Privacy Policy - Association of Trust and Company Managers (ATCOM)

Effective Date: 21 January 2026

1. Introduction

Association of Trust and Company Managers (ATCOM) ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data.

2. Information We Collect

We collect personal data when you or your organisation engage with us  for example, by making enquiries about our activities, registering as a member, subscribing to our courses, seminars, breakfast events, or requesting other services. This data may include your:

  • Name

  • Title

  • Job role

  • Email address

  • Physical address

  • Telephone and/or mobile number


Where appropriate, we may also request additional non-personal information to support the delivery of our services or improve your experience.

 

3. Legal Basis for Processing

We process your personal data based on:

  • Your consent (e.g., for receiving marketing communications)

  • Our legitimate interests (e.g., improving our services and communications)

  • Legal obligations (e.g., compliance with data protection laws)

4. How We Use Your Information

  • Your personal information will be used solely to:

  • Process your requests

  • Deliver our services

  • Provide you with relevant information about our offering, including courses, seminars, events, and other services we believe may be of interest to you

From time to time, we may also share sector-specific updates that we consider useful. These communications are intended for informational purposes only and do not constitute legal, tax, investment, accounting, or any other form of professional advice.

We will only share your personal information with our training course providers when necessary to facilitate your participation in a seminar, event, or training course, and to ensure its successful delivery.

5. Marketing Communications

If you opt in, we may send you marketing emails, newsletters, or promotional content. You can opt out at any time by contacting us directly.

6. Cookies

We use cookies to gather information about your interactions with our website. Cookies are small data files stored on your device that help us recognise you when you return to the site. Cookies enhance your experience by enabling features such as remembering your settings and delivering relevant content. For more details on the types of cookies we use and how you can manage them, please refer to our [Cookie Policy].

 

7. Data Sharing and Disclosure

We do not sell or rent your personal data. We may share it with:

·       Service Providers: Assisting in website operations and marketing.

·       Legal Authorities: If required by law or to protect our rights.

·       Affiliated Organisations: Within the scope of our association or partnership.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data. However, no method of transmission over the internet is completely secure.

9. Data Breach Notification

In accordance with the GDPR, if a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will:

Notify the Gibraltar Regulatory Authority (GRA) within 72 hours of becoming aware of the breach, where feasible.

Inform affected individuals without undue delay if the breach poses a high risk.

Maintain a record of all personal data breaches, whether or not they are reported to the GRA.

 

10. Your Rights

Under GDPR, you have the right to:

  • Access your personal data

  • Request correction or deletion

  • Object to or restrict processing

  • Withdraw consent for marketing communications

  • To exercise these rights, contact us at charles.bottaro@natco.gi

11. Third-Party Links and Access to Information

  • Our website may contain links to third-party websites. While we strive to link only to reputable sources, we are not responsible for the privacy practices or content of these external sites. We encourage you to review their privacy policies before providing any personal data.

  • We also use third-party services to support various aspects of our operations, including:

  • Analytics tracking

  • User authentication

  • Advertising and promotion

  • Content marketing

  • Email marketing

  • Payment processing

These third-party providers may access certain data solely for the purpose of performing specific tasks on our behalf. We do not share personally identifiable information with them without your explicit consent, and we do not authorise them to use or disclose your data for any other purpose.

Occasionally, we may grant limited access to our data to external consultants or agencies for analysis and service improvement. Such access is strictly time-bound and purpose-specific. We only engage with third parties whose privacy practices align with our own standards and obligations under GDPR.

We will challenge any government or law enforcement requests for data that appear overly broad or unrelated to their stated purpose. However, we may cooperate with such requests if we believe the disclosure is necessary and appropriate to:

  • Comply with legal obligations

  • Protect our rights, property, or safety

  • Safeguard the public or any individual

  • Prevent or respond to criminal, illegal, or unethical activity

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or your data rights, please contact:

Association of Trust and Company Managers (ATCOM)
Charles Bottaro, chair

charles.bottaro@natco.gi

 

You may also contact the Gibraltar Regulatory Authority (GRA), the supervisory authority for data protection in Gibraltar, via their website: www.gra.gi