Privacy Policy

Introduction

This privacy policy sets out how Atlas Operations Ltd uses and protects your personal data through your use of this website and related services.

This privacy policy is provided in a layered format so you can navigate to specific areas below.

This website is not intended for children and we do not knowingly collect data relating to children.

Contents

1. Important information and who we are
2. The types of personal data we collect about you
3. How is your personal data collected?
4. How we use your personal data
5. Disclosures of your personal data
6. International transfers
7. Data security
8. Data retention
9. Your legal rights
10. Contact details
11. Complaints
12. Changes to the privacy policy and your duty to inform us of changes
13. Third-party links

1. Important information and who we are

This privacy policy gives you information about how Atlas Operations Ltd collects and uses your personal data through your use of this website, including data you may provide when you register with us, sign up to our newsletter, purchase a service, take part in a promotion, request information or a quote, submit a booking request, apply for a role, or otherwise contact us.

Atlas Operations Ltd is the controller and responsible for your personal data (collectively referred to as Atlas Operations, we, us, or our in this privacy policy).

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy policy.

2. The types of personal data we collect about you

Personal data means any information about an individual from which that person can be identified.

• Identity Data includes first name, last name, full name, any previous names, username or similar identifier, title, date of birth, gender, position applied for, and SIA licence status.
• Contact Data includes billing address, delivery address, correspondence address, postcode, email address, telephone numbers, and instant messaging contact details.
• Financial Data includes bank account and payment card details.
• Transaction Data includes details about payments to and from you and details of products and services you have purchased from us.
• Technical Data includes internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device ID, and other technology on the devices you use to access this website.
• Profile Data includes account details, purchases or orders, interests, preferences, feedback, survey responses, service requirements, and referral/source information.
• Usage Data includes information about how you interact with and use our website, products, and services.
• Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.
• Recruitment Data includes job application details and uploaded files, including CV/resume, headshot/photo, and supporting documents.

We also collect, use, and share aggregated data such as statistical or demographic data. This is not personal data where it does not directly or indirectly reveal your identity.

3. How is your personal data collected?

We use different methods to collect data from and about you including through:

• Direct interactions with us. You may provide personal data by filling in forms or by corresponding with us by post, phone, email, instant messaging services, or otherwise.
• Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data using cookies, server logs, and similar technologies.
• Third parties or publicly available sources. We may receive data from analytics providers, advertising networks, search information providers, technical/payment/delivery providers, data brokers or aggregators, and public sources.

For website operations and digital services, third-party providers may include (without limitation) analytics, security, anti-bot, hosting, cloud storage, communications, advertising, and marketing technology providers. This list may change from time to time.

For more information about cookies and cookie controls, please see our Cookies Policy.

4. How we use your personal data

Legal basis

The law requires us to have a legal basis for collecting and using personal data. We rely on one or more of the following legal bases:

• Performance of a contract with you: where we need to perform the contract we are about to enter into or have entered into with you.
• Legitimate interests: where necessary for conducting, protecting, and developing our business, and where your interests and fundamental rights do not override those interests.
• Legal obligation: where processing is necessary for compliance with a legal obligation.
• Consent: where we rely on consent, including where legally required for specific marketing and cookie-related processing.

Purposes for which we use personal data

We may use personal data for customer and account onboarding, service delivery, payment processing and debt recovery, relationship management, complaints handling, business administration, website security and analytics, promotions and surveys, recruitment processing, and marketing communications.

Depending on context, we may use Identity, Contact, Financial, Transaction, Technical, Profile, Usage, Marketing and Communications, and Recruitment Data.

We retain data in accordance with section 8 and for longer where required for legal, regulatory, tax, accounting, reporting, insurance, fraud prevention, or legal-claims purposes.

Direct marketing

You may receive direct marketing communications from us by email, SMS, telephone, and post. Channels may change from time to time.

Where permitted by law, we may rely on soft opt-in for existing customers. Otherwise, we rely on consent where required.

Third-party marketing

We do not share your personal data with any third party for their own direct marketing purposes.

Opting out of marketing

You can ask us to stop sending marketing communications at any time by using unsubscribe links, account preference controls where available, or contacting privacy@atlasoperations.co.uk.

If you opt out of receiving marketing communications, you will still receive service-related communications that are essential for administrative or customer service purposes.

5. Disclosures of your personal data

We may share personal data where necessary with internal teams and external service providers involved in website operations, hosting, infrastructure, security, anti-bot controls, analytics, communications, advertising, recruitment, payment processing, and professional advisory services.

We may also disclose personal data to regulators, law enforcement, courts, and competent authorities where required by law or to protect legal rights.

If a change happens to our business, including sale, transfer, merger, acquisition, or restructuring, relevant third parties may use personal data in the same way as set out in this privacy policy.

We require all third-party processors to respect the security of personal data and process it only for specified purposes in accordance with our instructions and applicable law.

6. International transfers

Personal data may be transferred outside the UK where our service providers or technology partners process data in other jurisdictions.

Whenever personal data is transferred outside the UK, we implement appropriate safeguards to ensure a similar degree of protection. Safeguards may include UK adequacy regulations, the UK International Data Transfer Agreement (IDTA), and/or the UK International Data Transfer Addendum to standard contractual clauses, together with supplementary measures where required.

To obtain further information about applicable transfer safeguards, contact privacy@atlasoperations.co.uk.

7. Data security

We have implemented appropriate technical and organisational security measures to protect personal data against accidental loss, unauthorised access, unlawful use, alteration, and disclosure.

Access to personal data is limited to those employees, agents, contractors, and service providers who need access for legitimate business purposes and who are subject to confidentiality obligations.

We maintain procedures for handling suspected personal data breaches and will notify you and any applicable regulator where legally required.

8. Data retention

We retain personal data for periods aligned to operational needs and legal, regulatory, tax, accounting, reporting, insurance, and legal-risk requirements. Retention periods vary by data type, purpose, and context.

We may retain personal data for longer where required in connection with complaints, investigations, disputes, or anticipated or ongoing litigation.

By law, we retain core customer records (including Contact, Identity, Financial, and Transaction Data) for six years after a customer relationship ends for tax purposes.

Where lawful and appropriate, we may anonymise personal data for research, analytics, and statistical purposes. Once anonymised, this information may be used indefinitely without further notice.

9. Your legal rights

You have rights under UK data protection law, including rights to access, correct, erase, restrict, object, withdraw consent, and where applicable request transfer of personal data.

• To exercise your rights, contact privacy@atlasoperations.co.uk.
• You will not usually have to pay a fee. We aim to respond within one month, subject to lawful extensions where requests are complex.

10. Contact details

If you have any questions about this privacy policy or wish to exercise your privacy rights, please contact our DPO:

• Email address: privacy@atlasoperations.co.uk
• Postal address: Atlas Operations Ltd, 244 Edgware Road, London, W2 1DS

11. Complaints

You have the right to make a complaint to the Information Commissioner's Office (ICO), the UK regulator for data protection issues.

ICO website: www.ico.org.uk.

Please raise complaints with us first where possible. Our complaints policy is available here.

12. Changes to the privacy policy and your duty to inform us of changes

This version was last updated in February 2026.

We keep this privacy policy under regular review. It is important that personal data we hold is accurate and current, so please notify us of changes during your relationship with us.

13. Third-party links

This website may include links to third-party websites, plug-ins, and applications. We do not control third-party websites and are not responsible for their privacy statements. Please read the privacy policy of every website you visit.