1. Who we are
When we refer to “TheAtriam” or “we” or “us” in this privacy policy we mean TheAtriam (Pty) Ltd.
and/or any of its subsidiaries and/or any other legal entity, joint venture
and/or partnership, wherever situated or operating (and irrespective of structure and/or legal
nature/regime) that is associated with TheAtriam and which renders services or otherwise conducts
business under a name which includes TheAtriam or any variation thereof (including
their subsidiaries, parties that are related or inter-related to them and/or their affiliated companies, to the
extent applicable) and/or any trust founded by any member of TheAtriam for its own operations
and/or any entities that are related and/or inter-related to those trusts, as the case may be, and all such
entities’ successors-in-title and/or consultancy, (wherever any such members may be located, including in
countries which may not have data-protection laws similar to those of the country in which your personal
information was collected) for as long as they remain associated with TheAtriam.
2. Application of this privacy policy
2.1. This privacy policy applies to the personal information TheAtriam collects in connection
with:
2.1.1. our website, https://www.TheAtriam.com/;
2.1.2. our social media properties;
2.1.3. our events, marketing and business development activities;
2.1.4. our business communications and other online and offline business interactions;
2.1.5. our AI technologies and professional services;
2.1.6. our CCTV cameras at our offices;
2.1.7. our subscription to any member of TheAtriam’s services, publications or
marketing database;
2.1.8. third party service providers, including analytics, advertising networks; search
information, technical, payment and delivery services providers; Unlabeled graphicUnlabeled graphic2
Version | ExternalPrivacyPolicy-202106-007
2.1.9. publicly available sources;
2.1.10. request/s for tenders, quotations, proposals and the like made by or to us;
2.1.11. the supply of products and services to us.
2.2. This privacy policy does not apply to the personal information that we collect about employees
and other personnel, contractors, or applicants and candidates.
3. Purpose of this policy
3.1. TheAtriam respects your privacy and is committed to protecting your personal
information (as defined in applicable data protection legislation).
3.2. This is our main general privacy policy which applies across our business, although we may
publish additional privacy policies or country-specific schedules that apply to our operations in
specific countries in order to help ensure our compliance with local data protection requirements.
3.3. You warrant that you are lawfully entitled to provide personal information of any third party
whose personal information you provide to any member of TheAtriam.
3.4. You indemnify TheAtriam against any loss, liability, damage or expense
(including interest and penalties) suffered or incurred by any member of TheAtriam
due to your provision of personal information of third parties to us in an unlawful
manner.
3.5. We take reasonable steps to protect personal information using appropriate technical and organisational measures.
However, no system is completely secure, and we cannot guarantee absolute security.
4. Privacy and security
4.1. The relevant members of TheAtriam have implemented reasonable technical and
organisational measures to keep personal information secure and in compliance with applicable
data protection laws.
4.2. You indemnify and hold TheAtriam harmless from any loss, damages or injury
that you may incur as a result of:
4.2.1. any security compromise of personal information to unauthorised persons; or
4.2.2. your acts or omissions during the provision of personal information to any
member of TheAtriam.
5. Personal information which TheAtriam may collect
5.1. TheAtriam may collect the following personal information:
5.1.1. name, address (including proof of address), other contact details (e.g. email and
telephone numbers), gender, marital status, date and place of birth, nationality,
employer, job title, financial records and employment history, and family details,
including their relationship to you;
5.1.2. identification numbers issued by government bodies or agencies, such as your
identity number, passport number, tax identification number and driving licence
number and company registration number;
5.1.3. demographic information such as your address, preferences and interests;
5.1.4. information relevant to the provision of our products and services;
5.1.5. information relevant to the procurement of products and services from suppliers;
5.1.6. bank account or payment card details, income or other financial information;
5.1.7. information that you provide to us as part of us providing products and services to
you, which depends on the nature of your instructions to any employee or member
of TheAtriam;
5.1.8. special or sensitive personal information as defined in applicable data protection
legislation, including information about your health, racial or ethnic origin, political
opinions, religious or philosophical beliefs and trade union membership; your genetic
and biometric information;; 4
Version | ExternalPrivacyPolicy-202106-007
5.1.9. relevant information as required by applicable laws, including anti-money laundering
legislation and as part of our client onboarding procedures, including evidence of
source of funds;
5.1.10. information you provide to us for the purposes of attending meetings and events,
including dietary requirements which may reveal information about your health or
religious beliefs;
5.1.11. still and video images captured by CCTV at our offices. We use CCTV to help provide
a safe and secure environment and you may be recorded when you visit our offices.
5.1.12. identity data, contact data and special personal information from publicly available
sources or third parties, service providers and the like who conduct screening on any
member of TheAtriam’s clients or vendors for anti-money laundering
purposes, or third parties with whom any member of TheAtriam hosts
events.
6. Quality of information
In certain jurisdictions, TheAtriam is obliged to keep personal information accurate and up to
date. Please help us to do this by advising us of any changes to your personal information.
7. Purpose of processing of personal information
7.1. TheAtriam may process the personal information it collects for a number of lawful
purposes including:
7.1.1. to register you as a client of TheAtriam;
7.1.2. to conduct sanctions screening against any list that TheAtriam may elect in its
sole discretion;
7.1.3. to comply with requirements under applicable laws;
7.1.4. to carry out AI, IT, consulting and technologies solutions or other services;
7.1.5. to carry out requests and instructions provided to any employee or member of TheAtriam
Group for AI technologies or other services;
7.1.6. to provide you with any other services, products or offerings that you may have
requested or otherwise consented to, or which may be ancillary thereto, or
associated therewith, and to notify you about changes to such services, products or
offerings;
7.1.7. to manage marketing preferences;
7.1.8. to manage TheAtriam’s relationship with you which may include :
7.1.8.1. notifying you about changes to any member of TheAtriam’s
terms and conditions (including to this policy);
7.1.8.2. asking you to leave a review or take a survey;
7.1.8.3. assessing and dealing with complaints and requests;
7.1.8.4. managing payments, fees, charges and accounts (including collecting
and recovering money owed to TheAtriam);
7.1.9. to keep any work product or other documentation (including but not limited to
Advices, technologies, services, solutions, agreements and other documents drafted, prepared or designed by TheAtriam (or any of its services providers, sub-contractors, agents etc.
Group and/or other professional firm/s and/or other documents received and/or
prepared in connection with any particular matter/s) as part of TheAtriam’s
internal know-how;
7.1.10. to verify your identity or the identity of your beneficial owners;
7.1.11. to comply with lawful requests for information received from local or foreign law
enforcement, government and tax collection agencies;
7.1.12. to comply with measures designed to protect or advance persons, or categories of
persons, disadvantaged by unfair discrimination;
7.1.13. to monitor, keep record of and have access to all forms of correspondence or
communications received by or sent from any member of TheAtriam or
any of its employees, agents or contractors, including monitoring, recording and
using as evidence, where applicable, all telephone and online communication
software communications between us and you;
7.1.14. to detect and prevent fraud and money laundering and/or in the interest of security
and crime prevention;
and protect TheAtriam’s business and website (including
troubleshooting, data analysis, testing, system maintenance, support, reporting and
hosting of data);
7.1.16. for operational, marketing, auditing, legal and record keeping requirements;
7.1.17. to conduct market research and provide you with information about TheAtriam’s products or services from time to time via email, telephone or other means;
7.1.18. to deliver relevant website content and newsletters and other information to you
(which may include direct marketing material);
7.1.19. to use data analytics to improve TheAtriam’s website, products/services,
newsletters, customer relationships and experiences;
7.1.20. to make suggestions and recommendations to you about goods or services that may
be of interest to you;
7.1.21. to disclose personal information to third parties for reasons set out in this policy or
where it is not unlawful to do so;
7.1.22. to improve or evaluate the effectiveness of any member of TheAtriam’s
business or products, services or offerings;
7.1.23. for submissions to awards and rankings agencies;
7.1.24. for purposes of material aimed to promote TheAtriam
7.1.25. to prevent and control any disease;
7.1.26. where you have unsubscribed from certain direct marketing communications, to take
steps to implement your instruction;
7.1.27. to procure goods and services;
7.1.28. to respond to requests for quotations and tenders.
TheAtriam processes personal information on one or more of the following lawful bases:
7.2.1. Performance of a contract
7.2.2. Compliance with legal obligations
7.2.3. Legitimate interests, including:
business development
marketing of relevant services
improving services and systems
7.2.4. Consent, where required
7.3. Where we rely on legitimate interests, we ensure that:
7.3.1. Tsuch interests are balanced against your rights
7.3.2. the processing is reasonable and expected
8. Direct Marketing and Communications
8.1. TheAtriam may contact you via:
email
telephone
SMS
WhatsApp or other messaging platforms
automated or AI-assisted communication systems
for purposes including:
responding to enquiries
providing requested services
business development and marketing
follow-up communications
service updates and recommendations
8.2 Lawful Basis (GDPR / UK GDPR)
Where applicable, we process personal information for direct marketing based on:
Legitimate interest (primarily for B2B communications), or
Consent, where required by law
We ensure that such communications:
are relevant to your business or role
are not excessive or intrusive
include a clear opt-out mechanism
8.3 PECR (UK Electronic Communications Compliance)
Where UK regulations apply:
We will only send marketing communications where permitted under the Privacy and Electronic Communications Regulations (PECR)
We will always provide:
clear identification of the sender
a valid contact address
a simple and effective opt-out mechanism
8.4 Opt-Out Rights
You have the right to object to direct marketing at any time.
You can opt out by:
clicking the unsubscribe link in emails
replying “STOP” to SMS or messaging communications
contacting us at: info@theatriam.com
We will process opt-out requests promptly.
8.5 Messaging and Platform Compliance
Messages will only be sent where:
there is a lawful basis to do so
or you have provided consent where required
All messaging communications will include:
identification of TheAtriam
purpose of the communication
clear opt-out instructions
We do not sell or share personal data for third-party marketing purposes.
9. Disclosure of Personal Information
TheAtriam may share personal information with the parties set out below for the purposes set
out in this policy:
9.1. Internal third parties
9.1.1. The members of TheAtriam share personal information with other
members within TheAtriam. This may involve transferring personal
information outside the country where TheAtriam has collected that
personal information, to entities in countries which may not have data protection laws
which are similar to those of the country where the personal information was
collected.
9.2. External Third Parties
9.2.1. TheAtriam may, as we may deem necessary for any one or more of the
purposes set out in this policy or other lawful purposes, transfer personal information
to third parties or service providers, including to service providers in countries which
may not have data protection laws which are similar to those of the country where
the personal information was collected, including to:
9.2.1.1. service providers acting as operators or processors or responsible
parties or controllers who provide information technology and system
administration services;
9.2.1.2. professional advisors acting as operators or processors or responsible
parties or controllers, including lawyers, bankers, auditors and insurers
who provide IT, consultancy, AI, banking, legal, insurance, accounting and
other services;
9.2.1.3. service providers and the like who conduct screening on any member of
TheAtriam’s clients (or their beneficial owners) or suppliers for
anti-money laundering purposes;
9.2.1.4. regulators and other authorities if any member of TheAtriam
is legally obliged to do so, or if instructed by you to do so, for purposes
of preventing, detecting and reporting fraud and criminal activities, the
identifying of the proceeds of unlawful activities and the combatting of
crime;
9.2.1.5. any person if any member of TheAtriam is under a duty to
disclose or share personal information in order to comply with any
applicable laws, or to protect the rights, property or safety of any member
of TheAtriam, other clients or other third parties, or the
reputation of TheAtriam;
9.2.1.6. your agent or any other person acting on your behalf, or an introducer;
9.2.1.7. tracing agents, sheriffs and the like;
9.2.1.8. various awards and rankings agencies;
9.2.1.9. clients and prospective clients for purposes of rendering IT, AI cnosultnig and technologies services,
proposals, quotations, tenders and the like; and
9.2.1.10. a third party/parties whom TheAtriam may choose to sell,
transfer or merge parts of TheAtriam’s business or assets.
Alternatively, TheAtriam may seek to acquire other
businesses or merge with them. If a change happens to TheAtriam
Group’s business, then the new owners may use personal information in
the same way as set out in this policy.
10. Transborder transfers
10.1. TheAtriam operates globally and we provide crossjurisdictional AI, IT, consulting, technologies solutions and related services to our clients.
10.2. The multi-national nature of our business means that your personal information may be
transferred across national boundaries, including, potentially, to countries that do not have similar
data protection laws to those where the personal information was collected.
10.3. If we transfer your personal information across national boundaries, we will make those transfers
in compliance with applicable data protection laws.
11. Access to, correction and deletion of personal information
Under certain circumstances, you may have some or all of the rights set out below under the data
protection laws that may be applicable in relation to your personal information which
TheAtriam holds.
11.1. Request access to personal information (commonly known as a “Data Subject
access request”), including the right to receive a copy of the personal information.
11.2. Request correction of any incomplete or inaccurate personal information.
11.3. Request erasure of personal information if TheAtriam is not authorised to process
the personal information.
11.4. Object to processing of personal information, if TheAtriam is relying on its
legitimate interest (or those of a third party) to process the personal information, but
as a result of your particular situation such processing impacts on your fundamental
rights and freedoms.
11.5. Request restriction of processing of personal information whilst a complaint is
being investigated.
11.6. Withdraw consent at any time if TheAtriam is relying on consent to process
personal information. If you withdraw your consent, TheAtriam may not be able to
provide certain products or services to you. This will be considered on a case-bycase basis.
We retain personal information only for as long as necessary to:
fulfil the purposes for which it was collected
comply with legal, regulatory, or reporting obligations
12.3 resolve disputes and enforce agreements
Where personal information is no longer required, it will be securely deleted or anonymised.
Our website may use cookies and similar technologies to:
analyse website usage
improve performance and user experience
13.3 support marketing and analytics
13.4 aYou may control cookie preferences via your browser settings.
14. Electronic and website links
14.1. TheAtriam’s website, newsletters and/or events marketing pages may include links to
third party websites, plug-ins and applications. Clicking on those links or enabling those
connections may allow third parties to collect or share your personal information.
14.2. TheAtriam does not control these third party websites and is not responsible for their
privacy policies. When you leave TheAtriam’s website, we encourage you to read all
applicable privacy policies.
15. Complaints
15.1. If you are not satisfied with TheAtriam’s use of your personal information or our
response to any request by you to exercise your rights, or if you think that we have breached any
relevant data protection laws, you are encouraged to send an email to info@TheAtriam.com.
16. Latest Version
16.1. TheAtriam keeps this policy under regular review, and may amend this policy from
time to time.
16.2. Any such amendment will come into effect when published on the TheAtriam’s website and become
part of any agreement that you have with any member of TheAtriam.
16.3. You must ensure that you obtain the latest version of this policy before any action is taken based
hereon. It is your responsibility to check the TheAtriam website often.
17. COUNTRY-SPECIFIC SCHEDULES: South Africa
Responsible party
17.1. If the South African Protection of Personal Information Act, 2013 (“POPIA”) applies to the
processing of your personal information, then this privacy policy schedule applies in addition to
TheAtriam Privacy Policy available above.
17.2. (“TheAtriam” or “we” or “us”) is an AI Technologies services and solutions firm based in the
Republic of South Africa
and is the responsible party in respect of personal information that we
process in terms of POPIA.
17.3. Personal information
17.3.1. Any reference to personal information in our Policy and this South African specific schedule
shall include personal information relating to identifiable, living natural persons and identifiable,
existing, juristic persons.
18. Complaints and data rights requests
18.1. If you wish to:
18.1.1. access your personal data
18.1.2. acorrect or update information
18.1.3. request deletion
18.1.4. object to processing
18.1.5. withdraw consent
You may contact us at:
📧 info@theatriam.com
18.2. We will respond in accordance with applicable data protection laws.
18.3. The Information Regulator is the competent authority to deal with complaints and claims in
relation to non-compliance with the personal information protection requirements under POPIA.
The Information Regulator’s contact details are available at
https://www.justice.gov.za/inforeg/contact.html
19. Contact us
If you have any questions, please send an email to info@TheAtriam.com.