Draft — pending Hayden's review/legal sign-off
Who handles your information
Shade Browser MCP is operated by Atlas Pty Ltd, ABN 88 694 558 248, Australia. This draft explains the personal information and service data Atlas expects to collect and handle for Shade.
Information we collect
We collect account email addresses and authentication metadata through Supabase. API keys are generated server-side and stored as hashes plus a short display prefix; Atlas does not store plaintext API keys after the one-time display.
We collect usage metering needed to operate and bill Shade, including slot-hours and tool-call counts. Billing details, payment methods, invoices, trials, subscriptions, and tax details are handled by Stripe.
Hosted browser operation may create operational logs, structured events, slot metadata, abuse reports, support messages, and security records needed to run, debug, protect, and enforce the service.
How we use information
We use information to provide accounts and authentication, provision subscriptions and slot quotas, operate browser infrastructure, meter usage, detect abuse, secure the service, provide support, comply with law, and improve reliability.
Subprocessors
Shade uses Supabase for authentication and database services, Stripe for payments and billing, and the VPS host for hosted browser infrastructure. These providers process information only as needed for the services they provide to Atlas.
No sale of data
Atlas and Shade do not sell customer personal information, API-key material, usage metering, browser-session contents, or support records.
Retention and deletion
Atlas keeps account, billing, metering, security, and support records for as long as needed to provide Shade, satisfy tax/accounting obligations, resolve disputes, enforce the AUP, and comply with law. You may request deletion of personal information, subject to lawful retention requirements and records needed for security, billing, dispute, or compliance reasons.
Australian Privacy Principles
Atlas aims to handle personal information consistently with the Privacy Act 1988 (Cth) and the Australian Privacy Principles where they apply, including transparent collection, limited use and disclosure, reasonable security steps, and access/correction request handling.
Customer-controlled browser data
Browser sessions may include credentials, cookies, website data, prompts, screenshots, wallet state, or other information supplied by you or target sites. You are responsible for ensuring your agents collect, use, disclose, and retain that information lawfully.
Privacy requests
For access, correction, deletion, or privacy questions, contact privacy@atlas-ai.au. Include the account email, relevant API key prefix if applicable, and the request you want Atlas to assess.