Privacy Policy

01. Information We Collect

Atelier gathers standard categories of user telemetry strictly to manage access permissions, customize asset views, and track programmatic CDN integrations. We collect the following data:

• Account Identifiers: Username, email address, and cryptographically hashed passwords generated upon standard signup.
• Developer Variables: Domain whitelists (`allowed_domains`) stored directly under your user profile configuration parameters.
• CDN Server Telemetry: Log request variables (Referer or Origin HTTP headers, query timestamps, requested vector assets, and sequential client numbers).
• Subscription States: Membership billing records indicating active plans (Explorer Free vs. Creator Pro).

02. How Data is Used

All gathered telemetry is strictly utilized for core operational delivery. Specifically, your whitelisted domain settings allow us to authenticate incoming programmatic requests and prevent hotlinking from unauthorized origins. Your request logs are analyzed solely to track API usage counts (enforcing the 10 free trial API query limit for Free Explorer users). No data is used for third-party tracking, advertising profiling, or targeting algorithms.

03. Security and Storage

We prioritize user data safety. All database structures are securely isolated behind strict Row-Level Security (RLS) policies using secure Postgres structures. Our servers utilize SSL encryption for all network operations. Standard administrative logs are strictly restricted to role-specific service actions, and your session keys are kept encrypted in cloud database clusters.

04. Cookies and Preferences

Atelier does not integrate marketing trackers, display networks, or search profiling scripts. We use minimal functional cookies to persist your identity:

• HTTP-Only Session Cookie: Stored securely as `access_token` to authorize API dashboard updates and track your account tier securely.
• LocalStorage preference: Stored locally as `atelier-theme` to persist dark or light design theme settings across page loads.

05. Third-Party Integrations

We leverage high-performance backend platforms to streamline billing and authentication actions. These systems comply with rigorous privacy standards:

• Supabase: Provides unified database hosting, session validations, and standard sign-up infrastructures. None of your personal details are shared outside our database profile constraints.
• Stripe & Razorpay: Processes all Creator Pro subscription plans securely. All transactional metrics, card records, and billing queries are processed directly on secure servers — Atelier never stores card numbers or bank information locally.

06. User Account Rights

As a registered creator, you maintain full control over your stored credentials. You can view, add, or permanently delete whitelisted domains directly from your API Dashboard at any time. You have the right to request access to all data we store about your profile, or to request full deletion of your user account. To delete your account, contact our legal representatives at the support address below.

07. Data Retention Policy

We retain your email and account telemetry for as long as your account remains active. Deleted domains are wiped from our active cache instantly. Upon an explicit account deletion request, all personal metrics, profile columns, and allowed domains are completely deleted from our databases within 30 days.