Ato
Your privacy is our priority

Your Privacy at Ato

Ato is designed to be a private companion — not a listening device. This page explains, clearly and concretely, how we handle data, how we protect it, and what we never do.

Last updated: January 25, 2026

At a glance

No audio recordings are stored
Strong encryption in transit and at rest
Conversations are not visible to family members
Minimal data collection
Delete your data anytime
We never sell your data
We never train AI models on your conversations

Our core privacy promises

No audio storage

Ato processes voice in real time to generate responses. We do not store audio recordings. Once processed, the audio is permanently discarded.

Privacy between the senior and the family

Ato keeps conversations private. Families only see basic activity and settings—never content.

Section 1

Introduction

Welcome to Ato, a service provided by Eighteen Labs, Inc. ("we," "us," or "our").

We are committed to protecting the privacy of both seniors using Ato ("Device Users") and the family members managing the account ("Account Holders").

This policy explains what data we process, why we process it, and how we protect it.

Section 2

Audio & conversations

We built Ato to be a private companion, not a listening device.

  • No Audio Storage: We process voice inputs in real-time to generate responses. We do not store audio recordings of your conversations. Once the words are processed, the audio is permanently discarded.
  • Privacy Between Senior & Family: To maintain the dignity and privacy of the Device User, Account Holders (family members) cannot access or read transcripts of the senior's conversations. The family dashboard only shows general activity status (e.g., "Device active") and allows for configuration.
Section 3

Information we collect

We collect the minimum data necessary to operate Ato.

A. Device data (user)

Conversation context (temporary)
Short-term processing to maintain a coherent conversation.

Personal insights (long-term memory)
With the user's interactions, Ato may extract small, specific facts to personalize the experience (for example: "likes gardening", "grandson's name is Leo"). These are stored securely, using encrypted databases and strict access controls to ensure that only authorized systems can retrieve or update them.

B. Account data (family)

We collect only basic information—name, email, phone number, and device settings such as contacts, reminders, and preferences—to set up and manage the family account.

Section 4

How we use your information

We use data only to:

  • Provide the AI companion service
  • Deliver reminders, messages, and configured notifications
  • Maintain, secure, and improve our systems
No Training on User Data: We do not use your personal conversations or private insights to train our foundation AI models.
Section 5

Data sharing & third parties

  • We never sell personal data
  • We only share data with trusted infrastructure providers strictly necessary to run Ato (hosting, databases, security, monitoring)

Our core infrastructure partners include platforms such as Google Cloud Platform (GCP), Supabase, and Vercel.

Section 6

Data security

We apply industry best practices to protect user data.

Ato is built on infrastructure designed to meet high security and compliance standards (including SOC 2 and HIPAA-aligned environments).

SOC 2 Compliant
HIPAA Compliant

No system is 100% secure, but we invest heavily in preventing unauthorized access, misuse, or disclosure.

Section 7

Your rights & deletion

You control your data.

You may request deletion of your account and all associated data (including personal insights) at any time by emailing: hello@heyato.ai

We process deletion requests within 5 days.

Questions?

If you have any questions about this Privacy Policy, contact us at: hello@heyato.ai

Eighteen Labs, Inc.
1525 Van Ness Ave
San Francisco, CA 94109
← Back to Home