Privacy Notice

In this Privacy Notice, Atrato Partners Limited and Atrato Capital Limited are referred to as “Atrato”. Atrato will be the controller of your personal data (“Personal Data”).

Atrato is strongly committed to protecting the confidentiality and security of your Personal Data.


This document is referred to as our “Privacy Notice” and describes how we use the Personal Data that we collect and receive about you.



If you require any assistance in connection with our Privacy Notice or have questions about it, please contact our Data Champion, whose contact details are set out below:

Data Champion

Atrato Partners Limited

36 Queen Street

London EC4R 1BN


Telephone: +44 20 3790 8087



If you have any concerns in relation to the way in which we collect, share or use your Personal Data, we would like you to let us know. You can contact us using the details above.


If you are not happy with our response, you have a right to complain to the Information Commissioner on its website at or at:


Wycliffe House

Water Lane


Cheshire SK9 5AF


Tel: 0303 123 1113

Individual Rights

We have set out a summary of your rights regarding your Personal Data below. 

The right to be informed

  • You have the right to be provided with clear, transparent and easily understandable information about how we use your Personal Data and your rights. This is why we are providing you with the information in this Privacy Notice.

The right of access

  • You have the right to obtain access to your Personal Data (if we’re processing it), and other supplementary information that we may hold, to give you an understanding as to how and why we are using your data, and to enable you to check we are doing it lawfully.

The right to rectification

  • You are entitled to have your Personal Data corrected if it’s inaccurate or incomplete.

The right to be forgotten

  • You are entitled to request the deletion or removal of your Personal Data where there’s no compelling reason for us to keep using it. This is not an absolute right to be forgotten. We may have a right to retain the information where we are under a legal obligation to do so or have another valid legal reason to retain it.

The right to restrict processing

  • In certain situations you have the right to “block” or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We retain a record of those individuals who have asked for further use of their Personal Data to be ‘blocked’ in order to ensure that this restriction is respected in the future.

The right to data portability

  • You have the right to obtain a copy of some of the Personal Data that we hold on you and you are entitled to reuse or share it for your own purposes.

The right to object

  • You have the right to object to certain types of processing, including processing for direct marketing (which we will not do without first having obtained your consent).



We may contact you through one or more of the following communications channels: by telephone, mail, email, text (SMS) message, instant messaging or other electronic means.

We may record some telephone calls and other electronic communications for regulatory purposes.


We store all communication recordings securely in accordance with our retention policies and applicable laws. Access to those recordings is restricted to only those individuals who have a need to access them for the purposes set out in this Privacy Notice.


Personal Data


The types of Personal Data we hold may include your:

  • name;

  • contact details including email details and phone numbers;

  • age or date of birth;

  • passport number and passport photo page;

  • photocard driving licence;

  • national identity card and numbers;

  • specialised license such as shotgun or firearms certificate;

  • pension or tax document;

  • utility bill;

  • bank or credit card statement;

  • gender; and/or

  • occupation;

Note: We do not hold any special categories of Personal Data about you.


​What we know about you is mostly provided by you or your company or agent on your behalf in connection with a transaction or other business relationship. You or someone acting on your behalf may provide us with Personal Data at various times and via various communication channels including phone, email and text, for example when you:

  • hold a role within a company that we are providing services, product information or financing to and we require your personal information in order to conduct “know your customer” and related due diligence checks in relation to that company;

  • ask to have an Atrato representative contact you;

  • do business with us as a representative of a company and we need a person to contact for purposes of administering the relationship and/or financing contract with the company you represent.

We may from time to time need to check the Personal Data that we hold about you with other third parties (such as anti-fraud agencies) in order to ensure that it is correct and complete.


We may use the Personal Data we have about you to:

  • check your identity and to comply with our legal, compliance, audit and regulatory requirements;

  • provide you with the information, products and services that you request from us;

  • administer our relationship with you whilst you represent a client, counterparty or other entity doing business with us and to communicate with you relating to such relationships;

  • investigate any complaint that you may make;

  • provide evidence in any dispute or anticipated dispute between you and us;

  • train our staff; and

  • monitor the quality of our products and services.


The Legal Basis

The legal basis for our processing of Personal Data will depend on why we are processing such information.

Where a company you are employed by or otherwise represent is involved in a financing transaction with us, we may process your Personal Data in order to enter into, perform, and administer such transaction.

We may also need to process your Personal Data to comply with our legal obligations including in relation to performing anti-money laundering, terrorism prevention and sanctions screening checks, complaints and investigations or litigation and disputes.

Where you use our website, we will process your Personal Data collected by using cookies in accordance with our Cookie Policy.

We also have a legitimate interest to process your Personal Data for:

  • communications purposes;

  • ongoing management of our relationship and contracts with a company with which you are associated or which you represent or work for (e.g. providing client reports);

  • our internal business purposes (which may include business and disaster recovery, document retention/storage, IT service continuity (e.g. back-ups and helpdesk assistance)), in order to enhance the quality of the products and services we provide to you;

  • Where you have given us your permission to do so, we will use relevant Personal Data to enable us to provide you with information about products and services that may be of interest to the company you are employed by or represent.


We will always seek your consent to process Personal Data where we are legally required to do so.


Disclosure and Sharing

We may use and share your Personal Data with other companies in the Atrato group to:

  • help us provide products or services to the company you represent or are employed by;

  • administer the financing transactions that we enter into with third parties, such as the company you represent or are employed by;

  • confirm or correct what we know about you;

  • help us prevent fraud, money laundering, terrorism and other crimes;

  • comply with the law, for example, to enable sharing your Personal Data with the police or fraud agencies where necessary to prevent fraud;

  • audit our business;

  • provide you with information about the Atrato group and the products and services that may be of interest to you;

  • fulfil other business purposes such as product development and website administration;

  • help us provide products or services to the company you represent or are employed by; and


We may share your Personal Data with our professional advisers who help us enter into and administer transactions and provide services to our clients. For example we may share your Personal Data:

  • to comply with the law or rules of any regulatory body whose rules apply to Atrato;

with credit reference agencies, the police, consumer reporting businesses, fraud prevention agencies, and sanctions databases and authorities (such as databases we use in the due diligence process and certain government websites) to check your identity and conduct “know your customer” and other due diligence checks we consider necessary in conducting our business. Whenever we share your Personal Data with third parties who perform business services for us, we ensure that they take appropriate steps to protect your Personal Data and only use the Personal Data for the purpose of performing those services.


Other reasons we may share your Personal Data with third parties  include but are not limited to:

  • enforcing our agreement with the company you represent or are employed by;

  • protecting the rights, property, or safety of Atrato, our customers, or others; and

  • doing what a court, regulator or government agency requires us to do, for example, complying with a search warrant or court order or acting as required or permitted by applicable law or regulation.



The security and confidentiality of your Personal Data is extremely important to us.

We have technical, administrative, and physical security measures in place to:

  • protect your Personal Data from unauthorised access and improper use;

  • secure our IT systems and safeguard the information; and

  • ensure we can restore your Personal Data in situations where the data is corrupted or lost in a disaster recovery situation.

 Where appropriate, we use encryption or other security measures which we deem appropriate to protect your Personal Data. We also review our security procedures periodically to consider appropriate new technology and updated methods. You should be aware however that, despite our reasonable efforts, no security measure is ever perfect or impenetrable.

Data Transfer

We may transfer your Personal Data to other countries. The countries in the European Economic Area are considered to provide the same level of protection to Personal Data as the UK does. Where we transfer Personal Data or share it with others outside the European Economic Area, we will ensure that we and those persons or companies who we transfer it to agree to protect it from improper use or disclosure, in accordance with data protection law by appropriate mechanisms.

From time to time, we may sell or transfer one or more of our businesses to another company or affiliate, and your Personal Data may be transferred as a part of that sale or transfer. Any new provider will continue to use your Personal Data for the same purposes unless you are notified otherwise. We may also share your Personal Data with prospective purchasers of our business and their professional advisers but will ensure that appropriate safeguards are in place to protect your information in such circumstances.


Our data retention policies comply with applicable laws and privacy legislation to which we are subject. We safely and securely destroy all data which we are no longer required to keep in accordance with time limits set out in our policies and/or all applicable legislation.


Amendments to this Privacy Notice

​We may amend this Privacy Notice at any time. If we make any material change in how we collect your Personal Data, or how we use or share it, we will prominently post notice of the changes on our website.

Governing law

This Privacy Notice shall be governed by and construed in accordance with English law and you agree to submit to the non-exclusive jurisdiction of the English Courts.