Legal

Privacy Policy

Atellio Effective 19 March 2026

1. Introduction

Atellio ("we", "us", or "our") operates the Atellio platform — an AI-driven, mobile-first product lifecycle management (PLM) and supply chain management (SCM) service for apparel businesses. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our website, mobile application, and related services (collectively, the "Service").

By accessing or using the Service, you agree to the collection and use of information as described in this Policy. If you do not agree, please discontinue use of the Service.

This Policy applies to all users of Atellio, including visitors to our website, registered account holders, and business partners such as factories and suppliers.

2. Data Controller

Atellio is the data controller for personal data processed under this Policy. Our contact details are provided in Section 11 below.

If you are located in the European Economic Area (EEA) or the United Kingdom, Atellio processes your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable national data protection laws.

3. Information We Collect

Information you provide directly

  • Account registration: name, email address, company name, job title, country.
  • Profile information: profile photo, business details, subscription plan.
  • Content you create: product specifications, tech packs, mood boards, images, voice recordings, comments, and other data you upload or generate within the Service.
  • Communications: messages, support requests, and feedback you send to us.
  • Payment information: billing address and payment method details, processed by our third-party payment processors. We do not store full card numbers.

Information collected automatically

  • Usage data: pages viewed, features used, actions taken, session duration, and referring URLs.
  • Device and technical data: IP address, device type, operating system, browser type and version, unique device identifiers.
  • Cookies and similar technologies: see Section 8 for details.
  • Location data: coarse location derived from IP address; precise GPS only if you explicitly grant permission in the mobile app.

Information from third-party integrations

When you connect third-party services to Atellio (such as Pinterest), we receive information those services make available in accordance with their own terms and your privacy settings with them. This may include basic profile information, content you explicitly choose to import, and OAuth access tokens required to maintain the connection.

We only request the minimum permissions necessary for the integration to function, and we do not access third-party content beyond what you explicitly authorise.

4. How We Use Your Information

Purpose Legal basis (GDPR)
Providing and operating the Service, including account management and customer support. Performance of a contract
Processing payments and managing subscriptions. Performance of a contract
Sending transactional communications such as account confirmations and invoices. Performance of a contract
Sending product updates, newsletters, and marketing communications, with opt-out available. Legitimate interests / Consent
Improving and developing the Service through analytics and user research. Legitimate interests
Training and improving AI features using anonymised and aggregated data. Legitimate interests
Detecting and preventing fraud, abuse, and security incidents. Legitimate interests / Legal obligation
Complying with applicable laws and regulations, including EU DPP and GDPR. Legal obligation
Enabling third-party integrations you connect, such as importing Pinterest content. Consent

We will not use your data for purposes materially different from those described above without first notifying you and, where required, obtaining your consent.

5. Pinterest Integration

Atellio offers an optional integration with Pinterest to allow users to import inspiration images and mood board content directly into their Atellio workspace.

How it works

  • You connect your Pinterest account by granting Atellio access via OAuth 2.0.
  • Atellio uses Pinterest's official API solely to retrieve content you select — boards, pins, and images — for use inside your Atellio workspace.
  • We store only the data necessary to display and manage your imported content within the Service.
  • We do not post, publish, or share anything to Pinterest on your behalf without your explicit action.
  • We do not sell, share, or use Pinterest data for advertising or profiling purposes.

Revoking access

You may disconnect the Pinterest integration at any time from your Atellio account settings. You can also revoke access directly from your Pinterest account at pinterest.com/settings/security. Upon disconnection, we will delete the associated OAuth tokens and cease importing any Pinterest data.

Pinterest's own privacy policy

Use of Pinterest is subject to Pinterest's own Privacy Policy. Atellio is not responsible for Pinterest's data practices.

6. Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following limited circumstances.

Service providers

We engage trusted third-party companies to help operate the Service — including cloud hosting, payment processing, analytics, email delivery, and AI model providers. These providers access personal data only as necessary to perform services on our behalf and are contractually bound to protect it.

Business transfers

If Atellio is involved in a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction. We will notify you before your data becomes subject to a materially different privacy policy.

Legal requirements

We may disclose personal data if required to do so by law, court order, or governmental authority, or where we believe disclosure is necessary to protect the rights, property, or safety of Atellio, our users, or the public.

With your consent

We may share your information for any other purpose with your prior consent.

7. Cookies and Tracking Technologies

We use cookies and similar technologies for the following purposes.

  • Essential cookies: required for the Service to function, such as authentication and language preference.
  • Analytics cookies: help us understand how users interact with the Service, for example via Google Analytics 4. Analytics data is aggregated and anonymised where possible.
  • Preference cookies: remember your settings across sessions.

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality. You may opt out of analytics cookies via the consent banner shown on your first visit.

8. Data Retention

We retain personal data for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

  • Account data: retained for the duration of your account and deleted within 30 days of account closure upon request.
  • Content data (tech packs, images, etc.): retained while your account is active; you may delete individual items at any time.
  • Usage logs: retained for up to 12 months for security and debugging purposes.
  • Payment records: retained for 7 years as required by applicable financial regulations.

9. Your Rights

Depending on your location, you may have the following rights regarding your personal data.

Right Description
Access Request a copy of the personal data we hold about you.
Rectification Ask us to correct inaccurate or incomplete data.
Erasure Request deletion of your personal data ("right to be forgotten").
Restriction Ask us to restrict processing of your data in certain circumstances.
Data Portability Receive your data in a structured, machine-readable format.
Objection Object to processing based on legitimate interests or for direct marketing.
Withdraw Consent Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us using the details in Section 11. We will respond within 30 days. You also have the right to lodge a complaint with a supervisory authority in your country of residence.

10. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encryption in transit (TLS) and at rest, access controls, multi-tenant data isolation, and regular security reviews.

No method of transmission over the internet is 100% secure. If you become aware of a security vulnerability or incident, please contact us immediately.

11. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or need to report a privacy concern, please reach out.

Atellio Privacy

Dubai, United Arab Emirates

Email: [email protected]

Website: atellio.io

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the effective date at the top of this page and, for material changes, notify you via email or a prominent notice within the Service.

Your continued use of the Service after changes become effective constitutes your acceptance of the revised Policy.