Skip to content
Atelyra.
Get started
Home

Legal

Privacy Policy

Last updated May 3, 2026

These terms are written for clarity, but they are still legal documents. If you’re unsure how a clause applies to your situation, consult counsel.

This Privacy Policy describes how Atelyra(“we,” “us,” or “our”) handles personal information when you visit our website, create an account, buy or sell services, or otherwise use our marketplace and related features. By using Atelyra, you agree to this policy and our Terms & Conditions.

1. Information we collect

We collect personal information in three broad ways: information you give us, information generated when you useAtelyra, and (in limited cases) information from third parties such as payment processors or identity verification vendors when you authorize them.

  • Account and profile data — display name, email address, username or handle, hashed password, country or region, language preference, phone number if provided, profile biography, skills or tags, avatar image, links to portfolio sites, and verification or KYC details you submit when eligible programs require them.
  • Listing and creative content — gig titles and descriptions, uploaded images or files, package pricing, revision rules, FAQs, and similar materials needed to present and fulfil services.
  • Transaction and order data — order identifiers, milestones or delivery states, chat and file attachments associated with an order, dispute notes, reviews and ratings, refund or cancellation metadata, and payment references (we generally do not store full card numbers; those are handled by payment partners).
  • Communications — messages you send through in-product chat, support tickets, and email correspondence with our team, including metadata such as timestamps and delivery status.
  • Usage and device data — IP address, device type, operating system, browser type and version, referral URL, pages viewed, approximate location derived from IP, session identifiers, crash or error logs, and diagnostic events we use to secure accounts and improve reliability.
  • Cookies and similar technologies — see the dedicated section below for how we use cookies, local storage, and pixels.
  • Third-party data — information received from payment processors (transaction status, verification results), identity verification services (document authenticity), and social login providers (basic profile information you authorize sharing).

If you are in the European Economic Area, the United Kingdom, Switzerland, or another region with similar law, we rely on one or more of the following legal bases:

  • Contract — to provide the Service you request, process orders, and manage your account;
  • Legitimate interests — to secure the platform, prevent fraud, improve products, and communicate with you about the Service, balanced against your rights;
  • Consent — for optional cookies, marketing communications, or non-essential data processing where required by law;
  • Legal obligation — for tax reporting, accounting records, or law-enforcement requests.

You may have additional rights described in the “Your choices and rights” section below.

3. How we use information

We use personal information to:

  • Provide, operate, and improve Atelyra, including search, messaging, and order workflows;
  • Authenticate users, prevent fraud, and enforce our policies and applicable law;
  • Process payments, manage escrow, and facilitate payouts to sellers;
  • Send service-related notices (for example order updates and security alerts); send policy and compliance updates; and, where permitted, marketing or tips you can opt out of;
  • Personalize your experience, including search results and recommended services;
  • Analyze usage in aggregate to understand product usage and plan improvements;
  • Respond to your support requests, feedback, and inquiries.

4. Cookies and similar technologies

We use cookies and similar tools to keep you signed in, remember preferences, measure traffic, and detect abuse.

  • Strictly necessary cookies — required for core functions such as authentication, session security, and shopping cart persistence. These cannot be disabled.
  • Functional cookies — remember your preferences (language, theme, layout) to enhance your experience.
  • Analytics cookies — help us understand how users interact with the Service so we can improve features and performance.
  • Marketing cookies — used to deliver relevant advertisements and measure campaign effectiveness. These are only enabled with your consent where required by law.

You can control many cookies through your browser settings; blocking some cookies may limit certain features. Where law requires consent for analytics or marketing cookies, we will ask before enabling them.

5. Sharing and processors

We do not sell your personal information. We may share data with service providers who assist us (for example hosting, email delivery, analytics, and payment processing) under contracts that require appropriate safeguards. We may disclose information if required by law, to protect rights and safety, or in connection with a business transfer (e.g. merger) subject to consistent protections.

We require processors to use data only for the purposes we specify and to implement appropriate technical and organizational measures. Categories of processors include:

  • Cloud hosting and infrastructure providers;
  • Payment processing and fraud detection services;
  • Email delivery and communication platforms;
  • Analytics and performance monitoring tools;
  • Identity verification and KYC services;
  • Customer support and helpdesk software.

6. Security

We implement administrative, technical, and physical safeguards designed to protect personal information, including:

  • Encryption of data in transit (TLS) and at rest where appropriate;
  • Role-based access controls limiting who can view personal data;
  • Regular security assessments and penetration testing;
  • Monitoring for unauthorized activity and anomalous access patterns;
  • Incident response procedures for prompt breach notification.

No method of transmission or storage is completely secure; if you believe your account has been compromised, reset your password and contact support immediately.

7. Retention

We retain information as long as your account is active or as needed to provide the service, comply with legal obligations, resolve disputes, and enforce our agreements. Typical retention periods include:

  • Account data — retained while your account is active and for 30 days after deletion request;
  • Transaction records — retained for 7 years for tax and accounting compliance;
  • Support communications — retained for 3 years after resolution;
  • Usage logs — retained for up to 12 months for security and debugging purposes.

Some data may persist in encrypted backups for a limited period after deletion.

8. Your choices and rights

Depending on where you live, you may have rights to:

  • Access — request a copy of the personal data we hold about you;
  • Correction — update or correct inaccurate information;
  • Deletion — request removal of your personal data, subject to legal retention requirements;
  • Portability — receive your data in a structured, machine-readable format;
  • Restriction — limit processing of your data in certain circumstances;
  • Objection — object to processing based on legitimate interests.

You can update much of your profile in account settings. To exercise other rights, contact us using the details below. Marketing emails include an unsubscribe link. Service-related messages (security alerts, receipts, order updates) may continue while you maintain an account or as required for legal compliance.

9. Automated decision-making

We may use automated systems to help detect fraud, spam, or policy violations, or to rank search results. These systems support human review and are not intended to produce legal or similarly significant effects solely by automated means without human oversight, except where permitted by law and disclosed where required. You may request human review of automated decisions that significantly affect you.

10. U.S. state privacy notice

Residents of California, Virginia, Colorado, Connecticut, Utah, and other U.S. states with consumer privacy laws may have rights to know, access, delete, or opt out of certain processing of personal information, including “sale” or “sharing” for cross-context behavioural advertising as those terms are defined locally. We do not sell personal information for money. To exercise rights, use the contact methods below; we will verify your request as required by law and respond within applicable deadlines.

11. Children

Atelyra is not directed at children under 16 (or the age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have, please contact us and we will take steps to delete it promptly.

12. International transfers

If you use Atelyra from outside the country where our servers or vendors are located, your information may be transferred and processed across borders. We take steps designed to ensure appropriate safeguards where required.

When transfers originate from the EEA, UK, or Switzerland to countries not deemed adequate, we use mechanisms such as the EU Standard Contractual Clauses (SCCs), UK International Data Transfer Agreement, or other approved safeguards, unless an exception applies.

13. Do Not Track

Some browsers offer a “Do Not Track” signal. As there is no industry consensus on how to respond to these signals, we do not currently alter our data collection practices in response. We will update this section if standards evolve.

14. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and adjust the “Last updated” date. Material changes will be communicated by email or an in-product notice at least 30 days before taking effect where required by law.

15. Data controller

The data controller responsible for personal information processed through Atelyra is the legal entity operating the Service. For EU/UK representatives or a postal address for privacy requests, publish the details your counsel approves on your company site or contact page and reference them here.

16. Contact

For privacy-related questions or requests, contact us through the support options provided in the Atelyra product or at the contact address published on our site. Please include sufficient detail for us to verify your identity and locate relevant records (for example your account email and approximate dates of activity). We aim to respond to all privacy requests within 30 days.

See also our Terms & Conditions and Trust & Safety overview.