Atticus Partners operates with transparency in protecting your data and your privacy. You have legal rights in relation to your personal information that we are strongly committed to upholding. We support and observe the requirements of General Data Protection Regulation (GDPR) and the UK Information Commissioner, with whom we are registered.
This notice sets out what information and data we collect, how we process it, and options to speak to us about how we use your data.
Our Data Protection Officer and Director with responsibility for GDPR is Charles Napier.
Please get in touch via the above contact details to discuss our use of your data in more detail.
INFORMATION WE COLLECT
On our website we collect and processes two basic types of information:
- Personally identifiable information: This is information that personally identifies one individual from another or enables you to be individually contacted (for example, names, e-mail addresses and other contact information entered in the fields provided). This information is voluntarily provided to us by site visitors and is used by us for the purpose of responding to user submissions and fulfilling requests for further information about our services.
- Aggregate user and tracking information: This information gives us insights on how site visitors use our site. This data is anonymous and does not contain any personally identifiable information. We use this information to ensure that our website, e-mails and marketing efforts continue to appeal to our website visitors and our clients.
You can view our website without giving us any personal data, but if you are interested in hearing more from us about our services, we may ask for your email address. We will not collect or share your data with others without your consent, apart from joint processors and third parties who may help us follow up on a request you have made, all of which is set out in more detail below.
We understand that the safety of your personal information is extremely important to you. As a “data controller”, Atticus Partners has implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through this website. However, internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. As such, please feel free to transfer personal data to us via alternative means, e.g. by telephone.
Information you voluntarily provide to Atticus Partners
Atticus Partners only collects personally identifiable information that you voluntarily provide, for example, when you sign up for our newsletter or to an event. Examples of such personally identifiable information that you provide to us may include, among other information, your name, physical address, and email address. Under such circumstances you consent to our use/processing of the information you provide consistent with this policy.
Our newsletter contains a so-called ‘tracking pixel’ or miniature graphic embedded in HTML to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, Atticus Partners can see if and when an e-mail was opened by a data subject, and which links in the e-mail were called up by data subjects.
We analyse data collected by those tracking pixels to optimise the shipping of the newsletter, as well as to better adapt the content of future newsletters to our readers’ interests. This information is stored via Mailchimp, our newsletter service provider. At any time, you can ask us directly to amend or delete this data, or unsubscribe via the Mailchimp links in each email.
Other information we collect/process
Our website uses technologies such as “cookies” to provide visitors with tailored information upon each visit. Cookies are a common part of many commercial websites that allow small text files to be sent by a website, accepted by a web browser, and then placed on your hard drive as recognition for repeat visits to our site. Every time you visit our website, our server, through cookies, pixels and/or GIF files, collects basic technical information such as your domain name, the address of the last URL visited prior to clicking through to the Site, and your browser and operating system. We may also use third party analytical tools (e.g. Google Analytics) to analyse activities on our website. You do not need to enable cookies to visit our website; however, some parts of the Site and some services may be more difficult or impossible to use if cookies are disabled. Some cookie files remain on your computer’s hard drive unless and until you manually delete the file. Atticus Partners cookie files do not contain personally identifiable information.
Surveys or Voting
We may occasionally request personally identifiable information from you via surveys or voting polls. Participation is voluntary and you will have the opportunity to decide whether to disclose personal information. At times, you may have to register to vote or to take part in a survey.
Our blog provides the opportunity to like and comment on recent articles. You are not required to provide any personal information when using this functionality, but you may choose to do so. We strongly recommend that you DO NOT use your personal information as your username and DO NOT post any personally identifiable information online, since such information will be publicly available. We cannot ensure the security of any information you choose to make public via blog comments and we cannot ensure that parties who have access to such publicly available information will respect your privacy. Please exercise caution when deciding to disclose personal information in these areas.
Links to Other Websites
Our website contains links to other websites. Atticus Partners is not responsible for any websites that it does not own or operate. You should carefully review the privacy policies and practices of other websites that you link to from the Site, as we cannot control or be responsible for their privacy practices.
Members of the Media, Parliament, Social Media Influencers, Subject Matter Experts, Stakeholders
Atticus Partners maintains lists of publicly available information regarding media contacts, journalists, MPs, social media influencers, subject matter experts and other stakeholders and individuals who make their personal and/or professional information and/or opinions publicly available. These lists are accessed and/or used by Atticus Partners for specific purposes in conducting its own business and in conducting business on behalf of potential and existing clients. Atticus Partners takes reasonable measures to limit the information processed to be relevant to legitimate business purposes and to minimise any risks to individuals associated with the use of such information. If you are a journalist, MP, expert or influencer, please feel free to contact us to access, update and/or restrict use of such information consistent with EU and UK law by email firstname.lastname@example.org.
Jobs and Internships
We have a separate Employee Privacy Notice, which governs information collected by Atticus Partners related to employees and potential employment. Current and former applicants for roles are encouraged to ask about privacy in interviews and can request information held on them from our Data Protection Officer, Charles Napier via email@example.com.
In summary, where applicants become employees, their data will be stored to process pay, pension, benefits, and other employment purposes. For unsuccessful applicants, we may retain data and documents to offer future employment opportunities with Atticus Partners. Unless otherwise requested, we will delete their information five years after notification of the refusal decision, provided that no other legitimate interests of the controller are opposed to the erasure.
PROCESSING AND STORING YOUR INFORMATION
This section sets out what we do with the information we hold.
The Way We Use Information
We store the personal information you provide via our website in a secure database to provide you with the information, products, and/or services you request and may be used to provide you with additional information about our services we believe may be of interest to you. The information is stored in a manner relevant to responding to your request and will be shared with Atticus Partners employees and service providers to the extent necessary to administrate our systems and/or accommodate your request. Your information will never be shared with non-affiliated third parties without your consent. Should you wish Atticus Partners to delete stored data, please contact our Data Protection Officer, Charles Napier, via firstname.lastname@example.org.
We use non-identifying and aggregate information about the use of our website to improve the navigation, content, and design of our website. This information may include, for example, the most and least requested pages, analysing traffic regarding specific features, and the number of users from particular countries, among other things.
We made reference to the following provisions of the GDPR rules, when considering this policy;
- Consent; Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent.
- Contract: If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6(1) lit. b GDPR. The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services.
- Legal Obligation: If Atticus Partners is subject to a legal obligation by which processing of personal data is required, such as for the fulfilment of tax obligations, the processing is based on Art. 6(1) lit. c GDPR.
- Vital interests: In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6(1) lit. d GDPR.
- Legitimate interests: Finally, processing operations could be based on Article 6(1) lit. f GDPR, for those operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Where the processing of personal data is based on Article 6(1) lit. f GDPR our legitimate interest is to carry out our business in favour of the well-being of all our employees and the shareholders. European legislation also considers that a legitimate interest could be assumed if the data subject is an Atticus Partners client (Recital 47 Sentence 2 GDPR).
Atticus Partners uses reasonable technological, physical, and other measures to keep your information protected from loss, misuse and unauthorized access, disclosure, alteration, and destruction, taking into due account the risks involved in the processing and the nature of the personal information. Due to the nature of the Internet and related technology, we cannot guarantee the security of your personal information and Atticus Partners expressly disclaims any such obligation.
YOUR DATA: YOUR RIGHTS
At any time, you are able to request that Atticus Partners confirm what data we hold on you, how long we will store it for, what we are using it for and who we are sharing it with. You can also ask us to amend, update or delete that data. Where technically possible we will also ask any joint processors and third parties that we share data with to amend, update or delete your information accordingly. Please contact our Data Protection Officer, Charles Napier, via email@example.com, to facilitate any of these requests.
Accessing and correcting your information; Limiting or Opting out
- You can prevent the setting of cookies through our website by means of a corresponding setting of your Internet browser, permanently denying the setting of cookies. Cookies already set can be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.
- Visitors who would like to access, correct, update, or delete any personally identifiable information may contact us with a request to do so at firstname.lastname@example.org.
- Similarly, Site users who wish to subscribe or unsubscribe to our marketing communications or limit our use of any personally identifiable information in any way can do so by using the subscribe/unsubscribe options contained in our emails or by sending an email to email@example.com.
If you request the deletion, modification, or limitation of use of your personal information maintained by us we will promptly review your request and respond. If we grant your request, such information may be retained for a period in our backup systems as a precaution against system failures. We may also ask for additional information to authenticate the request.
Some information may be retained for longer periods as required by law, contract, or auditing requirements. In some circumstances we will not be able to limit use of your personal information without unsubscribing you from communications or deleting your information.
If you have any questions about this policy, please get in touch via firstname.lastname@example.org.
Our policy is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR).
Personal data: Any information relating to an identified or identifiable natural person (aka “data subject”). This means data that could identify you, directly or indirectly, in particular by reference to your name, an identification number, location information, an online identifier or to one or more factors specific to the physical, physiological, economic, cultural or social identity of that natural person. For example, your email, phone number or IP address.
Data subject: Any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing. For example, you!
Processing: Any operation or set of operations which is performed on personal data or on sets of personal data, e.g. collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing: Marking stored personal data with the aim of limiting its processing (any of the above) in the future.
Controller or controller responsible for the processing: The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law. For example, us!
Processor: A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. In our case, processors we work with include, Andrew Cross & Co (our accountants), Facebook, LinkedIN, Twitter, Instagram and Mailchimp (for marketing purposes) and Roxhill, Gorkana, Meltwater and DeHavilland (who provide media and political monitoring and database services).
Recipient: Someone we may share personal data with, whether a third party or not. Public authorities which may receive personal data in the framework of a particular inquiry in accordance with EU and UK law are not to be regarded as recipients. We do share information about our clients with the Official Register of Consultant Lobbyists, but they are not considered a recipient for this reason. Occasionally, Atticus Partners will share information about journalists and MPs with our clients (recipients) where those data subjects have demonstrated legitimate interest or given explicit consent.
Third party: A natural or legal person, public authority, agency, or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
Consent: Any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.