Last updated: May 2026

Privacy Policy

This Privacy Policy explains how EdgeAccess collects, uses, and protects your personal data when you use our service.

1. Data Controller

The controller responsible for your personal data is:
atio GmbH
Karlstr. 37
D-89073 Ulm, Germany
Email: info@atio.de

2. Data We Collect and Why

Category Data Purpose Legal basis Retention
Account Email, full name, password hash, company name Authentication and account management Art. 6(1)(b) GDPR — contract performance Duration of account + 30 days after deletion
Team access Email, role, invitation history Access control and team management Art. 6(1)(b) GDPR Duration of account
Billing Email, company name, subscription status Subscription and payment management Art. 6(1)(b) GDPR 10 years (§ 147 AO — German tax law)
Security logs IP address, email, timestamps of login events Fraud prevention and security monitoring Art. 6(1)(f) GDPR — legitimate interests 365 days
Audit logs User actions, IP address, timestamps Compliance and operational audit trail Art. 6(1)(f) GDPR 365 days (configurable per workspace)
Consent Timestamp of Terms of Service acceptance Legal record of consent Art. 6(1)(c) GDPR — legal obligation Duration of account + 3 years

We do not use tracking pixels, advertising cookies, or sell data to third parties.

3. Processors and Sub-processors

We share data with the following processors under data processing agreements:

4. Data Transfers Outside the EEA

Stripe, Cloudflare, and Resend may process data in the United States. Transfers are covered by the EU–US Data Privacy Framework or Standard Contractual Clauses where required.

5. Your Rights

Under GDPR you have the right to:

To exercise any of these rights, email info@atio.de. We will respond within 30 days.

You also have the right to lodge a complaint with the supervisory authority in your EU member state. In Germany: Bundesbeauftragter für den Datenschutz (BfDI).

6. Cookies and Local Storage

We use only essential cookies and browser local storage necessary for the service to function (authentication tokens and session state). We do not use analytics, advertising, or tracking cookies. See our Cookie Policy for details.

7. Security

Passwords are stored as bcrypt hashes. Data is transmitted over TLS. Access is controlled by role-based permissions. We do not store payment card data.

8. Changes to This Policy

We may update this policy from time to time. We will notify you by email and update the "Last updated" date above. Continued use of the service after notification constitutes acceptance.

9. Contact

For privacy-related enquiries:
Email: info@atio.de
Post: atio GmbH, Karlstr. 37, D-89073 Ulm, Germany