AI & Data Processing Policy

Overview

AtlantisFX Oy, referred to as “AtlantisFX”, “we”, “us”, or “our”, may use AI-assisted tools and automation methods to support professional digital services. These services may include AI visibility analysis, SEO infrastructure review, website analysis, local visibility review, automation planning, report generation, workflow mapping, content structuring, and client portal service workflows.

This Policy explains how AtlantisFX approaches AI-assisted processing, what types of data may be involved, why AI tools may be used, how human review fits into service delivery, what limitations apply to AI outputs, and how this Policy connects with privacy, security, payments, and service terms.

This Policy should be read together with the Privacy Policy, Terms of Service, Cookie Policy, Payment Security, and Refund & Cancellation Policy.

AtlantisFX Role in AI-Assisted Services

AtlantisFX generally uses AI-assisted tools as a business service provider, consultant, workflow builder, website analyst, SEO infrastructure reviewer, automation planner, or client-facing digital service provider.

AtlantisFX does not claim that it owns, trains, controls, or operates every underlying AI model used by third-party AI providers. Where third-party AI systems are used, those providers may have their own technical architecture, privacy terms, model behavior, safety systems, usage rules, and processing practices.

Depending on the project, AtlantisFX may act as a controller for its own business operations, or as a processor/service provider for client-provided data under a specific written agreement. Where a separate data processing agreement or project contract applies, that agreement may define the relevant roles more specifically.

AI-Assisted Tools and Systems We May Use

AtlantisFX may use one or more AI-assisted or automation-related tools to support service delivery. The exact tools may change over time depending on availability, security, client requirements, legal requirements, performance, cost, and project scope.

Data That May Be Processed with AI-Assisted Tools

Depending on the service, AtlantisFX may process different types of data with AI-assisted tools or automation systems. The data may include:

• website URLs, public website content, page structure, metadata, screenshots, and technical observations;
• business name, brand name, company profile, services, industry, target market, and public online presence;
• client-provided project notes, explanations, files, messages, documents, reports, and screenshots;
• SEO-related data, content topics, internal link structure, ranking context, indexing observations, and visibility issues;
• automation workflow descriptions, process maps, trigger logic, task steps, forms, client portal status, and reporting needs;
• communication content such as support requests, project messages, revision requests, summaries, and approvals;
• billing or payment status labels where needed for client portal workflows, but not full payment card details;
• technical logs or operational metadata where needed for troubleshooting, security, or service delivery.

AtlantisFX aims to avoid sending unnecessary personal data to AI-assisted tools. Where appropriate, information may be minimized, summarized, anonymized, pseudonymized, redacted, or structured before being used in AI-assisted workflows.

Why AtlantisFX Uses AI-Assisted Processing

AtlantisFX may use AI-assisted processing for the following purposes:

Legal Bases for AI-Related Personal Data Processing

Where AI-assisted processing involves personal data and GDPR applies, AtlantisFX relies on an appropriate legal basis depending on the context. This may include:

If a client requires AtlantisFX to process personal data as a processor on behalf of the client, the relevant project should use appropriate written instructions and, where required, a data processing agreement.

Human Review and Client Approval

AI-assisted tools may support analysis and drafting, but important outputs should be reviewed before they are used for business, legal, technical, financial, medical, HR, or client-facing decisions.

AtlantisFX aims to use human review for important deliverables, recommendations, client reports, website changes, policy wording, automation logic, payment status interpretation, project status, and client-facing communication.

Clients are responsible for reviewing deliverables before publishing, using, sending, approving, implementing, or relying on them. This is especially important for legal-sensitive content, public claims, regulated industries, financial information, medical content, tax/accounting content, and customer-facing promises.

AI Output Limitations

AI systems can produce incorrect, incomplete, outdated, biased, speculative, inconsistent, or misleading output. They may misunderstand context, invent facts, miss legal details, misread website content, overstate certainty, or provide recommendations that require professional review.

AtlantisFX does not guarantee that AI-assisted outputs will be error-free, complete, current, legally sufficient, search-engine-approved, algorithmically favored, or accepted by any third-party platform.

AI-assisted recommendations do not guarantee Google ranking, AI search visibility, ChatGPT-style answer inclusion, local map ranking, traffic, conversion, leads, revenue, brand recognition, or third-party platform approval.

Any AI-assisted output should be evaluated in context and may need manual correction, specialist review, client approval, or legal/professional advice before use.

Sensitive Data and Data Minimization

AtlantisFX aims to minimize unnecessary personal data in AI-assisted workflows. Clients and users should not submit highly sensitive information unless AtlantisFX specifically requests it through an appropriate secure process.

Do not send the following for AI-assisted processing unless specifically requested and legally appropriate:

• passwords, login credentials, private keys, API secrets, access tokens, or database passwords;
• full payment card numbers, card security codes, banking passwords, or authentication codes;
• health data, medical diagnoses, biometric data, or highly sensitive personal data;
• government ID documents, passport numbers, national identification numbers, or tax identifiers unless required;
• children’s data or data about minors;
• trade secrets, confidential contracts, or third-party data without authorization;
• data you do not have a legal right to provide.

Client-Provided Data and Responsibility

Clients are responsible for ensuring that they have the right to provide data, documents, website access, screenshots, business information, customer information, employee information, analytics exports, or third-party materials to AtlantisFX for processing.

If client-provided materials contain personal data, confidential information, copyrighted content, trade secrets, or third-party data, the client must ensure that sharing the material with AtlantisFX is lawful and consistent with applicable agreements, privacy notices, confidentiality duties, and internal policies.

AtlantisFX may reject, delete, redact, restrict, or refuse to process materials that appear excessive, unlawful, unnecessary, unsafe, sensitive, or outside the agreed project scope.

Automation Workflows and Decision Support

AtlantisFX may design or support automation workflows for business operations, website analysis, lead handling, reporting, client communication, task management, file organization, data extraction, and project status updates.

Automation workflows should be treated as decision-support and process-support systems unless explicitly agreed otherwise. Clients should review automation outputs and monitor workflow behavior, especially where the automation affects customers, payments, contracts, public website content, legal notices, regulated sectors, or business-critical actions.

AtlantisFX does not intend to make decisions that produce legal or similarly significant effects about individuals based solely on automated processing. If a project could involve such processing, the client must raise this before implementation so appropriate legal and technical safeguards can be reviewed.

Third-Party AI Providers and Tools

AtlantisFX may use third-party AI providers, automation platforms, hosting services, analytics tools, SEO tools, project management systems, WordPress plugins, form tools, payment processors, and cloud services as part of service delivery.

These providers may process data according to their own terms, privacy policies, security measures, retention rules, model policies, API documentation, and legal obligations. AtlantisFX does not control every technical or contractual detail of third-party systems.

AtlantisFX aims to select tools that are appropriate for the service context, but third-party providers may change their features, policies, pricing, availability, model behavior, security systems, or processing locations over time.

Security and Access Controls

AtlantisFX aims to apply reasonable technical and organizational measures to protect project data and AI-related processing. The exact safeguards depend on the project, tool, client requirements, data type, service scope, and risk level.

Safeguards may include access limitation, role-based access where available, secure hosting, HTTPS, redaction, data minimization, password protection, controlled file sharing, temporary access, project separation, backups where available, and manual review of sensitive outputs.

No AI tool, website, cloud platform, plugin, API, browser, email system, or automation workflow can be guaranteed to be completely secure. Clients are responsible for securing their own systems, accounts, passwords, access rights, and internal approvals.

Retention of AI-Related Data

AtlantisFX may retain AI-related project data as long as reasonably necessary for service delivery, support, client communication, project records, troubleshooting, legal compliance, accounting, dispute handling, quality control, and business continuity.

AI-related data may include prompts, summaries, reports, website analysis notes, project documents, workflow logic, output drafts, revision notes, client approvals, technical observations, and communication records.

AtlantisFX may delete, anonymize, archive, restrict, or aggregate data when it is no longer needed, unless a longer retention period is required or permitted by law. For broader retention rules, see the Privacy Policy.

Data Protection Rights

If AI-assisted processing involves your personal data and GDPR or similar law applies, you may have rights such as access, rectification, erasure, restriction, portability, objection, consent withdrawal, and complaint to a supervisory authority.

The availability of these rights depends on the legal basis, processing context, project role, retention requirements, legal obligations, and whether AtlantisFX acts as a controller or processor for the relevant data.

To make a privacy or data protection request, contact AtlantisFX through Contact & Company Information. More detail is available in the Privacy Policy.

Restricted and Prohibited Uses

AtlantisFX may refuse or discontinue projects that involve unlawful, deceptive, abusive, unsafe, discriminatory, manipulative, privacy-invasive, fraudulent, or high-risk AI use.

AtlantisFX does not support the use of AI systems for:

• fraud, impersonation, identity theft, phishing, malware, spam, or deceptive automation;
• unlawful surveillance, unauthorized scraping, credential theft, or privacy-invasive tracking;
• discriminatory profiling, unlawful employment screening, or high-risk automated decisions without safeguards;
• medical, legal, financial, tax, or regulated professional decisions without appropriate qualified review;
• misleading claims about rankings, AI visibility, certifications, compliance, or guaranteed business outcomes;
• processing data without the required rights, notices, approvals, or legal basis;
• publishing AI-generated content that is misleading, defamatory, infringing, or materially inaccurate.

AtlantisFX may require additional review, documentation, legal consultation, technical safeguards, or client approval before working on projects that involve higher legal, privacy, safety, or reputational risk.

Quality, Accuracy, and Monitoring

AtlantisFX aims to improve the quality of AI-assisted services through human review, client feedback, version control, manual correction, source checking where appropriate, prompt refinement, structured workflows, and service-specific quality checks.

Clients should report errors, unclear output, outdated recommendations, incorrect assumptions, harmful suggestions, or missing context as soon as possible so AtlantisFX can review and correct the issue where appropriate.

AI-assisted workflows may need updates over time because websites, search engines, AI tools, legal requirements, market conditions, third-party platforms, and automation systems change.

Contact About AI and Data Processing

Questions about AI-assisted processing, data handling, automation workflows, privacy rights, sensitive data, project scope, or tool usage should be sent through the official AtlantisFX contact channel.

External Reference Sources

These public reference sources are provided for transparency. They do not replace this Policy, legal advice, official legal interpretation, or provider-specific terms.