Privacy Policy

1. Purpose of this policy

This Privacy Policy explains how Bice AG, through Atlantic AI, processes personal data when you visit our website, submit a setup form, use Stripe checkout, access the Client Portal, or interact with our SaaS services.

2. Data we collect

• Contact data: name, work email, company, hotel or trading name.
• Billing and legal entity data: legal company name, company registration number, VAT or tax number, billing address, billing email, billing country.
• Website and onboarding data: website domain, country, room count, property setup, Apaleo onboarding status.
• Payment references: Stripe customer, subscription, checkout and payment references. We do not store full card numbers.
• Technical data: IP address, browser, device information, request logs, security events, and interaction data.
• Usage analytics: aggregated website interaction data through Matomo.

3. Why we process data

• To operate the Atlantic AI website and onboarding workflow.
• To create and manage SaaS subscriptions.
• To prepare billing, invoicing, VAT treatment, and accounting records.
• To provide Client Portal access and Apaleo onboarding support.
• To secure systems, prevent abuse, and monitor service reliability.
• To improve website content, user experience, and product performance.

4. Legal basis

Depending on the context, processing is based on contract performance, pre-contractual steps, legal obligations, legitimate interests, consent where required, and the need to operate a secure SaaS platform.

5. Matomo analytics without tracking cookies

We use Matomo analytics in a cookieless configuration. This is intended to reduce user friction and avoid unnecessary tracking cookies while still allowing us to understand aggregate website usage. Matomo cookieless analytics may be less precise than cookie-based analytics.

6. Stripe payments

Payment setup and recurring payment collection may be processed through Stripe. Stripe may process personal data as an independent provider according to its own privacy terms. We receive payment and subscription references required for billing, support, reconciliation, and accounting.

7. Third-party systems

Atlantic AI may process data through or receive data from third-party systems such as Stripe, Apaleo, Matomo, n8n, hosting providers, databases, email providers, and security tools. Data is shared only where required to provide, secure, bill, or improve the Services.

8. Hosting and international access

Atlantic AI infrastructure is designed around European hosting, including Germany and Finland. Authorized access, support, payment processing, or third-party services may involve data access from outside the EU or Switzerland where operationally necessary.

9. Retention

We retain personal data as long as required for onboarding, service provision, billing, tax, accounting, security, support, and legal recordkeeping. Data may be deleted or anonymized when it is no longer required.

10. Your rights

Depending on applicable law, you may request access, correction, deletion, restriction, portability, or objection to processing. You may also request information about the processing of your data. Some data may need to be retained for legal, accounting, security, or contractual reasons.

11. Contact for privacy requests

Use the Contact page for data protection requests. Please include enough information for us to identify the relevant account, subscription, or customer record.