Privacy policy

Privacy Commitment

ATXpert is dedicated to safeguarding the privacy and rights of all individuals whose personal data we manage, in compliance with the General Data Protection Regulation (GDPR). This regulation, effective from May 25, 2018, enhances individuals' control over their personal information, ensuring stronger protections for data privacy.

Data Collection and Processing

In the course of our operations, ATXpert collects and processes personal data from those who interact with us and visit our website. This may include details like IP addresses, geographic location, browser types, referral sources, visit duration, and page views. We are committed to maintaining the privacy of this information and to being transparent about the data we collect and how it is used.

Policy Overview

This policy outlines our approach to managing personal data. We aim to ensure that everyone we engage with understands and trusts our data practices. ATXpert is committed to handling your information in compliance with all relevant data protection laws.

Use of Personal Data

We use the personal data provided to us for legitimate business activities, including:

  • Managing and improving our website's functionality and enhancing the user experience;

  • Issuing statements, invoices, and processing payments;

  • Communicating with you about non-marketing matters;

  • Sending marketing communications related to ATXpert's services, with an opt-out option for future communications;

  • Delivering services requested by or on behalf of the data subject;

  • Investigating potential criminal activity.

Legal Basis for Data Processing

We rely on the following legal grounds for processing personal data:

  • Consent: Article 6(1)(a) GDPR is the basis when we obtain explicit consent for specific data processing purposes.

  • Contractual Necessity: Under Article 6(1)(b) GDPR, we process data as necessary for fulfilling contractual obligations, such as providing consultancy services, or for pre-contractual inquiries.

  • Legal Obligation: Article 6(1)(c) GDPR applies when processing is required to meet legal obligations, like maintaining accounting records or fulfilling tax duties.

  • Public Interest: If the data subject is involved in legal proceedings, we process data based on Article 6(1)(e) GDPR in the public interest.

  • Legitimate Interests: By providing us with case-related information, the data subject consents to processing under Article 6(1)(f) GDPR. We may also use contact details for marketing purposes under this premise.

Data Sharing

We may share personal data with employees, officers, agents, suppliers, or subcontractors when necessary to deliver our services or for purposes outlined in this policy. Additionally, we may disclose information:

  • As required by law;

  • In connection with legal proceedings or potential legal proceedings;

  • To regulatory bodies for quality assurance;

  • To establish, exercise, or defend our legal rights, including fraud prevention and credit risk reduction.

If personal data needs to be transferred to countries outside the European Economic Area (EEA) that do not have equivalent data protection laws, we will notify you in advance, unless the transfer is to the country from which you, your advisors, or our instructing parties are communicating with us.

Data Security

While we strive to protect your personal data, please be aware that data transmission over the internet is inherently insecure, and we cannot guarantee its security. We implement appropriate electronic and physical security measures to safeguard the personal data we receive, including access restrictions, defined retention periods, and secure destruction policies.

Data Retention and Disposal

We retain personal data only as long as necessary to fulfill the purpose for which it was collected. Our retention policy is designed to protect both personal and public interests. In the case of forensic data, we may retain records for up to 30 years, though data not used in any service provided will be destroyed within 18 months. Contact information will be retained for ongoing communication about relevant cases or services unless you request otherwise. When data is no longer needed, we will securely delete or anonymize it according to our policies and legal obligations.

Your Rights

Unless legal obligations override, you have the right to access your personal data and request corrections if inaccuracies are found. To exercise these rights, you must submit a written subject access request to the Data Controller.

ATXpert is a limited company registered at Friary Cottage, Manor Park, Chislehurst, BR7 5QD

Privacy policy
Contact
Newsletter

Registration number 15875812

ICO registered

Hiscox professional indemnity insured

CJSM affiliated