Request Assessment

Privacy Policy

Last updated: December 15, 2025

Portico Atlas LLC ("Portico Atlas", "we", "us", "our") is committed to protecting the privacy, confidentiality, and security of personal data processed in the course of our operations. This Privacy Policy explains how we collect, use, disclose, and protect personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other applicable data protection laws.

1. Data Controller

For the purposes of the GDPR, the data controller is:

Portico Atlas LLC
Registered address: [Insert Wyoming registered address]
Email: info@porticoatlas.com

2. Scope of This Policy

This Privacy Policy applies to personal data collected and processed through:

  • Our website
  • Assessment and engagement processes
  • Due diligence, KYC, and AML procedures
  • Communications with clients, prospective clients, and professional counterparties

This policy applies regardless of whether data is provided electronically, in writing, verbally, or through third-party service providers.

3. Categories of Personal Data

Depending on the nature of the engagement, we may process the following categories of personal data:

3.1 Identification and Contact Data

  • Name
  • Contact details
  • Nationality and residency
  • Identification documents
  • Proof of address

3.2 Professional, Business, and Financial Data

  • Company and ownership information
  • Corporate records
  • Jurisdictional and operational details
  • Banking and transactional information

3.3 Due Diligence and Compliance Data

  • KYC and AML documentation
  • Source-of-funds and source-of-wealth information
  • Risk assessments and eligibility determinations

We do not collect personal data indiscriminately or for purposes unrelated to our professional activities.

4. Purposes of Processing

Personal data is processed strictly for purposes that may include:

  • Conducting assessments and determining eligibility
  • Performing due diligence and compliance checks
  • Designing and implementing cross-border structures
  • Coordinating with professional advisers and service providers
  • Complying with legal, regulatory, and risk-management obligations
  • Maintaining internal records, audit trails, and controls

We do not use personal data for advertising or unrelated marketing activities.

5. Lawful Bases for Processing

Personal data is processed on one or more of the following lawful bases under Article 6 GDPR:

  • Performance of a contract or steps taken prior to entering into a contract
  • Compliance with legal obligations, including AML and regulatory requirements
  • Legitimate interests, including risk management, fraud prevention, and professional standards
  • Consent, where required and obtained

Certain personal data is mandatory for assessment and engagement. Failure to provide required information may prevent us from proceeding.

6. Special Category Data

Where required, we may process special category data under Article 9 GDPR solely for purposes permitted by law, including compliance with legal obligations and the establishment, exercise, or defence of legal claims.

7. Disclosure of Personal Data

Personal data may be disclosed, on a need-to-know basis, to:

  • Regulated professional advisers (legal, tax, compliance)
  • Financial institutions and escrow providers
  • Third-party service providers supporting operational or compliance functions
  • Public authorities or regulators where required by law

We do not sell, rent, or trade personal data.

8. International Data Transfers

Due to the cross-border nature of our work, personal data may be transferred outside the European Economic Area.

Where international transfers occur, appropriate safeguards are implemented in accordance with GDPR requirements, including contractual protections or legally recognised transfer mechanisms.

9. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.

While no system can guarantee absolute security, we take reasonable and proportionate steps consistent with the sensitivity of the data we process.

10. Data Retention

Personal data is retained only for as long as necessary to:

  • Fulfil the purposes for which it was collected
  • Comply with legal, regulatory, and professional obligations
  • Support audit, compliance, and risk-management requirements

Retention periods vary depending on the nature of the data and applicable obligations.

11. Data Subject Rights

Subject to applicable law, individuals have the right to:

  • Request access to their personal data
  • Request rectification of inaccurate or incomplete data
  • Request erasure of personal data
  • Request restriction of processing
  • Object to processing based on legitimate interests
  • Request data portability where applicable
  • Withdraw consent where processing is based on consent

Requests may be subject to identity verification and legal limitations.

12. Complaints

Individuals have the right to lodge a complaint with a supervisory authority, particularly in the EU Member State of their habitual residence, place of work, or place of alleged infringement.

13. Third-Party Services

Our website and processes may reference or link to third-party services, including escrow or verification providers. We are not responsible for the privacy practices of third parties. Their privacy policies apply independently.

14. Changes to This Policy

This Privacy Policy may be updated periodically to reflect changes in law, regulation, or operational practice. The most current version will be published on our website.

15. Contact

Questions regarding this Privacy Policy or the processing of personal data may be directed to:

Portico Atlas LLC
Email: info@porticoatlas.com