Atoll DS Ltd – Privacy Policy

Who are Atoll DS Ltd?

Atoll DS Ltd is a limited company registered in the United Kingdom. Atoll DS Ltd is the data controller for all personal data collected during the use of our services, websites, or communication channels. You can contact us at info@atollds.com

What personal data do we collect?

Visitors

We may collect the following personal data when you visit our website, meet us at exhibitions, or communicate with us:

  • Usage Data: Information about website activity (e.g., pages visited, time spent, referral sources) via cookies and tracking technologies.
  • Communication Records: Information shared during email, phone, or webform interactions, including your name, contact details, and query details.
  • Marketing Preferences: Data about your consent or opt-out status for receiving marketing communications.
  • Publicly Available Data: Information from sources like LinkedIn or Twitter.

Clients of Atoll DS Ltd

When you purchase our software, we collect:

  • Contact Details: Name, email address, and phone number.
  • Flight Operations Data: Risk assessments, site surveys, flight records and logs and drone maintenance records along with data connected to these things such as weather reports and flight risk mitigations.

Cookies

Our website uses cookies for:

  • Performance and Analytics: To analyse website usage and campaign performance.
  • Third-Party Services: Tools like Google Analytics to track visitor demographics and behaviour.

Opting Out: You can manage cookie preferences via your browser settings.

How do we use personal data?

We process personal data for the following purposes:

Service Provision

  • To deliver training services and certifications.
  • To communicate about bookings, quotes, or invoicing.

Legitimate Interests

  • To inform you about related services or updates.
  • To enhance website functionality and user experience.

Legal Obligations

  • To comply with financial or legal record-keeping requirements.
  • To cooperate with law enforcement when required.

Where do we store Personal Data?

Atoll DS Ltd uses secure systems in the cloud to store data which are subject to our data security checks and audits, below.

Data Security: We conduct regular audits and ensure that all systems comply with UK GDPR and Data Protection Act 2018 requirements.

International Transfers: Personal data may occasionally be transferred outside the UK, but only to countries with adequate data protection standards or under legally approved safeguards (e.g., Standard Contractual Clauses).

How long do we keep Personal Data?

We retain personal data for seven years from the date of last contact, unless a longer retention period is required by law or necessary for resolving disputes. Retention periods are reviewed annually to ensure compliance with the principles of data minimisation and storage limitation.

How is Personal Data shared?

We only share personal data:

  • When required by law (e.g., with law enforcement).
  • To protect safety or prevent fraud.

We do not sell personal data. Where international sharing is required, we ensure data security and transparency.

Your rights and choices

Under the UK GDPR, you have the following rights:

  • Right to Be Informed: Know how we use your data.
  • Right of Access: Request a copy of your personal data.
  • Right to Rectification: Correct inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your data when it’s no longer necessary.
  • Right to Restrict Processing: Limit how your data is used in certain circumstances.
  • Right to Data Portability: Transfer your data to another service provider.
  • Right to Object: Stop data processing for marketing or other legitimate interests.

To exercise your rights, contact us at info@atollds.com

If you are dissatisfied with our response, you can lodge a complaint with the Information Commissioner’s Office (ICO) Website: https://ico.org.uk | Phone: 0303 123 1113

Data Breaches

In the event of a data breach we will implement our Data Breach policy which will means we will notify affected individuals and the ICO as soon as possible and within 72 hours if required and measures will be taken to prevent future breaches and minimise risks.

Updates to this policy

This policy will be reviewed annually or as required by changes in legislation. Updates will be communicated via email or our website.

The person responsible for this policy is David Fryer, Director.

 

This policy was last reviewed on 17 November 2024. Version 1.0.