Atlas Advisory LLP Privacy Policy 

Updated 5th March 2025

Atlas Advisory are committed to respecting your privacy and aim to explain in clear language what information we collect, how we use it and the choices and controls you have.

Summary

This privacy policy sets out how Atlas Advisory LLP (“Atlas”, "we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018). Please read this policy carefully to understand our practices regarding your personal data.

1.0 Who we are

Atlas Advisory LLP is a strategic consultancy registered in the UK. Partnership No. OC453874. Registered with the Information Commissioner’s Office UK. Registration Reference No. ZB871978. Any data protection queries should be directed to support@atlas.how.

2.0 Personal Data

We collect and process the following types of personal data: names, email addresses, phone numbers, physical addresses, job titles, employer information, IP addresses and website usage data.

We collect data through various means including: our website contact forms, email correspondence, phone conversations, in-person meetings, as part of client contracts and agreements and cookies and other technologies on our website.

When you provide us with personal information about referrals or comapnies we will only use this information for the specific reason for which it is provided to us. If you believe that one of your business contacts has provided us with your personal information and you would like to request that it be removed from our database, please contact us at support@atlas.how.

2.1 How we use your Personal Data

We use your personal data for the following purposes:

  • To provide marketing consultancy services

  • To communicate with you about our services

  • To manage our relationship with you

  • To send you marketing communications (with your consent)

  • To improve our services and develop new offerings

  • To comply with legal and regulatory obligations

The legal bases for processing your data include:

  • Performance of a contract

  • Legitimate interests

  • Consent (for marketing communications)

  • Legal obligation

3.0 Data sharing and transfers

We may share your personal data or personal data shared with us by clients in order to provide marketing consultancy services with:

  • Service providers (e.g. consultants providing services on behalf of Atlas, IT providers and CRM systems)

  • Professional advisers (e.g. accountants)

  • Regulatory bodies when required by law

We do not sell your personal data to third parties. If we transfer your data outside the UK we ensure appropriate safeguards are in place in compliance with UK data protection laws.

As a strategic consultancy, Atlas may act as a data processor for our clients when we are provided with personally identifiable data of our clients' customers. In these instances, when processing data on behalf of our clients, we:

  • Only process personal data in accordance with our clients' documented instructions

  • Implement appropriate technical and organizational measures to ensure the security of the data

  • Assist our clients in fulfilling their obligations to respond to data subjects' requests to exercise their rights

  • Delete or return all personal data to the client at the end of the provision of services, as per the client's preference

3.1 Our clients, as data controllers, are responsible for:

  • Ensuring they have a lawful basis for collecting and processing their customers' personal data

  • Providing appropriate privacy notices to their customers

  • Obtaining necessary consents for data processing activities

  • Responding to data subject rights requests from their customers

3.2 If we need to engage sub-processors to assist in providing our services:

  • We will inform our clients and obtain their consent before engaging any new sub-processor

  • We ensure that our sub-processors are bound by the same data protection obligations as set out in our contract with the client

3.3 Data Breach Notification

In the event of a personal data breach affecting client data:

  • We will notify the affected client(s) without undue delay after becoming aware of the breach

  • We will provide the client with all necessary information to allow them to meet their own breach reporting obligations

4.0 Marketing Communications

We may send you marketing communications if you have:

  • Requested information from us

  • Used our services

  • Provided us with your details and consented to receiving marketing communications

You can opt out of these communications at any time by clicking the 'unsubscribe' link in any email or contacting us directly.

5.0 Data Retention

We retain your personal data as long as necessary to fulfil the purposes for which is was collected, including

  • The duration of our business relationship

  • As required to comply with legal obligations

  • As needed to resolve disputes or enforce our agreements

We review our retention periods regularly and will securely delete personal data that is no longer needed.

6.0 Your Rights

Under the UK GDPR, you have the following rights:

  • Right to access your personal data

  • Right to rectification of inaccurate data

  • Right to erasure ('right to be forgotten')

  • Right to restrict processing

  • Right to data portability

  • Right to object to processing

  • Rights related to automated decision-making and profiling

To exercise any of these rights, please contact us using the details provided in Section 2.

7.0 Data Security

We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These include:

  • Encryption of digital data

  • Secure, access-controlled servers

  • Regular security assessments

  • Staff training on data protection

8.0 Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance user experience and collect usage data. You can manage your cookie preferences through your browser settings.

Technologies such as cookies, beacons or similar technologies are used by Atlas and our partners, affiliates, or analytics or service providers (e.g. marketing partners). These technologies are used in analysing trends, administering the Site, tracking users’ movements around the Site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis. 

Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use some features or areas of our Site may be limited. 

As described in this Statement, Atlas and/or third parties on our digital propert(ies) may use cookies and similar tracking technologies to collect information and infer your interests for interest-based advertising purposes. If you would prefer to not receive personalised ads based on your browser or device usage, you may generally express your opt-out preference to no longer receive tailored advertisements. Please note that you will continue to see advertisements, but they will no longer be tailored to your interests. 

To opt-out of interest-based advertising by participating companies in the following consumer choice mechanisms, please visit: 

  • Digital Advertising Alliance (DAA)’s self-regulatory opt-out page and mobile application-based “AppChoices” download page;

  • European Interactive Digital Advertising Alliance (EDAA)’s consumer opt-out page;

  • Network Advertising Initiative (NAI)’s self-regulatory opt-out page.

As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may combine this automatically collected log information with other information we collect about you. 

We use local storage, such as HTML5, to store content information and preferences. Third parties with whom we partner to provide certain features on our Site or to display advertising based upon your web browsing activity also use HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5. 

We may not recognize or take action in response to Do-Not-Track (DNT) signals from Web browsers. At this time there is not any universally accepted standard for a company’s adoption for how to respond when a DNT signal is detected. In the event a final standard is established, we will determine how to appropriately respond to these signals. 

9.0 Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this policy.

By using our services, you acknowledge that you have read and understood this Privacy Policy.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at support@atlas.how