Atelio
Start free

Legal

Privacy Policy

Last updated: April 2026

This document is a working draft prepared to meet standard platform-policy expectations. Before onboarding paying customers or EU/UK residents at scale, it should be reviewed by a qualified solicitor. If you spot anything incorrect, email support@utilityseo.com.

This Privacy Policy explains how UtilitySEO Ltd ('we', 'us', 'our') handles your personal data when you use Atelio. We act as the Data Controller for the information described below. Our ICO registration number is C1885551.

1. Data we collect

We collect data you give us directly, plus limited data generated automatically:

  • Account data — name, email, password hash, phone number (optional), company details, referral source, promo code, consent timestamps.
  • Content data — brand assets, products, and graphics you upload or generate.
  • Usage data — pages viewed, features used, IP address, device and browser information, collected via cookies and similar technologies (including Google Analytics 4).
  • Support and communications — the content of messages you send us.

2. Why we use it (legal bases under UK GDPR)

  • To provide and secure the service — performance of contract.
  • To process payments and prevent fraud — legal obligation and legitimate interest.
  • To send service emails (billing, security, product changes) — legitimate interest.
  • To send marketing emails — only with your consent, which you can withdraw at any time via the unsubscribe link or your account settings.
  • To improve the service via anonymised analytics — legitimate interest.

3. Who we share data with

We share data only with the processors needed to run Atelio:

  • Cloud hosting and CDN (Vercel Inc., USA — SCC-backed transfer).
  • Database hosting (Railway Corp., USA — SCC-backed transfer).
  • AI model providers (Google LLC / Anthropic PBC for generation; subject to their data policies).
  • Analytics (Google Analytics 4, with anonymised IPs).
  • Email delivery (transactional and, where opted-in, marketing).
  • Payment processing (Stripe) — we never see full card numbers.

We do not sell your personal data. We do not use Your Content to train third-party models.

4. Retention

We retain account and content data while your account is active and for up to 12 months after closure so you can reopen. Billing records are kept for 6 years to meet HMRC requirements. Analytics data is retained for 14 months.

5. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data (subject to legal retention obligations).
  • Restrict or object to processing.
  • Receive your data in a portable format.
  • Withdraw consent at any time where we rely on consent.
  • Complain to the ICO (ico.org.uk) if you believe we have mishandled your data.

To exercise any of these rights, email support@utilityseo.com. We respond within one month.

6. Cookies

We use essential cookies to keep you signed in and remember your workspace. We use analytics cookies (Google Analytics 4) only where permitted by your region's rules or your explicit consent. You can manage cookie preferences at any time in your browser settings.

7. International transfers

Some of our processors (notably hosting in the United States) are located outside the UK. Where this is the case we rely on UK IDTAs or EU Standard Contractual Clauses plus supplementary measures to ensure an equivalent level of protection.

8. Security

We use industry-standard safeguards: encryption in transit (TLS 1.2+) and at rest, hashed passwords (bcrypt), least-privilege access, logged admin actions. No system is perfect — promptly report suspected breaches to support@utilityseo.com.

9. Changes

We may update this policy. Material changes will be notified by email or in-app at least 14 days before taking effect.

Contact

UtilitySEO Ltd · 4 Frances Street, Cheadle, SK8 2AE · Company No. 17055142 · ICO Registration: C1885551 · support@utilityseo.com