A
Athena← Back to Home

Privacy Policy

Effective Date: 11th January 2026

1Who We Are

Athena ("we", "our", or "us") is an intelligent business platform that empowers organisations with document analysis, automated workflows, and secure internal communication tools via our web and mobile applications.

Our Contact Details:

We act as a Data Controller for the personal data you provide directly to us (such as account registration) and as a Data Processor for the organisational data and documents you process through our platform.

2What Information We Collect

We may collect and process the following categories of data to provide our services:

a) Personal Data

  • Name and Job Title
  • Email address
  • Organisation affiliation
  • Login credentials (encrypted)
  • Profile information provided during onboarding

b) Technical and Usage Data

  • IP address and device identifiers (for mobile and web)
  • App usage statistics (features used, time spent)
  • Crash logs and performance diagnostics
  • Operating system and browser type

c) Business Data & Integrations

  • Documents: Files uploaded for processing, analysis, or storage (e.g., PDFs, Word documents).
  • Chat Data: Messages, images, and files sent via the Athena mobile or web chat features.
  • Integration Data: Data accessed via connected services (e.g., Google Drive, OneDrive, Notion) based on your explicit permissions.
  • Metadata: Information about files (size, type, creation date) and processing logs (e.g., error reports, success status).

3How We Use Your Information

We process your data for the following specific purposes:

  • Service Provision: To enable document upload, analysis, storage, and retrieval, and to facilitate real-time chat communication between organisation members.
  • Automation: To execute workflows triggered by your data (e.g., classifying documents, extracting text).
  • User Management: To manage organisation invites, roles, and access permissions.
  • Improvement: To enhance the accuracy of our AI models, app performance, and user experience.
  • Communication: To send important service updates, security alerts, and support responses.
  • Compliance: To fulfill legal obligations and ensure the security of our platform.

We rely on lawful bases for processing, including contractual necessity (to provide the service you signed up for), legitimate interests (to improve our product), and consent (for optional integrations).

4Data Security

We prioritise the security of your organisational data and implement robust measures, including:

Encryption

Data is encrypted in transit (using TLS 1.3) and at rest (using AES-256).

Enterprise Infrastructure

Hosted on Supabase (SOC2 Type 2 & HIPAA compliant).

Access Control

Strict role-based access controls (RBAC) for sensitive documents.

Regular Audits

Routine security reviews of code and infrastructure.

5Sharing Your Data

We do not sell your data to third parties.

We may share data with:

  • Sub-processors: Trusted third-party service providers who assist in hosting, AI processing, and infrastructure (e.g., Supabase for database, OpenAI/Anthropic for AI analysis, Resend for emails).
  • Integrations: When you connect a third-party service (like Google Drive or OneDrive), data is shared strictly in accordance with your instructions and permissions.
  • Legal Authorities: If required by law, court order, or to protect the rights and safety of Athena or its users.

6Your Rights

Under the UK GDPR and applicable data protection laws, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request erasure of your data ("Right to be Forgotten").
  • Restrict or object to specific processing activities.
  • Request portability of your data to another service.
  • Withdraw consent at any time where processing is based on consent.
  • Lodge a complaint with the Information Commissioner's Office (ICO).

To exercise any of these rights, please contact us at lee@zeus-ai.co.uk.

7Cookies and Mobile Permissions

Web

We use essential cookies to maintain your session and login state. We may use analytical cookies to understand how our site is used, which you can manage in your browser settings.

Mobile App

The Athena mobile app may request permissions for features such as Notifications (for chat alerts), Camera/Gallery (for document uploads), and Storage. You can manage these permissions in your device settings at any time.

8Data Retention

We retain your personal and business data only for as long as your account is active or as needed to provide you with our services.

  • Documents & Chat: Retained for the duration of your workspace's active subscription, or until manually deleted by an administrator.
  • Inactive Accounts: Data from closed accounts may be deleted or anonymised after a grace period, in accordance with our retention schedule.

9International Data Transfers

Our infrastructure is global. Where data is transferred outside the UK or EEA, we ensure it is protected by appropriate safeguards, such as Standard Contractual Clauses (SCCs) or by relying on providers in countries deemed adequate by the UK Government.

10Changes to This Policy

We may update this Privacy Policy to reflect changes in our technology or legal requirements. The latest version will always be available on our website and within the mobile app settings. Significant changes will be communicated via email or in-app notification.

11Contact Us

If you have questions about this policy, your privacy, or our data handling practices, please contact:

Athena Support Team

Email: lee@zeus-ai.co.uk

Website: www.askathena-ai.co.uk