ATC Logo
Add Products

Privacy Policy

Last updated: November 30, 2025

1. Introduction

This Privacy Policy describes how CodeSteak LLP ("we," "us," or "our") and GRID Labs LLC collect, use, and protect your personal information when you use the ATC platform ("Service").

We are committed to protecting your privacy and ensuring the security of your personal information. By using our Service, you consent to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name, username, and password
  • Payment Information: Billing address and payment details (processed securely by Stripe)
  • Product Content: Images, product descriptions, and catalog data you upload
  • Communications: Messages you send to our support team

2.2 Information We Collect Automatically

  • Device Information: Browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, time spent on the Service
  • Log Data: IP address, access times, error logs
  • Cookies: Session cookies, preference cookies, analytics cookies

2.3 Information from Third Parties

  • Payment Processors: Transaction confirmations and billing status from Stripe
  • Analytics Providers: Aggregated usage data from Vercel Analytics

3. How We Use Your Information

We use your information for the following purposes:

  • Service Delivery: To provide, maintain, and improve the ATC platform
  • AI Processing: To process your images and generate enhanced content using AI
  • Account Management: To create and manage your user account
  • Billing: To process payments and manage subscriptions
  • Communication: To send transactional emails, updates, and support responses
  • Security: To detect, prevent, and address fraud and security issues
  • Analytics: To understand how users interact with our Service
  • Legal Compliance: To comply with legal obligations and enforce our terms

4. How We Share Your Information

We may share your information with:

  • Service Providers: Third parties who assist us in operating the Service (hosting, payment processing, AI processing)
  • AI Providers: Your product images are processed by Google's Gemini AI for enhancement and content generation
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize sharing

We do not sell your personal information to third parties.

5. Data Storage and Security

5.1 Storage: Your data is stored on secure servers provided by Supabase (database) and Vercel (application hosting). Product images are stored on Vercel Blob Storage.

5.2 Security Measures: We implement industry-standard security measures including:

  • Encryption of data in transit (TLS/SSL)
  • Encryption of data at rest
  • Regular security audits and updates
  • Access controls and authentication
  • Secure payment processing via Stripe (PCI-DSS compliant)

5.3 Data Retention: We retain your data for as long as your account is active. Upon account deletion, we remove your data within 30 days, except where retention is required by law.

6. Your Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate personal information
  • Deletion: Request deletion of your personal information
  • Portability: Request transfer of your data in a machine-readable format
  • Objection: Object to processing of your personal information
  • Withdrawal of Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at the addresses provided below.

7. Cookies and Tracking

We use cookies and similar technologies to:

  • Keep you signed in to your account
  • Remember your preferences
  • Analyze how you use our Service
  • Improve Service performance

You can control cookies through your browser settings. However, disabling cookies may affect the functionality of the Service.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States and India. These countries may have different data protection laws. We take appropriate safeguards to ensure your information is protected in accordance with this Privacy Policy.

9. Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Your continued use of the Service after changes become effective constitutes your acceptance of the updated Privacy Policy.

12. Data Protection Officer

For privacy-related inquiries, complaints, or to exercise your data rights, please contact our Data Protection team at the addresses below.

13. Contact Information

For questions about this Privacy Policy or our data practices, please contact us:

GRID Labs LLC (United States)

16192 Coastal Highway, Lewes, DE 19958

Phone: +1 (628) 251-1367

Email: pay@gridlabs.org

CodeSteak LLP (India)

56/3112, Dotspace Business Center, Cloud 9, 9th Cross Road Intersection, Avenue Road

Ernakulam, Kerala 682036, India

Phone: +91 8606536820

Email: ceo@codesteak.com

GSTIN: 32AAOFC0538M1ZD

14. Jurisdiction-Specific Provisions

For India Residents (DPDP Act 2023)

Under the Digital Personal Data Protection Act, 2023, you have rights including access, correction, and erasure of your personal data. You may file a complaint with the Data Protection Board of India if you believe your data rights have been violated.

For California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act, including the right to know, delete, and opt-out of sale of personal information. We do not sell your personal information.

For EU/EEA Residents (GDPR)

If you are in the EU/EEA, you have rights under the General Data Protection Regulation including access, rectification, erasure, portability, and the right to lodge a complaint with a supervisory authority.