Privacy policy

Last updated: May 9, 2026

Atrium is operated by Ridgeline Labs LLC, a Georgia limited liability company doing business as Atrium ("Atrium," "we," "us," "our"). This policy explains what we collect, why, and what control you have.

What we collect

  • Account. Email address, and a password hash held by our authentication provider. If you sign in with Google, your email and Google account ID.
  • Your content. Alcoves, marks, photos, notes, and dates that you save. Photos are stored on Amazon S3.
  • Generated artifacts. Reflections produced by Atrium from your content (Through My Eyes, View Into the Alcove, Valediction).
  • Payments. If you purchase Keepsake or Legacy, Stripe processes the transaction. We receive a Stripe customer ID, the products purchased, subscription status, and timestamps. We never see your card number.
  • Operational data. Server logs (IP, browser, paths, errors) used to run and debug the service.

We do not run advertising trackers, sell data, or operate marketing pixels.

How we use AI

Atrium uses Claude, by Anthropic, to generate the reflections inside your alcoves. When an artifact is generated, the relevant content from that alcove is sent to Anthropic's API and the reflection is returned and stored.

We chose Anthropic deliberately. They are contractually committed not to use API content to train their models, and we make the same commitment to you: nothing you save in Atrium is used to train any AI system, ours or theirs.

How we use your data

To operate the service, generate the reflections you've signed up for, process payments, send transactional email, diagnose problems, and comply with legal obligations. Nothing else.

Subprocessors

The following companies process some portion of your data on our behalf, under contractual obligations:

Clerk (authentication), Anthropic (artifact generation), Stripe (payments), Vercel (hosting), Neon (database), Amazon Web Services (photo storage), Cloudflare (DNS), Sentry (error monitoring), Resend (email), Mapbox (reverse-geocoding photo coordinates to landmark or locality names).

Your rights

You can access, correct, export, or delete your data. If you're in the EEA, UK, or California, you have additional statutory rights under the GDPR, UK GDPR, or CCPA — including objection to processing and non-discrimination for exercising your rights.

To exercise any right, email privacy@atrium.place. We respond within 30 days.

Account deletion

When you delete your account, your sign-in is closed immediately and your alcoves and content are retained for 30 days. To recover during that window, email privacy@atrium.place and we will re-open your sign-in. After 30 days, your account is permanently erased and we send you a confirmation. Routine backups age out within 30 days after that.

Children

Atrium is not directed at children under 13 and we do not knowingly collect their data. If a child has provided personal information, email privacy@atrium.place and we will delete the account.

Changes

If we make a material change, we'll notify you by email and update the date above. Continued use after the change constitutes acceptance.

Contact

privacy@atrium.place

Ridgeline Labs LLC, a Georgia limited liability company, doing business as Atrium.