new files, create folders, rename items, move items, copy items, delete items, create share links

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Dropbox file and folder metadata
  • Extracted text, preview artifacts, and generated share links
  • Sync jobs, notifications, and usage events

Notices

  • Atlas can create public Dropbox share links when the connected account and provider settings allow them.
  • Dropbox content operations are only performed in response to a user action inside Atlas.

GitHub

Liveoauth + webhook

GitHub repository and code search with previews, downloads, branch creation, and supported file actions.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items, rename items, delete items, create repository branches, edit repository files

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Repository, branch, tree, blob, and commit metadata
  • Extracted code text and generated previews
  • Webhook state, sync jobs, and usage events

Notices

  • Atlas uses GitHub webhooks to refresh repository data and reconcile code changes.
  • Supported GitHub actions include branch creation plus file edit, rename, and delete flows where the connected account has repository rights.

Notion

Liveoauth

Notion page and database search with previews and downloads across shared workspace content.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Page, database, and attachment metadata
  • Extracted text, preview blocks, and download-ready markdown exports
  • Sync jobs, notifications, and usage events

Notices

  • Notion access is limited to the workspace content the user authorizes during the integration flow.
  • Notion is read-only in the current product stage.

Slack

Liveoauth + webhook

Slack workspace search across channels, DMs, threads, files, and event-driven updates.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Workspace, channel, message, thread, and file metadata
  • Extracted message text and supported preview data
  • Webhook events, sync jobs, and usage events

Notices

  • Slack is installed at the workspace level, not as a simple personal account connection.
  • Private channels and DMs are only available when Slack permissions and app membership allow them.
  • Slack is read-only in the current product stage.

Box

Liveoauth

Box search with previews, downloads, file actions, uploads, folders, and share-link creation.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items, upload new files, create folders, rename items, move items, copy items, delete items, create share links

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Box file and folder metadata plus storage quota details
  • Extracted text, preview artifacts, and generated share links
  • Sync jobs, transfer actions, and usage events

Notices

  • Atlas can create Box shared links when the connected account and Box policy allow them.
  • Box content operations are only performed in response to a user action inside Atlas.

GitLab

Liveoauth

GitLab repository and code search with previews, downloads, branch creation, and supported file edits.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items, create repository branches, edit repository files

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Project, branch, tree, blob, and commit-adjacent metadata
  • Extracted code text and generated previews
  • Sync jobs and usage events

Notices

  • GitLab instance selection follows the configured base URL and defaults to GitLab.com.
  • Supported GitLab actions currently include branch creation and file edit flows where the connected account has repository rights.

Confluence

Liveoauth

Confluence space and page search with previews and HTML exports across connected Atlassian cloud sites.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items

Data classes

  • Connector account labels, scopes, encrypted tokens, and selected site metadata
  • Space and page metadata
  • Extracted text and rendered HTML previews
  • Sync jobs and usage events

Notices

  • Atlas resolves the authorized Atlassian cloud site during OAuth and scopes Confluence access to that site.
  • Confluence is read-only in the current product stage.

Microsoft Teams

Liveoauth

Microsoft Teams workspace search across teams, channels, channel messages, and shared files.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Team, channel, message, and shared-file metadata
  • Extracted message text and supported preview data
  • Sync jobs, notifications, and usage events

Notices

  • Shared file access flows through Microsoft Graph and the backing SharePoint drive for each channel.
  • Microsoft Teams is read-only in the current product stage.

Figma

Liveoauth

Figma project and file browsing with design previews and frame export.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Project and file metadata
  • Design thumbnails and exported frame images
  • Sync jobs and usage events

Notices

  • Figma access is scoped to the teams the connected account belongs to.
  • Figma is read-only in the current product stage.

Linear

Liveoauth

Linear project and issue browsing with search across teams and issue previews.

Supported actions

browse connected content, search indexed results, preview supported items

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Team, project, and issue metadata
  • Issue descriptions, comments, and label data
  • Sync jobs and usage events

Notices

  • Linear access is scoped to the workspace the connected account belongs to.
  • Linear is read-only in the current product stage.

Airtable

Liveoauth

Airtable base and record browsing with table previews and CSV export.

Supported actions

browse connected content, search indexed results, preview supported items, download supported items

Data classes

  • Connector account labels, scopes, and encrypted tokens
  • Base, table, and record metadata
  • Record field values for search and preview
  • Sync jobs and usage events

Notices

  • Airtable access is scoped to the bases the connected account has permission to read.
  • Airtable is read-only in the current product stage.

AWS S3

Liveplanned

AWS S3 bucket browsing with object download, upload, and transfer support.

Supported actions

browse connected content, search indexed results, download supported items, upload new files

Data classes

  • IAM access key ID and encrypted secret access key
  • Bucket and object metadata
  • Object content for transfers and downloads
  • Sync jobs and usage events

Notices

  • S3 access depends entirely on the IAM permissions of the provided access key.
  • Atlas does not store S3 object content beyond active transfers.

How Atlas Shares or Discloses Data

  • With the provider services a user explicitly connects, because Atlas must call those APIs to read, sync, preview, and act on authorized content.
  • With infrastructure and service providers used to run Atlas, such as hosting, database, storage, email, queue, and search services.
  • Through public collection share links when a user explicitly enables sharing inside Atlas. Anyone with the generated tokenized URL may be able to access that shared collection.
  • When reasonably necessary to comply with law, respond to security incidents, protect users, enforce product terms, or prevent abuse.

Security and Storage

  • Connector secrets are stored in encrypted form using the Atlas application encryption key.
  • Authentication relies on HTTP-only session cookies for active user sessions.
  • Preview artifacts are stored in private object storage rather than being made publicly accessible by default.
  • Atlas limits claims in this policy to the controls that are visible in the codebase today. Atlas does not claim SOC 2, HIPAA, GDPR DPA, EU representative, or data residency commitments that are not actually implemented.

Retention and Deletion

  • When a user disconnects a connector account, Atlas removes the connector record and cascades deletion of connector-linked documents and previews from the primary database.
  • Preview artifact retention follows the configured Atlas artifact retention window where applicable, but Atlas does not promise every backup, log, or provider-side record disappears instantly.
  • Account, session, log, and activity data are retained for operational, security, and support needs until Atlas has a fuller self-serve deletion workflow.
  • Users can request account or data deletion by emailing akhieleshsrirangam@gmail.com. Atlas may need to keep limited records required for security, fraud prevention, or legal compliance.

User Rights and Choices

  • Users can request access, correction, deletion, or export help by contacting akhieleshsrirangam@gmail.com.
  • Users can disconnect supported connectors from inside Atlas. Disconnecting a connector removes Atlas access going forward and clears connector-linked records from the primary database.
  • Atlas uses essential sign-in cookies today. Atlas is not deploying a separate non-essential cookie banner until non-essential tracking is introduced.
  • Atlas aims to respond to reasonable privacy requests in a practical, good-faith manner, but does not make unsupported legal-framework commitments that the product and operations do not yet implement.
Back to AtlasTermsPrivacy