Skip to content
Legal

Privacy Policy

Last updated: March 18, 2026

Overview

Atloria ("we", "us", "our") is a documentation platform operated by Sherkety. This Privacy Policy explains what data we collect, why we collect it, and how we protect it when you use atloria.dev and any published documentation at *.atloria.app.

By using Atloria, you agree to the practices described in this policy. If you do not agree, please do not use the service.

What We Collect

Account & profile data
  • Name and email address (when you register)
  • Organization name and billing details
  • Profile preferences and settings
Repository & project data
  • Repository URLs and connection credentials (read-only access)
  • Source code structure — we parse it to generate documentation; we do not store raw source files beyond the active pipeline run
  • Generated documentation content (MDX, articles, API specs)
  • Project configuration and automation settings
Usage data
  • Pages visited, features used, and time spent
  • API request logs (endpoint, timestamp, response status)
  • Error reports and crash diagnostics
  • Browser type, OS, and IP address
Collaboration data
  • Comments, suggestions, and document edits
  • Real-time collaboration sessions (Yjs CRDT — not persisted beyond the session)
  • Activity logs within your organization

How We Use Your Data

  • To generate, publish, and sync your documentation
  • To operate, maintain, and improve the platform
  • To authenticate you and secure your account
  • To send transactional emails (account setup, job completion, alerts)
  • To provide customer support
  • To detect and prevent abuse, fraud, or security incidents
  • To comply with legal obligations
ℹ️We do not sell your data. We do not use your source code or documentation to train AI models.

AI Processing

Atloria uses AI models (including Azure OpenAI and optionally Anthropic Claude) to generate documentation from your codebase. When a documentation job runs:

Your code structure is parsed locally by our parser engine. Extracted metadata (component names, API signatures, schemas — not raw source code) is sent to the AI provider to generate human-readable documentation.

We use Azure-hosted AI services, which means your data stays within Azure's infrastructure and is subject to Microsoft's enterprise data protection commitments. AI providers do not use your data to train their models under our enterprise agreements.

Processed data is not retained by the AI provider beyond the API call.

Data Storage & Security

  • Data is stored in PostgreSQL databases hosted on Azure infrastructure
  • All data is encrypted at rest (AES-256) and in transit (TLS 1.2+)
  • Authentication uses JWT tokens with short expiry and secure refresh flows
  • Generated assets (screenshots, images) are stored in Azure Blob Storage
  • We perform regular backups and security audits
  • Access to production data is restricted to authorized personnel only

Published Documentation (*.atloria.app)

When you publish documentation to a subdomain (e.g. yourapp.atloria.app), that content becomes publicly accessible. You are responsible for ensuring:

— You have the rights to publish the content — The published content does not expose sensitive credentials, personal data, or proprietary information

Atloria does not review or moderate published documentation. You can unpublish at any time from your project settings, which removes the content from public access within minutes.

Third-Party Services

Service
Purpose
Azure (Microsoft)
Hosting, databases, AI processing, blob storage
Neo4j
Knowledge graph storage for code relationships
Redis
Session caching and job queues
RabbitMQ
Parser job queue processing
Playwright
Screenshot capture for tutorial generation
ℹ️We do not use advertising networks, tracking pixels, or third-party analytics beyond what is necessary to operate the service.

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you
  • Correction — request that we fix inaccurate or incomplete data
  • Deletion — request deletion of your account and associated data
  • Portability — request an export of your data in a machine-readable format
  • Objection — object to certain types of processing
  • Withdrawal — withdraw consent at any time where processing is consent-based
ℹ️To exercise any of these rights, contact us at privacy@atloria.dev. We will respond within 30 days.

Data Retention

  • Active account data is retained for as long as your account exists
  • Generated documentation is retained until you delete the project
  • Usage logs are retained for 90 days
  • Deleted account data is purged within 30 days
  • Backups are retained for 7 days then overwritten

Cookies

We use a minimal set of cookies strictly necessary to operate the service:

— Session cookies to keep you logged in — CSRF protection tokens — Preference cookies (theme, language)

We do not use advertising cookies, cross-site tracking cookies, or third-party analytics cookies. You can disable cookies in your browser, but this will prevent you from logging in.

Children's Privacy

Atloria is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

Changes to This Policy

We may update this policy as the platform evolves. When we make material changes, we will notify you by email or via an in-app notice at least 14 days before the change takes effect. The "Last updated" date at the top of this page will always reflect the current version.

Contact

For privacy-related questions, data requests, or concerns:

Email: privacy@atloria.dev Company: Sherkety Platform: atloria.dev