Privacy

How we handle your information.

Atlas One serves a small number of clients. The principles below describe how we treat the information you share with us — both before and during engagement.

Last updated April 2026 · Atlas One

Summary

We collect nonpublic personal information about you that is provided to us by you or obtained by us with your authorization. We do not disclose any nonpublic personal information about our clients or former clients to anyone, except as permitted by law or as necessary to provide our services to you. We maintain physical, electronic, and procedural safeguards in compliance with federal regulations to guard your nonpublic personal information.

What we collect

We collect only the information necessary to serve you. This includes:

Inquiry information. The name, email, phone, and message you submit through our inquiry form.
Engagement information. If we enter an engagement, the documents and intake responses you provide directly — tax returns, trust documents, brokerage statements, and the answers you give in your onboarding.
Authorized data feeds. Where you explicitly authorize, read-only data feeds from financial aggregators (Plaid, Yodlee, Carta, Addepar, etc.).
Conversation logs. Records of your interactions with the Atlas console and any briefs generated for you.

What we do not do

We do not sell, rent, or share your information with third parties for marketing purposes.
We do not add inquiry contacts to any marketing list.
We do not use client data to train any general AI model. Your data trains only your private instance.
We do not custody assets, execute trades, or sell securities.

Who sees your information

Inside Atlas One, only your named engagement team has access to your file, under a strict need-to-know policy. Every query against your data is logged and reviewable by you on request. Subprocessors with access to encrypted data (cloud infrastructure, document storage) are listed in our DPA, made available on engagement.

How we secure information

AES-256 encryption at rest and in transit.
Hardware-backed key management with scheduled rotation.
Two-factor authentication required for all client and staff access.
Audit trail of every document read, every brief generated, every query against your file.

Your rights

At any time during or after engagement, you may:

Request a copy of all information we hold about you.
Request correction of any inaccurate information.
Revoke any data-feed authorization, immediately.
Request deletion of your file, subject to professional record-retention requirements.

Retention

Standard engagement records are retained for the life of the engagement plus seven years, consistent with professional standards for tax advisory practice. We will customize retention on request. After retention expires, records are deleted from active and backup systems.

Cookies and analytics

Our public site uses minimal, privacy-respecting analytics. We do not set advertising cookies, third-party tracking pixels, or social media trackers.

Changes to this policy

We may update this policy as the practice or applicable law evolves. Material changes will be reflected in the “last updated” date above. Where a change affects existing clients, we will provide notice through the channel of record.

Contact

Questions about this policy or about information we hold should be directed through the inquiry form or, for existing clients, through your named partner.