Security & Trust

Your content operation is yours.
We protect it accordingly.

Straight facts about how articlos handles your data — encryption, credentials, Google OAuth, payments, and your rights.

Encryption

In transit and at rest, using the same standards the rest of the modern web uses.

All traffic between your browser and articlos is encrypted with TLS.
All data stored in our databases is encrypted at rest with AES-256.
OAuth access and refresh tokens are encrypted before being written to storage.
WordPress application passwords are encrypted at rest and never displayed back in our UI.

You own everything articlos generates on your behalf. We do not train models on it.

You retain full ownership of every article, brief, and asset generated through your account.
We do not sell or rent your personal or content data to third parties, ever.
We do not use your submitted content to train shared AI models without your explicit consent.
When AI model providers (OpenAI, Google, Anthropic) process your requests, we do not send personally identifiable information in those requests.

Google Search Console and GA4 are connected via OAuth. We follow Google's Limited Use policy to the letter.

We never ask for or see your Google password. OAuth only.
Google API data is cached for up to 24 hours to reduce API calls — then purged.
Your Google data is never sold, rented, transferred, or disclosed to third parties for advertising, market research, or user profiling.
We never use Google data to train AI models.
You can revoke access at any time from Settings → Integrations, or directly at myaccount.google.com/permissions.
Our use of Google APIs adheres to the Google API Services User Data Policy, including Limited Use requirements.

Your account password is hashed. Your WordPress credentials never leave encrypted storage.

Account passwords are hashed with industry-standard algorithms and never stored in plain text.
WordPress publishing uses per-site application passwords that are encrypted at rest.
No credential is ever displayed back in the articlos UI after initial setup.
We recommend using a strong, unique password and enabling two-factor authentication on any service you connect.

All billing is handled by bank transfer. We never collect or store card data.

Invoices are paid by SEPA or SWIFT bank transfer directly to our business account.
We do not collect, process, or store card numbers, CVVs, or any payment card details at any point.
Transaction and invoice records are retained for 7 years as required by accounting law.

Keep what's yours while you're a customer. Delete it when you leave.

Access, correction, deletion, portability, objection, restriction — whatever applies in your jurisdiction, we honour.

Request a copy of the personal data we hold about you at any time.
Request correction of inaccurate or incomplete data.
Request deletion of your personal data ("right to be forgotten").
Request your data in a machine-readable portable format.
Object to marketing emails or other specific processing.
Request that we restrict how we use your data.
Email hello@articlos.com to exercise any of these rights. We respond within 30 days.

The short, honest list of who touches your data and why.

If something goes wrong, we tell you.

We monitor our infrastructure and application logs for security events.
In the event of a data breach affecting your personal information, we notify you as required by applicable law.
Security questions and reports can be sent to hello@articlos.com.

The commitments on this page are grounded in our Privacy Policy, Terms of Service, and Cookies Policy. Read the full legal text below.

Report a vulnerability, ask about our posture for a procurement review, or request a deeper walk-through — we answer every email.