Skip to content
Atomation
Platform
OverviewDashboard, finding queue, evidence, and reports.Product modelConnection, snapshot, finding, and report output.Evidence & reportsSource trails, screenshots, exports, and report views.
Trust & coverage
What we checkRepresentative checks plus assessment trust model.Feature postureWhich Okta features are on, off, and worth enabling.Security modelRead-only scans, exact connector grants, no remediation.DeploymentHosted Atomation workspace model, partner portals, and assessment boundaries.
See it liveOkta Assessment demoWalk a real finding queue, evidence drawers, and reports — no signup, open demo.Explore the live demo
SolutionsDocsPartnersPricingLive demoDemoContact usContact
Product
Product overview
PlatformOverviewProduct modelEvidence & reports
Trust & coverageWhat we checkFeature postureSecurity modelDeployment
SolutionsDocsPartnersPricingLive demoContact usCall 727-999-1813
Legal and privacy

Privacy Notice

How Atomation LLC collects, uses, discloses, protects, and deletes information across atomation.io and the Atomation Okta Assessment service.

Effective and last updated: July 11, 2026

Scope

This notice applies to Atomation LLC ("Atomation," "we," "us") and our public website, customer and partner portals, operator-supported onboarding, and Okta Assessment service. It does not govern a customer's own Okta tenant or third-party services the customer controls.

Information we collect

  • Website and inquiry information: name, business email, optional phone number, company, message, referring page, IP address, device/browser data, and ordinary security logs.
  • Account and workspace information: username, email, role, authentication source, company/workspace identifiers, invitations, support records, audit events, and SSO or SCIM profile attributes supplied by the customer.
  • Okta assessment information: configuration objects, identifiers needed for evidence, findings, snapshots, reports, and connector metadata retrieved through the customer-approved Okta API Services app.
  • Commercial information: contacts, order or statement-of-work details, invoices, and payment status. Atomation does not store full payment-card numbers.

How we use information

We use information to provide and secure the service, authenticate users, run requested assessments, generate findings and reports, respond to inquiries, support customers, administer contracts and billing, prevent abuse, maintain audit and recovery records, and comply with law.

Atomation does not retain customer content for model or product training. We may retain sanitized, de-identified technical schema observations needed to improve collectors and deterministic rules, such as response shape, object type, field type, field presence, and compatibility errors. Those observations must exclude customer values, people, emails, tenant URLs, identifiers, secrets, findings, labels that reveal business information, and raw payloads. Identifiable customer content requires a separate written opt-in.

Disclosures and service providers

We disclose information only as needed to service providers operating the website, production infrastructure, network protection, and business email; at a customer's direction; during a lawful business transfer; or when legally required. Current providers are listed on our Subprocessors page. We do not sell personal information or share it for cross-context behavioral advertising.

Cookies and tracking

The portals use necessary cookies for authentication, security, and session continuity. The public site may use essential network and security technologies. Nonessential Google Analytics, Google Tag Manager, and Meta Pixel tags are currently disabled in production. If we enable nonessential advertising or analytics tracking, we will update this notice and provide any privacy choice required before activation. Google-hosted fonts may receive ordinary request metadata when a public page loads.

Retention and deletion

Active-workspace data is retained while needed to provide the service. A cancelled workspace is suspended for 30 days by default and then permanently purged, unless an authorized immediate purge is requested, a written agreement provides otherwise, or a documented legal obligation applies. Encrypted daily and monthly recovery sets normally expire within 30 days. Minimal content-free deletion receipts, contracts, invoices, tax records, and security-incident records may follow separate legitimate legal or accounting schedules. See the Data Retention and Deletion Policy.

Security and location

Atomation uses access controls, encryption in transit, protected connector secrets, tenant-bound authorization, audit records, backups, and tested deletion controls appropriate to the information processed. Production service data is hosted in the United States. No system is completely secure, and customers remain responsible for their Okta tenant and exported copies.

Your choices and requests

You may request access, correction, or deletion of personal information associated with you, or ask a privacy question, by emailing [email protected]. We may verify your identity and authority before acting. Authorized agents may be asked to provide written authorization. We do not discriminate for making a privacy request.

Children

The website and service are business products and are not directed to children under 13. We do not knowingly collect personal information from children.

Changes and contact

We will post material changes here and update the date above. Contact Atomation LLC at [email protected] or through our contact page.

Atomation

Okta posture and evidence without changing your tenant. Find access risk and evidence gaps before audit week.

Veteran owned — securing Okta orgsBuilt for Okta Identity Engine
[email protected]727-999-1813
ProductOverviewHow it worksPricingLive demo
ResourcesDocumentationFrameworksSecurity & privacyBlogOkta setupFAQ
CompanySolutionsPartnersAboutContact
LegalPrivacyTermsData retentionSubprocessorsAccessibility
© 2026 Atomation LLC · atomation.io
LinkedInInstagramFacebook