Privacy & Cookie Policy


Atrato is strongly committed to in protecting the confidentiality and security of your personal data. This document is referred to as our “Privacy Notice” and describes how we use the personal data that we collect and receive about you.

In this Privacy Notice, Atrato Partners Limited and Atrato Capital Limited are referred to as "Atrato". Atrato will be the controller of your personal data.



If you want help with our Privacy Notice or have questions about it, please contact our Data Privacy Correspondent whose contact details are below:

Data Compliance Champion:

Atrato Partners Limited,

123 Victoria Street,



Telephone: +44 20 3790 8087



If you are unhappy about any aspect of the way we collect, share or use your personal data, we would like you to tell us. You can contact us using the details above.


If you are not happy with our response, you have a right to complain to the Information Commissioner at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Tel: 0303 123 1113 or on its website at


We have set out a summary of your rights regarding your personal data below. 

Individual Rights

What does this mean?

The right to be informed

  • You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. This is why we're providing you with the information in this Privacy Notice.

The right of access

  • You have the right to obtain access to your personal data (if we're processing it), and other supplementary information we may hold, to give you an understand how and why we are using your data, and check we are doing it lawfully.

The right to rectification

  • You're entitled to have your personal data corrected if it's inaccurate or incomplete.

The right to erasure

  • This is also known as ‘the right to be forgotten’ and enables you to request the deletion or removal of your personal data where there’s no compelling reason for us to keep using it. This is not an absolute right to erasure. We may have a right to retain the information where we are under a legal obligation to do so or have another valid legal reason to retain it.

The right to restrict processing

  • In certain situations you have the right to "block" or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their personal data to be 'blocked' to make sure the restriction is respected in the future.

The right to data portability

  • You have rights to obtain a copy of some of the personal data that we hold on you and reuse or share it for your own purposes.

The right to object

  • You have the right to object to certain types of processing, including processing for direct marketing (which we do only with your consent).



We may contact you through one or more of the following communications channels: by telephone, mail, email, text (SMS) message, instant messaging or other electronic means.

We record some telephone calls and other electronic communications for regulatory purposes. We store call and other communication recordings securely in accordance with our retention policies and applicable laws. Access to those recordings is restricted to those individuals who have a need to access them for the purposes set out in this notice.


Personal Data

The types of personal data we hold may include your:

  • name;

  • contact details including email details and phone numbers;

  • age or date of birth;

  • passport number and passport photo page;

  • photocard driving licence;

  • national identity card and numbers;

  • specialised license such as shotgun or firearms certificate;

  • pension or tax document;

  • utility bill;

  • bank or credit card statement;

  • gender, occupation;

  • hobbies, recreational activities or sports;

Note: We do not hold special categories of personal data about you.

What we know about you is mostly provided by you or your company or agent on your behalf in connection with an investment transaction or other business relationship. You or someone acting on your behalf may provide us with personal data at various times and via various communication channels including phone, email and text, for example when you:

  • hold a role within a company that we are providing services, product information or financing to and we require your personal information in order to conduct "know your customer" and related due diligence checks in relation to that company;

  • ask to have an Atrato representative contact you;

  • do business with us as a representative of a company and we need a person to contact for purposes of administering the relationship and/or financing contract with the company you represent.

We may need to check the personal data we have about you to make sure it is correct and complete with other sources such as anti-fraud agencies.


We use the personal data we have about you to:

  • check your identity and to comply with our legal, compliance, audit and regulatory requirements;

  • provide you with the information, products and services that you request from us;

  • administer our relationship with you whilst you represent a client, counterparty or other entity doing business with us and to communicate with you relating to such relationships;

  • investigate any complaint you may make;

  • provide evidence in any dispute or anticipated dispute between you and us;

  • train our staff; and

  • monitor the quality of our products and services.


The Legal Basis

The legal basis for our processing of personal data will depend on why we process your information.

Where a company you work for or otherwise represent is involved in a financing transaction with us, we may process your personal data in order to enter into, perform, and administer such transaction.

We may also need to process your personal data to comply with our legal obligations including in relation to performing anti-money laundering, terrorism prevention and sanctions screening checks, complaints and investigations or litigation.

Where you use our website, we will process your personal data collected by using cookies in accordance with our cookie policy.

We also have a legitimate interest to process your personal data for:

  • communications purposes;

  • ongoing management of our relationship and contracts with a company with which you are associated or which you represent or work for (e.g. providing client reports);

  • our internal business purposes which may include business and disaster recovery, document retention/storage, IT service continuity (e.g. back-ups and helpdesk assistance) to ensure the quality of the products and services we provide to you;

  • Where you have given us your permission to do so, we will use relevant personal data to enable us to provide you with information about products and services that may be of interest to the company you work for, represent, or similar.


We will always seek your consent to process personal data where we are legally required to do so.


Disclosure and Sharing

We may use and share your personal data with other companies in the Atrato group to:

  • help us provide products or services to the company you represent or are employed by;

  • administer the financing transactions that we enter into companies, such as the one you represent or are employed by;

  • confirm or correct what we know about you;

  • help us prevent fraud, money laundering, terrorism and other crimes;

  • comply with the law by, for example, to enable sharing your personal data with the police or fraud agencies where necessary to prevent fraud;

  • audit our business;

  • provide you with information about Atrato and the products and services that may be of interest;

  • fulfil other business purposes such as product development and website administration.

  • help us provide products or services to the company you represent or are employed by;

  • administer the financing transactions that we enter into companies, such as the one you represent or are employed by;

  • confirm or correct what we know about you;


We may share your personal data with our professional advisers who help us enter into and administer financing transactions and provide services to our investment management clients. For example we may share your personal data:

  • to comply with the law or rules of any regulatory body whose rules apply to Atrato;

  • with credit reference agencies, police, consumer reporting, fraud prevention agencies, and sanctions databases and authorities (such as [databases we use in DD process, government websites etc…]) to check your identity and conduct "know your customer" and other due diligence checks we consider necessary in conducting our investments business.

  • When we share your personal data with third parties who perform business services for us, we require them to take appropriate steps to protect your personal data and only use the personal data for the purpose of performing those services.


Other reasons we may share what we know about you include:

  • enforcing our agreement with the company you represent or are employed by;

  • protecting the rights, property, or safety of Atrato, our customers, or others; and

  • doing what a court, regulator or government agency requires us to do, for example, complying with a search warrant or court order or acting as required or permitted by applicable law or regulation.



The security and confidentiality of your personal data is extremely important to us. We have technical, administrative, and physical security measures in place to:

  • protect your personal data from unauthorised access and improper use;

  • secure our IT systems and safeguard the information; and

  • ensure we can restore your data in situations where the data is corrupted or lost in a disaster recovery situation.


Where appropriate, we use encryption or other security measures which we deem appropriate to protect your personal data. We also review our security procedures periodically to consider appropriate new technology and updated methods. But, despite our reasonable efforts, no security measure is ever perfect or impenetrable.

Data Transfer

We may transfer your personal data to other countries. The countries in the European Economic Area are considered to provide the same level of protection to personal data as the UK does. Where we transfer personal data or share it with others outside the European Economic Area, we will ensure that we and those persons or companies who we transfer it to agree to protect it from improper use or disclosure, in accordance with data protection law by appropriate mechanisms.

From time to time, we may sell or transfer one or more of our businesses to another company or affiliate, and your personal data may be transferred as a part of that sale or transfer. Any new provider will continue to use your personal data for the same purposes unless you are notified otherwise. We may also share your personal data with prospective purchasers of our business and their professional advisers, but will ensure that appropriate safeguards are in place to protect your information in such circumstances.


Our data retention policies comply with applicable laws and privacy legislation to which we are subject. We safely and securely destroy data which we no longer need to keep in accordance with time limits set out in our policies.

Amendments to this Privacy Notice

We may amend this Privacy Notice at any time. If we make any material change in how we collect your personal data, or how we use or share it, we will prominently post notice of the changes on the websites covered by this Privacy Notice.

Governing law

This Privacy Notice is governed by English law.