Privacy Policy

This Privacy Policy describes how Atlasio Media ("we," "us," or "our"), operating under the brand Quevia, collects, uses, and protects your personal information when you use our website at quevia.io and our services (collectively, the "Service").

Atlasio Media is located at 30 N Gould St Ste R, Sheridan, WY 82801, United States.

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with our practices, please do not use the Service.

2.1 Information You Provide

• Account Information: When you register, we collect your email address and password.
• Profile Information: Your name, preferred language, and timezone settings.
• Payment Information: When you subscribe to a paid plan, payment processing is handled by Stripe. We do not store your credit card details.
• Social Media Credentials: When you connect social media accounts (X/Twitter, YouTube, Pinterest, etc.), we store OAuth tokens required to post on your behalf. These tokens are encrypted and secured via Row Level Security.
• API Keys: If you provide third-party API keys (e.g., OpenAI, Google Gemini), they are stored securely and only accessible by you.
• Content: Posts, articles, media, and any content you create or upload through the Service.
• Withdrawal Information: Bank or PayPal details you provide for affiliate commission payouts.

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, and interaction patterns within the Service.
• Device Information: Browser type, operating system, device type, and screen resolution.
• Log Data: IP address, access times, and referring URLs.
• Cookies: We use essential cookies for authentication and session management. See Section 7 for details.

We use the information we collect to:

• Provide, maintain, and improve the Service.
• Authenticate your identity and manage your account.
• Publish content to your connected social media platforms on your behalf.
• Process payments and manage subscriptions via Stripe.
• Process affiliate commission withdrawals.
• Send transactional emails related to your account (e.g., password resets, subscription confirmations).
• Monitor and analyze usage trends to improve user experience.
• Detect, prevent, and address security issues or abuse.
• Comply with legal obligations.

We do not sell your personal information. We may share information in the following limited circumstances:

• Service Providers: We use third-party services to operate the platform, including Supabase (database and authentication), Stripe (payments), and social media platform APIs (content publishing). These providers only access data necessary to perform their functions.
• Social Media Platforms: When you connect a social account and publish content, that content is shared with the respective platform (X/Twitter, YouTube, Pinterest, LinkedIn, etc.) according to their own privacy policies.
• AI Providers: If you use AI-powered features, content may be sent to OpenAI or Google Gemini for processing. This is done using your own API keys when provided.
• Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

We implement industry-standard security measures to protect your data:

• All data is transmitted over HTTPS with TLS encryption.
• Database access is protected by Row Level Security (RLS), ensuring users can only access their own data.
• OAuth tokens and API keys are stored securely with restricted database access.
• Authentication is managed by Supabase Auth with secure session handling.
• Payment processing is handled entirely by Stripe, which is PCI-DSS compliant.

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

• Account Data: We retain your account data for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.
• Content: Posts and media you create are retained until you delete them or close your account.
• OAuth Tokens: Social media tokens are retained while the connection is active and deleted when you disconnect the account.
• Logs: Server logs are retained for up to 90 days for security and debugging purposes.

We use the following types of cookies:

• Essential Cookies: Required for authentication, session management, and security. These cannot be disabled.
• Preference Cookies: Store your language and interface preferences.

We do not use advertising or tracking cookies. We do not use third-party analytics services that track individual users across websites.

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data (right to be forgotten).
• Portability: Request a machine-readable copy of your data.
• Objection: Object to certain types of processing.
• Restriction: Request that we limit how we use your data.

To exercise any of these rights, please contact us at the email address provided in Section 12.

Our servers and service providers may be located in the United States and other countries. If you are accessing the Service from outside the United States, your data may be transferred to and processed in the United States. By using the Service, you consent to such transfers.

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete that information promptly.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the revised policy.

If you have any questions or concerns about this Privacy Policy, please contact us: