Privacy Policy and GDPR

Francesca

Atlas Translations Ltd (“We or Us“) are committed to protecting and respecting your privacy.

We take our duty to process your personal data very seriously. This policy (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

We are registered as Data Controller, Registration Number Z8678346, in accordance with the current Data Protection Legislation.

PEDRO

“Pedro” refers to our Bespoke Project Management Program on which information is stored.

Pedro is written in ASP.net v4.5 and is hosted on a Windows-based VPS (Virtual Private Server) which is controlled by us and situated in the UK. Other uploaded documents are stored by us on another VPS which is also controlled by us but located in the USA. This is done in accordance with guidance issued by the Information Commissioner’s Office (ICO).

Pedro is secured by SSL Encryption on the front and back ends.

User passwords are stored in a hash format such that we have no access to them. No other data encryption is used in the database.

Pedro communicates via web API with a third party application – QuickBooks Online – sending and receiving personal and other financial data. You can find further details about their Terms of Service and their EU Privacy Statement on their website.

INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following data about you:

  • Information that you provide to us directly by filling in forms on our site www.atlas-translations.co.uk (“our site”). This includes information provided and entered by prospective suppliers, with an interest in working with us, at the time of registering to use our site (including contact details and addresses). It also includes any information provided at the time of subscribing to our service, posting material, or requesting further services. We may also ask you for information when you report a problem with our site.
  • Supplier Accounts Information so that we are able to process invoices, and also for Tax and Accounting purposes.
  • Basic client (both existing and prospective) information such as names and contact details.
  • Email addresses of those who choose to sign up to our monthly newsletter.
  • If you contact us, we may keep a record of that correspondence.
  • We may also ask you to complete surveys that we use for research and customer feedback purposes, although you do not have to respond to them.
  • Details of transactions you carry out through our site, including invoicing, collecting payment and the fulfilment of your orders.
  • Credit and Debit Card information in order to process payments by telephone.
  • Details of your visits to our site and the resources and pages that you access.
  • From publicly available sources (where possible) to keep your information up to date (e.g. the Post Office’s National Change of Address database).

CHILDREN

We only deal with clients and suppliers over the age of 18.

When we offer placements to school children, this is arranged with the school and a parent or guardian is included in all correspondence.

The Company recognises the special obligation to protect personally identifiable information obtained from children age 13 and under. As such, if you are 13 years old or younger, the company requests that you do not submit any personal information to the site or to the company. If the Company discovers that a child age 13 or younger has signed up on the Site or provided us with personally identifiable information, we will delete that child’s identifiable information from our records.

IP ADDRESSES

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.

COOKIES

We may obtain information about your general internet usage by using cookie files which are stored on the hard drive of your computer. These cookies collect information, and are then sent back to the originating website on each subsequent visit. They help us to improve our site and to deliver a better and more personalised service. They enable us:

  • To estimate our audience size and usage pattern.
  • To store information about your preferences, and so allow us to customise our site according to your individual interests.
  • To speed up your searches.
  • To recognise you when you return to our site.
Cookie Name Expiration Time Purpose/Description
Google Analytics

_utma
_utmb
_utmc
_utmz

These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
wordpress_[hash] End of browser session On login, wordpress uses the wordpress_[hash] cookie to store your authentication details. Its use is limited to the admin console area, /wp-admin/
wordpress_logged_in_[hash] End of browser session After login, wordpress sets the wordpress_logged_in_[hash] cookie, which indicates when you’re logged in, and who you are, for most interface use.
wp-settings-{time}-[UID] 1 year WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customise your view of admin interface, and possibly also the main site interface.
wp-settings-[UID] 1 year The number on the end is your individual user ID from the users database table. This is used to customise your view of admin interface, and possibly also the main site interface.
wordpress_test_cookie End of browser session WordPress sets this cookie when you navigate to the login page. The cookie is used to check whether your web browser is set to allow, or reject cookies.
wordpress_logged_in_[hash] End of browser session WordPress uses this cookie to indicate when you’re logged in, and who you are, for most interface use.
_ga 2 years Used to distinguish users
_gid 24 hours Used to distinguish users
_gat 1 minute Used to throttle request rate.
_gac_<property-id> 90 days Contains campaign-related information for the user. If you have linked your Google Analytics and AdWords accounts, AdWords website conversion tags will read this cookie unless you opt-out.

By using our website, you agree we can place these types of cookies on your device.

We have a consent box on our website so you can accept cookies before you proceed through the site.

We also make use of a LiveChat service on our website, which allows us to respond to inquiries in real time. For further information on this service and its Privacy Policy, you can visit their website at https://www.livechatinc.com/privacy-policy/.

In addition to this we use a call back service, which enables clients or prospective customers to request that we phone them to respond to inquiries and provide our services. Further details about their Privacy Policy can be found here https://responseiq.com/privacy-policy/.

WHERE WE STORE YOUR PERSONAL DATA

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Backups of the Pedro Database and File Structure (including documents) are taken daily via an automatic process and are then uploaded to our secure cloud storage facility.

RETAINING YOUR INFORMATION

We retain information securely and as legally required for accounting purposes if we work with you.

Any information we hold on you can be deleted upon request (as per the right to be “forgotten” detailed below).

We hold your information only as long as necessary, according to accounting requirements for instance if we have worked with you.

If you decide not to work with Atlas any more or request that we have no further contact with you, we will keep some basic information in order to avoid sending you unwanted materials in the future and to ensure that we don’t accidentally duplicate information.

USES MADE OF THE INFORMATION

We use information held about you when it is in our legitimate interests (see https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/legitimate-interests/) to do so and when these interests do not override your own interests and rights: namely, in the following ways:

  • To ensure that content from our site is presented in the most effective manner for you and for your computer.
  • To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
  • To carry out our obligations arising from any contracts entered into between you and us.
  • To allow you to participate in interactive features of our service, when you choose to do so.
  • To notify you about changes to our service.

If you are an existing customer, we may contact you by electronic means (e-mail) with information about goods and services similar to those which were the subject of a previous sale to you.

If you are a new customer, we will contact you to provide prices and information.

Credit and Debit card information is used in order to process payment by telephone. We ensure that all our procedures conform to the Payment Card Industry Data Security Standard (PCI DSS). Compliance is designed to protect businesses and their customers against payment card theft and fraud. As we accept, store, and transmit card data, PCI DSS compliance validation is required by card brands such as Visa, MasterCard, and American Express. This is audited by Security Metrics and all our staff are trained accordingly.

DISCLOSURE OF YOUR INFORMATION

We may disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If our business or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions of supply and other agreements; or to protect the rights, property, or safety of our business, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection, criminal investigations, national security, and credit risk reduction.
  • When we use other companies to provide services on our behalf. This applies to mailing or delivering orders via third-party companies such as Royal Mail. It also applies to notarisation and legalisation/apostille services, which are completed through a public notary and the Foreign and Commonwealth Office respectively.
  • We may disclose aggregate statistics about our site visitors, supporters, customers and sales to describe our services and operations to prospective clients, advertisers and other reputable third parties and for other lawful purposes, but these statistics do not include any personally identifying information.

Except under the above circumstances, supplier registration and referee information is not shared with anyone outside the office apart from our accountant and from Glint Media who are responsible for maintaining the platform that Pedro is hosted on and for providing updates and maintenance. In case of VAT inspection, this information may also be shared with HMRC if requested. This information is also viewed by Bureau Veritas during QA annual audits, and our IT support company 5 Rings who log in to access our PCs in order to run maintenance checks and ensure security.

Except under the above circumstances, client information is not shared with anyone outside the office apart from Glint Media who are responsible for maintaining the platform that Pedro is hosted on and for providing updates and maintenance. This information is also viewed by Bureau Veritas during QA annual audits, and our IT support company 5 Rings who log in to access our PCs in order to run maintenance checks and ensure security.

Except under the above circumstances, we do not share our mailing list with anyone except the mailing system we use to prepare and send our monthly newsletter, currently Campaign Monitor. We have checked to ensure that they have effective systems in place to protect this data (this can be viewed here: https://www.campaignmonitor.com/trust/security-privacy-data-matter-us/).

We will never sell or rent your personal information to other organisations. 

YOUR RIGHTS

A new data protection law, introduced in May 2018, grants everybody a number of very important rights. These are:

  • The right to transparency over how and why we process your personal information (the right to be informed), and with whom it is shared.
  • The right to obtain a confirmation that your information is being processed, and the right to request a copy of the information we hold about you, which shall be provided within one month of receipt of request (the right of access).
  • The right to update or amend information we hold about you if it is incorrect (the right to rectification). A response to a rectification request shall be provided within one month of receipt.
  • The right to ask us to stop using your information (the right to restrict processing). A response to such a request shall be provided within one month of receipt.
  • The right to ask us to remove your personal information from our records (the right to be ‘forgotten’). A response to such a request shall be provided within one month of receipt.
  • The right to object to the processing of your information for marketing purposes (the right to object).
  • The right to obtain and reuse your personal data for your own purposes (the right to data portability).
  • The right to not be subject to a decision when it is based on automated processing (rights related to automated decision making including profiling).

We will always inform you (before collecting your data) if we intend to use your data for marketing purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.  You can also exercise the above rights at any time by contacting us in writing at: 8 Spicer Street, St Albans AL3 4PQ, United Kingdom OR at: clare@atlas-translations.co.uk

You can find additional information concerning your rights under the data protection law on the Information Commissioner’s Office Website (https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/).

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates.  If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.  Please check these policies before you submit any personal data to these websites.

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.

CONTACT

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to: Atlas Translations Ltd, 8 Spicer Street, St Albans AL3 4PQ, United Kingdom or clare@atlas-translations.co.uk

Last updated on: June 2018