Privacy Policy - Atlas Founders Advisory LTD

🌍 Introduction & Our Services

Atlas Founders Advisory Ltd. ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, visit our website, or interact with us.

This policy complies with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (GDPR), and the Data Protection Act 2018.

Our International Business Services Include:

🏢 US Company Formation (LLC and Corporation formation)
🏦 Banking Setup Guidance
📊 Bookkeeping Services
📋 US Tax Preparation
🔢 Employer Identification Number (EIN) Services
⚖️ IRS Representation
📄 W-8BEN Data Controller Services
🔒 International Data Transfer Consulting

📊 Personal Data We Collect

Information You Provide Directly:

Contact Information: Name, email address, phone number, mailing address
Business Information: Company name, business address, industry, business structure preferences
Financial Information: Bank account details, payment information, tax identification numbers
Identity Verification: Government-issued ID, passport information, utility bills
Professional Information: Occupation, job title, professional background
Legal Documentation: Articles of incorporation, operating agreements, tax forms

Information We Collect Automatically:

Website Usage: IP address, browser type, operating system, referring URLs
Device Information: Device type, unique device identifiers
Location Data: General geographic location based on IP address
Communication Records: Email correspondence, chat logs, phone call records

Information from Third Parties:

Information from payment processors and financial institutions
Data from government agencies and regulatory bodies
Business verification information from third-party services

⚖️ Legal Basis for Processing

Processing Purpose	Legal Basis Under GDPR	Examples
Service delivery and contract performance	Contract Performance (Article 6(1)(b))	Company formation, tax preparation, EIN services
Legal and regulatory compliance	Legal Obligation (Article 6(1)(c))	AML/KYC checks, tax reporting, regulatory filings
Marketing communications	Consent (Article 6(1)(a))	Newsletters, service updates, promotional materials
Business development and improvement	Legitimate Interest (Article 6(1)(f))	Service enhancement, client relationship management
Fraud prevention and security	Legitimate Interest (Article 6(1)(f))	Identity verification, transaction monitoring

🔄 How We Use Your Personal Data

🏢 Service Provision:

Process company formation applications in Delaware, New Mexico, Texas, and Wyoming
Prepare and file US federal and state tax returns
Provide bookkeeping and accounting services for international businesses
Obtain EINs and other business identifiers from US authorities
Communicate with government agencies on your behalf
Provide ongoing compliance support and advisory services

📋 Legal and Regulatory Compliance:

Comply with anti-money laundering (AML) requirements
Perform know-your-customer (KYC) verification
Meet US and UK tax reporting obligations
Respond to regulatory inquiries from IRS, Companies House, or other authorities
Maintain records as required by law

💼 Business Operations:

Process payments and manage billing for our services
Provide customer support via email, WhatsApp, and other channels
Improve our services and website functionality
Conduct business analysis and strategic planning

🤝 Data Sharing and Disclosure

🔧 Service Providers:

We share personal data with trusted third-party service providers who assist us in delivering our services:

Payment Processors: For processing transactions and managing billing
Government Agencies: US state agencies, IRS, Companies House for filing documents and regulatory compliance
Professional Service Providers: Attorneys, accountants, and other professionals as needed
Technology Providers: Cloud hosting, email services, and software platforms
Banking Partners: For facilitating business banking setup guidance

⚠️ Legal Requirements

We may disclose your information when required by law, including:

Court orders and legal proceedings
US and UK regulatory investigations
IRS, HMRC, or other tax authority requests
Law enforcement inquiries in both jurisdictions

🔄 Business Transfers:

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity, subject to the same privacy protections.

🌐 International Data Transfers

Given our focus on helping international founders establish US businesses, your personal data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States.

🛡️

Adequacy Decisions

We rely on European Commission adequacy decisions where available

📋

Standard Contractual Clauses

EU-approved SCCs with our service providers

🏢

Business Necessity

Essential for US business formation and tax services

🇺🇸 US Data Processing Necessity:

Processing your data in the United States is essential for:

Filing documents with US state and federal agencies
Communication with US banks and financial institutions
Compliance with US tax and regulatory requirements
Coordination with US-based professional service providers
IRS representation and tax resolution services

🗂️ Data Retention

Data Category	Retention Period	Legal/Business Reason
Client contract and service data	7 years after relationship ends	UK and US legal and tax compliance requirements
Financial and payment records	7 years after transaction	Accounting standards and tax requirements
US tax preparation documents	7 years after filing	IRS requirements and audit protection
Company formation documents	Indefinite (while company exists)	Ongoing compliance and corporate record keeping
Marketing consent and communications	Until consent withdrawn or 3 years of inactivity	Consent management and communication preferences
Website analytics and usage data	26 months maximum	Google Analytics compliance settings
Identity verification documents	5 years after verification	AML/KYC compliance requirements

👤 Your Rights Under GDPR

You have comprehensive rights regarding your personal data:

🔍 Right of Access

Request a copy of the personal data we hold about you, including information about processing activities and third-party sharing.

✏️ Right to Rectification

Request correction of inaccurate or incomplete personal data to ensure our records are up to date.

🗑️ Right to Erasure

Request deletion of your personal data, subject to legal retention requirements for tax and compliance purposes.

⏸️ Right to Restrict Processing

Request limitation on how we use your personal data in certain circumstances while maintaining essential records.

📤 Right to Data Portability

Receive your personal data in a structured, commonly used, machine-readable format for transfer to another provider.

🚫 Right to Object

Object to processing based on legitimate interests or for direct marketing purposes at any time.

↩️ Right to Withdraw Consent

Withdraw consent for consent-based processing at any time without affecting lawfulness of prior processing.

📢 Right to Lodge a Complaint

File a complaint with the Information Commissioner's Office (ICO) or your local data protection authority.

📧 Exercising Your Rights

To exercise any of these rights, contact us at:

Email: compliance@atlasfoundersadvisory.co.uk
Subject Line: "Data Subject Request - [Your Name]"
WhatsApp: +44 7520 603 5342
Post: Compliance Officer,
Atlas Founders Advisory Ltd.
Level One, Basecamp Liverpool, 49 Jamaica Street
Liverpool, L1 0AH
United Kingdom

Response Time: We will respond to your request within one month of receipt, with possible extension to three months for complex requests.

🔐 Data Security

We implement comprehensive technical and organizational measures to protect your personal data:

🔒

Encryption

Data encrypted in transit and at rest using industry-standard protocols

🔑

Access Control

Multi-factor authentication and role-based access controls

🛡️

Security Monitoring

24/7 monitoring, intrusion detection, and incident response

🛠️ Technical Measures:

End-to-end encryption of data in transit and at rest
Secure, password-protected systems with multi-factor authentication
Regular software updates and security patches
Firewall protection and intrusion detection systems
Regular security assessments and penetration testing
Secure backup and disaster recovery procedures

👥 Organizational Measures:

Comprehensive staff training on data protection and security
Strict access controls and authorization procedures
Confidentiality agreements with all personnel and contractors
Clear incident response and breach notification procedures
Regular review and update of security policies and procedures
Data protection by design and by default principles

🚨 Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we have established comprehensive procedures:

                Our 72-Hour Response Protocol:
                Immediate Assessment: Risk evaluation and containment within hours of discovery
Authority Notification: Report to ICO within 72 hours as required by GDPR
Individual Notification: Direct contact with affected individuals without undue delay if high risk
Remediation: Immediate steps to prevent further unauthorized access
Documentation: Comprehensive incident documentation and lessons learned

            

What We'll Tell You:

Nature of the personal data breach and categories of data affected
Likely consequences of the breach and our assessment of risk
Measures taken or proposed to address the breach
Recommendations for protecting yourself from potential consequences
Contact details for our data protection officer and further information

🍪 Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your website experience and improve our services. For detailed information, please see our Cookie Policy.

Types of Cookies We Use:

🔧 Essential Cookies: Required for website functionality and security
📊 Analytics Cookies: Help us understand website usage (with your consent)
🎯 Marketing Cookies: Support our marketing efforts (with your consent)
⚙️ Functional Cookies: Remember your preferences and settings

You can manage your cookie preferences through our consent banner or your browser settings at any time.

🔄 Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, services, legal requirements, or technology. Our commitment to transparency means:

How We Handle Updates:

📝 Clear Documentation: All changes clearly marked and dated
📧 Proactive Notification: Email alerts for material changes
🌐 Website Notice: Prominent announcements on our website
✅ Fresh Consent: New consent requests where required by law
📋 Version Control: Previous versions available upon request

Material changes will be communicated at least 30 days before they take effect, giving you time to review and make informed decisions about your data.

📋 Data Controller Information

📋 Contact Information