GDPR Rights & Data Protection - Atlas Founders Advisory Ltd

Your Privacy Matters: Under the General Data Protection Regulation (GDPR) and UK Data Protection Act, you have fundamental rights regarding your personal data. This page explains your rights as our client and how to exercise them effectively.

What is GDPR?

The General Data Protection Regulation (GDPR) is comprehensive data protection legislation that governs how organizations collect, process, and protect personal data. It applies to Atlas Founders Advisory Ltd as we serve clients across the UK and European Union while processing personal data for our US business formation and advisory services.

As your data controller, we are committed to transparency, fairness, and accountability in all our data processing activities. Your rights under GDPR are fundamental and we have implemented robust procedures to ensure you can exercise them effectively.

Your Fundamental GDPR Rights

1Right of Access

What it means: You can request copies of all personal data we hold about you, including how we use it and who we share it with.

How to use it: Submit a Subject Access Request to see exactly what information we have about you and how we process it.

2Right to Rectification

What it means: You can request correction of inaccurate or incomplete personal data we hold about you.

How to use it: Contact us immediately if you notice any errors in your personal information so we can correct them promptly.

3Right to Erasure

What it means: Also known as the "right to be forgotten," you can request deletion of your personal data in certain circumstances.

Limitations: We may need to retain some data for legal compliance (tax records, regulatory requirements).

4Right to Restrict Processing

What it means: You can limit how we use your personal data while we resolve disputes about accuracy or lawful processing.

When to use it: If you contest data accuracy or object to processing while we verify your concerns.

5Right to Data Portability

What it means: You can receive your personal data in a structured, machine-readable format to transfer to another service provider.

Scope: Applies to data you provided to us and data processed by automated means with your consent or for contract performance.

6Right to Object

What it means: You can object to processing based on legitimate interests, including direct marketing.

Marketing: You have an absolute right to opt-out of all marketing communications at any time.

Special Rights for Specific Situations

Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing that significantly affects you. While we may use automated systems for initial assessments, all important decisions involving our clients include human oversight and review.

Consent Withdrawal

Where we process your data based on consent, you can withdraw that consent at any time. This won't affect the lawfulness of processing before withdrawal, but we will stop processing for that purpose going forward.

How to Exercise Your Rights

Simple Process: Contact our Privacy Officer using any of the methods below. We aim to respond within 30 days and will verify your identity for security purposes.

What We Need:

Clear identification of which right you want to exercise
Proof of identity (copy of passport or driving license)
Specific information if requesting particular data or corrections
Preferred method for receiving our response

International Data Transfers and Your Rights

Given our US business formation services, we necessarily transfer personal data to the United States. Your GDPR rights remain fully protected through:

Standard Contractual Clauses: Legal safeguards approved by EU authorities
Additional Security Measures: Enhanced encryption and access controls
Regular Reviews: Ongoing assessment of transfer mechanisms and legal developments
Right to Object: You can object to transfers, though this may limit our ability to provide certain services

Limitations on Your Rights

While your rights are fundamental, there are some situations where we may not be able to fully comply:

Legal and Regulatory Obligations

Tax Records: Must be retained for 7 years under US and UK law
Company Formation Documents: Required for regulatory compliance
Anti-Money Laundering: Customer due diligence records legally required
Active Legal Proceedings: Data needed for ongoing disputes or investigations

Data Protection Officer & Privacy Team

Our dedicated privacy team is responsible for ensuring GDPR compliance and handling your data protection requests. We have implemented comprehensive procedures for:

Processing data subject requests within legal timeframes
Conducting privacy impact assessments for new services
Monitoring international data transfer compliance
Training staff on data protection principles
Responding to data protection authority inquiries

Making a Complaint

We hope to resolve any concerns directly, but you have the right to lodge a complaint with supervisory authorities:

UK Information Commissioner's Office (ICO)
Website: ico.org.uk
Phone: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Contact Our Privacy Team

For any questions about your GDPR rights or to make a data protection request:

Compliance Officer
Atlas Founders Advisory Ltd
Email: compliance@atlasfoundersadvisory.co.uk
WhatsApp: +44 7520 603 5342

General Data Protection Inquiries:
Email: compliance@atlasfoundersadvisory.co.uk
Response Time: Within 30 days of verified request

Emergency Data Protection Issues

For urgent data protection concerns, suspected breaches, or immediate assistance with exercising your rights, contact our privacy team directly by phone during business hours or email us at privacy@atlasfoundersadvisory.co.uk for priority response.

Last Updated: May 2026

Version: 1.1.0

Next Review Date: January 2027