General Data Protection Regulation
In accordance with our commitment to protect personal privacy, Atrium & Associates adheres to the principles of the EU General Data Protection Regulation.
Throughout this policy, we use the term “personal information” to describe information that can be associated with a specific person and can be used to identify that person. We do not consider personal information to include information that has been aggregated and/or anonymized so that it does not identify a specific user.
In this policy, we set out how Atrium collects personal data, how it uses and shares it, and the rights and choices you have in relation to the personal data held and processed by Atrium. It should be noted that we do not transfer personal information you provide to any third parties for their own direct marketing use.
Where applicable, we comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of personal data and on the free movement of such data.
We may collect Information from you when you correspond with us or engage our services. We may also collect information as a result of your relationship with one or more of our team, or otherwise in the general course of our business. In each case your data will be controlled by ATRIUM.
If you have any questions or feedback, feel free to contact us.
+ What is GDPR?GDPR or General Data Protection Regulation is the name of the Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons regarding the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation). The aim of the GDPR is to protect privacy of individuals in the European Union and to harmonise the national legislation of the European countries. As of 25 May 2018, the GDPR is directly applicable and fully binding for data processing and protection throughout the European Union, thus replacing the Personal Data Protection Law in effect until now GDPR was developed with the aim to harmonise the differences in requirements to the processing of personal data between Member States, allowing EU citizens to have better control of their own personal data, including easier access, awareness in case of identity theft, establishment of clearer rights to erasure of personal data (the “right to be forgotten”), the right to object etc.
+ The types of personal information we collect
We collect different personal information for different reasons – it is not our intention to collect excessive amounts of personal information, but the types of information collected may include:
- your personal identification information and contact information, which may include: your name, passport information, convictions, politically exposed person (PEP), personal data available in the public domain, physical address, postal address, telephone numbers, email address and such other information necessary for Atrium to carry out its CDD and AML/CFT obligations;
- information on relevant family members and your business relationships;
- education, professional qualifications and employment information; and
- financial information, sources of wealth and your assets and bank details.
+ How we collect your personal data?
Personal data is collected at different times and from different sources including but not limited to:
- when you or your organisation contact us to consider engaging our services;
- information gathered through our client due diligence procedures as part of our compliance requirements with regulatory authorities;
- through email, fax or telephone communication;
- from third parties; and
- when you or your organisation provides services to us or offer to do so.
+ How will we use your personal data?
Atrium understands that personal data is sensitive and is committed to protecting and respecting your privacy. We provide fiduciary, corporate and other professional services to our clients and we use your personal data for these purposes. Normally the purposes for which we use your personal data will be clear when we collect data. Atrium will only use your personal information to:
- perform a contract that we have with you;
- conduct administrative or operational processes within our business;
- comply with any legal obligation where Atrium is required to process your personal information – such as keeping records for tax purposes or providing information to a governmental institution, regulatory body or law enforcement agency;
- share with third parties relevant to the services that we provide. This may include, but is not limited to, counterparties to transactions or litigation (including law firms acting for other parties), other professional service providers, tribunals or courts;
- process and respond to requests, enquiries or complaints received from you or someone connected to you;
- establish, exercise or defend the legal rights of Atrium or for the purposes of legal proceedings;
- manage and administer your or your organisation’s business relationship with us, including processing payments, billing and collection;
- for other legitimate business purposes; and
- should you apply for a position with us, to review and process your application.
+ How we may share the information we collect?
We do not share personal information with unaffiliated third parties, except as necessary for our legitimate professional and business needs, to carry out your request and/or as required or permitted by law or professional standards. This would include:
- responding to requests from regulatory bodies or law enforcement agencies where it is necessary or prudent to comply with applicable laws or government regulations;
- sharing with ATRIUM’ service providers, advisors or other third parties if we merge, sell, liquidate or transfer all or a portion of our assets;
- comply with any legal obligation where ATRIUM is required to process your personal information – such as keeping records for tax purposes or providing information to a governmental institution, regulatory body or law enforcement agency;
- sharing with other third parties as outlined in the section above; and
- should you apply for a position with us, disclosing your personal information for the purposes of seeking references and confirmation of the details that you have provided.
+ Retention of personal information and security
Your personal information will be retained for as long as required:
- for the purpose for which the personal information was collected;
- in order to satisfy any reporting or accounting obligations; and
- as required by data protection laws and any other applicable laws or regulatory requirements.
+ Access to your personal data
If you have submitted information to Atrium, you have the following rights:
- to access that data and port (transfer) such personal information;
- to rectify personal information where the information we hold about you is incorrect;
- to restrict the use of personal information;
- to request that personal information is erased;
- to object to processing of personal information; and
- submit a complaint if you have concerns about the way in which we are handling your data using the form on our Contacts page, to the Information Commissioner’s Office in the UK or the data protection authority in the EU member state of your usual place of residence.
+ Inaccurate or amended informationPlease let us know as soon as possible if any of your personal information changes (including your correspondence details). Failure to provide accurate information or to update information when it changes may have a detrimental impact upon our ability to provide services to you.
How can we help you?
Should you have any question, our Business Development Managers team will be ready to guide and assist you!