Privacy Policy

Atlas One Limited (“we,” “us,” “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our payroll services, interact with our website, and engage with us in other ways. Please read this policy carefully to understand our views and practices regarding your personal data and how we will treat it.

By using our services or visiting our website, you agree to the terms outlined in this Privacy Policy.

1. Information We Collect

We may collect and process the following types of personal data:

a. Personal Identification Information:

  • Full name
  • National Insurance number
  • Contact details (email address, phone number, postal address)
  • Date of birth
  • Gender

b. Employment Information:

  • Job title
  • Salary or payment rates
  • Employment status (e.g., full-time, part-time, contractor)
  • Bank account details (for payroll purposes)
  • Tax codes
  • Pensions contributions data
  • Benefits and allowances (e.g., healthcare, car allowance)
  • IR35 status and related contractual information

c. Financial and Payroll Information:

  • Pay details (salary, hourly rates, bonuses, etc.)
  • Pay dates
  • Tax deductions
  • National Insurance contributions
  • Pension contributions
  • Holiday, sick leave, and other statutory payments

d. Web and Technical Information:

  • IP addresses
  • Browser type and version
  • Device information
  • Referring website, pages viewed, and the date and time of your visit (through cookies or similar tracking technologies)

2. How We Use Your Information

We collect and process your personal data for the following purposes:

  • Payroll Processing: To calculate, process, and pay wages, tax, National Insurance contributions, pension contributions, and other relevant benefits.
  • Compliance with Legal Obligations: To comply with tax laws, employment laws (including IR35), and other regulatory requirements (e.g., issuing P60s, P11Ds, reporting to HMRC).
  • Communication: To communicate with you regarding payroll, payments, and other employment-related matters.
  • Improvement of Services: To improve the quality of our services, including managing client relationships, resolving queries, and providing personalized support.
  • Security: To protect the security of your personal data and our systems from unauthorized access or misuse.

3. Legal Basis for Processing Personal Data

Under the General Data Protection Regulation (GDPR), we rely on the following legal bases to process your personal data:

  • Contractual Necessity: Processing personal data is necessary to provide payroll services and fulfil our contractual obligations with you.
  • Legal Obligation: We process personal data to comply with our legal obligations, such as submitting RTI reports to HMRC and administering pension schemes.
  • Legitimate Interests: We may process personal data for our legitimate interests in improving our services, communicating with clients, and ensuring secure processing of payroll.
  • Consent: In some cases, we may seek your explicit consent to process your data, for example, for marketing or other specific purposes.

4. Sharing of Personal Data

We may share your personal data with third parties in the following circumstances:

  • HMRC: To comply with tax and payroll reporting requirements (e.g., RTI submissions, tax filings).
  • Pension Providers: To manage pension contributions and administer auto-enrolment pension schemes.
  • Payment Providers: To process salary payments, manage banking details, and other financial transactions.
  • Third-Party Service Providers: We may use third-party providers (e.g., IT service providers, payroll software companies) to assist with payroll processing and data management. These third parties are required to maintain confidentiality and comply with data protection laws.
  • Legal and Regulatory Authorities: If required by law, we may disclose your personal data to regulatory bodies, government agencies, or law enforcement authorities.

We ensure that any third parties with whom we share personal data provide adequate protection for your information in compliance with GDPR.

5. Data Retention

We will retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law. This includes retaining data to meet legal, accounting, or reporting requirements.

After the data is no longer required, we will securely delete or anonymize the information in accordance with our data retention policies.

6. Your Rights Under GDPR

You have the following rights in relation to your personal data:

  • Right to Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You can request corrections to any inaccurate or incomplete personal data we hold about you.
  • Right to Erasure: In certain circumstances, you can request the deletion of your personal data. This may not apply if we are required to retain the data for legal or contractual reasons.
  • Right to Restrict Processing: You can request that we restrict the processing of your personal data in certain circumstances, for example, if you believe the data is inaccurate or processed unlawfully.
  • Right to Data Portability: You can request a copy of your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object to the processing of your personal data in certain circumstances, particularly when we process data based on legitimate interests.
  • Right to Withdraw Consent: If we process your data based on consent, you have the right to withdraw that consent at any time.

If you wish to exercise any of these rights, please contact us using the contact details provided below.

7. Data Security

We take the security of your personal data seriously and use appropriate technical and organizational measures to protect it against unauthorized access, loss, or destruction. This includes using encryption, firewalls, secure servers, and access control mechanisms.

However, please note that no method of data transmission over the internet or electronic storage is entirely secure. While we strive to protect your personal data, we cannot guarantee absolute security.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website, analyze how our website is used, and improve our services. Cookies are small text files that are stored on your device.

You can control and manage cookies through your browser settings. However, please note that blocking certain cookies may affect the functionality of the website.

For more details on how we use cookies, please refer to our Cookie Policy.

9. International Transfers of Data

As a UK-based company, we process personal data primarily within the UK. However, some of our third-party service providers may be based outside the UK or European Economic Area (EEA). If your data is transferred outside the UK or EEA, we ensure that the recipient has adequate safeguards in place, such as Standard Contractual Clauses, to protect your data.

10. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last Updated” date. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal data.