Privacy Policy | Atlas Virt Limited

1. Who We Are (Data Controller)

The data controller responsible for your personal information is:

Company: Atlas Virt Limited
CRN:
Registered Address:
Email:

If you have any questions about how we handle your personal data, please contact us using the details above.

2. Data We Collect

We collect personal information in the following ways:

Information You Provide Directly

Contact enquiries: Name, email address, phone number, company name, and the content of your message when you use our contact form or email us.
Service agreements: Business name, contact details, billing address, and payment information when entering into a service relationship with us.
Communications: Records of correspondence by email, phone, or any other means.

Information Collected Automatically

Usage data: IP address, browser type and version, device type, operating system, pages visited, time and date of visit, and referring URLs collected via cookies and similar technologies.
Analytics data: Aggregated site usage statistics processed through third-party analytics tools.

We do not collect or process any special category data (such as health information, racial or ethnic origin, religious beliefs, or biometric data) through our website or services.

3. How We Use Your Data

We use the personal information we collect for the following purposes:

Purpose	Details
Responding to enquiries	To reply to messages submitted via our contact form or sent to us directly.
Providing services	To manage and deliver the advertising services you have engaged us for.
Billing & contracts	To process invoices, manage payments, and maintain service agreements.
Website improvement	To understand how visitors use our website and improve the user experience.
Legal compliance	To comply with applicable legal and regulatory obligations.
Security	To detect and prevent fraudulent activity or misuse of our services.

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.

4. Legal Basis for Processing

Under UK GDPR, we rely on the following lawful bases for processing your personal data:

Contract (Article 6(1)(b)): Processing necessary to perform a contract with you, or to take steps at your request before entering into a contract.
Legitimate interests (Article 6(1)(f)): For website analytics, responding to enquiries, and improving our services — where these interests are not overridden by your data protection rights.
Legal obligation (Article 6(1)(c)): Where processing is required to comply with a legal or regulatory obligation, such as financial record-keeping.
Consent (Article 6(1)(a)): For the placement of non-essential cookies, where you have given your explicit consent via our cookie consent mechanism.

5. Sharing Your Data

We do not sell, rent, or trade your personal information. We may share your data with:

Service Providers

Trusted third-party service providers who process data on our behalf under data processing agreements, including:

Email hosting and communication tools
Cloud storage and IT infrastructure providers
Website analytics platforms (e.g., Google Analytics)
Accounting and invoicing software

Advertising Platforms

When managing advertising campaigns on your behalf, we may interact with third-party advertising platforms (such as Google Ads or Meta Ads). These platforms operate under their own privacy policies. We share only the minimum data necessary to operate campaigns effectively.

Legal Disclosures

We may disclose your data if required to do so by law, court order, or regulatory authority, or where we believe disclosure is necessary to protect our rights or the safety of others.

6. International Data Transfers

Some of our third-party service providers are located outside the United Kingdom. When we transfer personal data internationally, we ensure that appropriate safeguards are in place in accordance with UK GDPR, such as:

UK International Data Transfer Agreements (IDTAs);
Standard Contractual Clauses approved by the UK ICO;
Transfers to countries with a UK adequacy decision.

You can request further information about international transfers and the safeguards in place by contacting us at .

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our general retention guidelines are:

Client records and contracts: 6 years after the end of the client relationship (in line with the Limitation Act 1980).
Financial records: 6 years from the end of the relevant tax year, as required by HMRC.
Contact enquiries: Up to 2 years, or longer if the enquiry leads to a service relationship.
Website analytics data: As determined by the retention settings of the analytics platform (typically 14–26 months).

When data is no longer required, we securely delete or anonymise it.

8. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

Right of access: You may request a copy of the personal data we hold about you.
Right to rectification: You may ask us to correct inaccurate or incomplete data.
Right to erasure: You may request deletion of your personal data where there is no legitimate reason for us to continue processing it.
Right to restrict processing: You may request that we limit how we process your data in certain circumstances.
Right to data portability: Where processing is based on consent or contract, you may request your data in a machine-readable format.
Right to object: You may object to processing based on legitimate interests or for direct marketing purposes.
Rights related to automated decision-making: You have the right not to be subject to purely automated decisions that significantly affect you.

To exercise any of these rights, please contact us at . We will respond within one calendar month. There is no charge for making a request, unless it is manifestly unfounded or excessive.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

Encrypted data transmission via HTTPS/TLS;
Access controls and authentication requirements for staff;
Regular review of data handling practices;
Use of reputable, security-vetted third-party service providers.

No method of transmission over the internet is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and affected individuals in accordance with our legal obligations.

10. Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any external sites you visit.

11. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we do, we will revise the "Last Updated" date at the top of this page. We encourage you to review this policy periodically.

Where changes are material, we will take reasonable steps to notify you (for example, by email if you are an existing client).

12. Contact Us & Complaints

If you have questions, concerns, or wish to exercise your rights, please contact us:

Company: Atlas Virt Limited
CRN:
Address:
Email:

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection:

ICO Website: ico.org.uk
ICO Helpline: 0303 123 1113