Contact Us Login

Privacy Policy

ATLASINVEST OÜ is committed to protecting your privacy and managing your personal data in accordance with the highest standards, including the ISO/IEC 27701:2019 Privacy Information Management System (PIMS). This privacy policy explains how we collect, use, disclose, and protect your personal data and your rights concerning that data. 

1. Scope 

This policy applies to all personal data processed by ATLASINVEST OÜ in connection with our business activities, including data collected through our website, services, and other interactions. 

2. Personal Data We Collect 

We may collect the following categories of personal data: 

Identification data (e.g., name, date of birth) 

Contact details (e.g., email address, phone number, mailing address) 

Account information (e.g., username, password) 

Usage data (e.g., IP address, browser type, service usage) 

Payment and billing information 

Any other data voluntarily provided to us 

3. Purpose and Legal Basis for Processing 

We process personal data for the following purposes and under lawful bases: 

To provide and manage our services (contractual necessity) 

To comply with legal obligations (legal compliance) 

To improve and personalize your experience (legitimate interests) 

To communicate important information and updates (consent or contractual necessity) 

To protect our rights and prevent fraud (legitimate interests) 

4. Data Subject Rights 

You have the following rights regarding your personal data: 

Right to be informed about the processing of your personal data 

Right to access your personal data 

Right to rectify inaccurate or incomplete data 

Right to erase your personal data (“right to be forgotten”) 

Right to restrict processing in certain circumstances 

Right to data portability 

Right to object to processing based on legitimate interests 

Right to withdraw consent at any time (where processing is based on consent) 

Right to lodge a complaint with a supervisory authority 

To exercise these rights, please contact us at info@atlascommunications.co. 

 5. Data Sharing and Disclosure 

We do not sell your personal data. We may share your data with: 

  • Service providers and partners who process data on our behalf under confidentiality agreements 
  • Legal and regulatory authorities when required by law or to protect our rights 
  • Other third parties with your explicit consent 
  • All third parties are required to maintain appropriate data protection safeguards. 

ATLASINVEST OÜ does not disclose personal data to any third party unless: 

  • The request is legally binding (e.g., a court order or statutory obligation), or 
  • The disclosure is explicitly authorized by the corresponding customer through a contractual agreement. 

Any non-legally binding or informal requests (e.g., voluntary cooperation requests) for access to personal data will be rejected. 

If a legally binding request is received, ATLASINVEST OÜ will: 

  • Notify and consult the affected customer in advance, unless prohibited by law; 
  • Only disclose the minimum required information; 
  • Document the request and the data provided. 

6. Conditions for Third-Party Access to Personal Data 

7. Data Retention 

We retain personal data only as long as necessary for the purposes outlined in this policy, or as required by law. When no longer needed, data is securely deleted or anonymized. 

8. Data Return, Transfer & Secure Disposal 

At the termination of our services, or upon written request from a customer, ATLASINVEST OÜ will: 

– Return or transfer all personal data that we Process on the customer’s behalf in a commonly-used, machine-readable format; 

  • Delete or irreversibly anonymize any remaining copies on our systems, unless retention is required by law; 
  • Perform all return and transfer activities using encrypted channels; 
  • Provide written confirmation of completion to the customer upon request. 

9. Use of Sub-processors 

ATLASINVEST OÜ may engage trusted third-party service providers (“Sub-processors”) to process personal data on our behalf in connection with the provision of our services. These Sub-processors are contractually bound to maintain confidentiality, implement appropriate security measures, and comply with applicable data protection laws, including the requirements of ISO/IEC 27701. 

We ensure that: 

  • All Sub-processors process personal data only as necessary to support our services; 
  • Sub-processors are disclosed to customers before engagement where required; and 
  • Customers may request an up-to-date list of active Sub-processors at any time. 
  • A current list of Sub-processors is maintained in Annex A to this Privacy Policy. 

If we make material changes to our Sub-processor list, we will notify customers as required by contract or regulation. 

10. Data Security 

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, alteration, or disclosure. Our security controls align with the ISO/IEC 27001 and ISO/IEC 27701 standard requirements. 

11. International Transfers 

ATLASINVEST OÜ may transfer and process your personal data outside your country of residence. 

We ensure all such transfers are performed in accordance with applicable data protection laws and subject to appropriate safeguards (such as Standard Contractual Clauses or adequacy decisions). 

Personal data may be transferred to or accessed from the following countries or regions: 

  • European Union (EU) 

12. Privacy by Design and Risk Management 

We integrate privacy considerations into our processes and systems from the outset and continually assess risks related to personal data processing in line with ISO 27701 principles. 

13. Updates to This Policy 

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes and post the updated policy on our website. 

14. Government Requests and Customer Notification 

In the event that ATLASINVEST OÜ receives a legally binding request from a government authority, court, or law enforcement agency to disclose personal data, we will: 

  • Promptly notify the affected customer before making such disclosure, unless legally prohibited; 
  • Provide a summary of the request and the data disclosed (if allowed); 
  • Challenge the request if, in our reasonable judgment, it is unlawful or excessive. 

If we are legally prohibited from notifying the customer, we will document that restriction and disclose the data only to the extent required. 

15. Contact Us 

If you have any questions or concerns about this privacy policy or our data practices, please contact: 

Data Protection Officer 

ATLASINVEST OÜ 

Harju maakond, Kuusalu vald, Pudisoo küla, Männimäe,

74626, Estonia

Email: legal@atlascommunications.co

Phone: +33 7 44 09 20 78

Information Security PolicyDownload