top of page

Introduction

Atache UK may need to collect and use certain personal information about individuals, including but not limited to:

  • Customers

  • Suppliers

  • Business partners

  • Employees

  • Other individuals the organisation has a relationship with or may need to contact

This Privacy Policy outlines how Atache UK collects, uses, handles, and stores personal data to ensure we meet our data protection responsibilities and comply with relevant UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

User Information & Data Protection Commitment

At Atache UK, we are fully committed to safeguarding the privacy and protection of the personal data we collect and process. We ensure that:

  • User Rights: You can exercise your rights related to your personal data at any time in accordance with applicable data protection laws.

  • Confidentiality: We strictly maintain the confidentiality of your personal data and will never share it with third parties without your explicit consent.

  • Security Measures: We have implemented appropriate technical and organisational measures to protect your personal data from unauthorised access, misuse, or disclosure.

Data protection law

The Data Protection Act 2018 (GDPR) describes how organisations — including Platinum Skin and Lasers Limited— must collect, handle, and store personal information.

These rules apply regardless of whether data is stored electronically, on paper or on other materials.

To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully.

The Data Protection Act is underpinned by eight important principles. These say that personal data must:

1.     Be processed fairly and lawfully

2.     Be obtained only for specific, lawful purposes

3.     Be adequate, relevant and not excessive

4.     Be accurate and kept up to date

5.     Not be held for any longer than necessary

6.     Processed in accordance with the rights of data subjects

7.     Be protected in appropriate ways

8.     Not be transferred outside the European Economic Area (EEA), unless that country or territory also ensures an adequate level of protection

How do we handle your personal data?


We are committed to the correct treatment of your personal data, so we will always treat them:

– In a lawful, fair and transparent manner.
– For specified, explicit and legitimate purposes.
– Adequate, relevant and limited to what is necessary in relation to the purpose.
– Accurate and up to date.
– For the time necessary for the fulfilment of the purpose for which they were collected.
– Confidentially.

What is the origin of the data?

You have provided us with your personal data directly through any of the forms or communication channels provided for this purpose. In each form, or in the corresponding channel, the personal data requested are those necessary and essential to carry out the purpose for which they were collected, which you will find indicated in the first informative layer.

It is very important that all the data you provide us with is correct, complete, accurate and up to date, so that we can carry out, manage or process your request correctly.

Why may we process your personal data?

Any processing of personal data will be legitimised by Article 6 of the GDPR as follows:

  • With your CONSENT, as existing in the different forms on the Website.

  • In some cases, for the legitimate interest of the RESPONSIBLE, such as commercial communications or trend studies.

  • For the execution of a contract or pre-contractual relationship between the User and the RESPONSIBLE.

  • In compliance with our legal obligations.

How long will we keep your personal data?

By virtue of the principle of limitation of the storage period, your personal data will be kept for no longer than is necessary to maintain the purpose of the processing, or as long as you do not request their deletion or revoke, where appropriate, your consent given. Personal data may also be kept for the time necessary to comply with the legal obligations and possible liabilities that may arise and that, in each case, correspond according to each category of data.

What are your rights?

You may exercise, free of charge and insofar as the legal requirements are met, the following rights:

  • Right of access: You have the right to obtain information about, and access to, the personal data concerning you that we are or are not processing. Upon request, we will provide you with a copy of the personal data we are processing.

  • Right to rectification: You have the right to rectify personal data that is inaccurate or incomplete, or to have incomplete data completed.

  • Right to erasure: You have the right to request the erasure of your data when, among other circumstances, they are no longer necessary for the purposes for which they were collected or otherwise processed.

  • Right to restriction of processing: You have the right to have the processing of your data restricted in certain circumstances provided for by data protection regulations.

  • Right to data portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another entity.

  • Right to object: In certain situations, you may object to certain processing on grounds relating to your particular situation, including profiling. You may object at any time to the processing of your personal data for direct marketing purposes.

  • Right to withdraw your consent: You may withdraw your consent to any processing at any time, but such withdrawal will not affect the lawfulness of the processing based on the consent previously given.

  • The right to lodge a complaint with the supervisory authority (www.aepd.es) if you consider that the processing does not comply with the regulations in force.

SECURITY MEASURES

That in accordance with the provisions of the current regulations on personal data protection, the RESPONSIBLE is complying with all the provisions of the RGPD and LOPDGDD regulations for the processing of personal data under its responsibility, and manifestly with the principles described in Article 5 of the RGPD, whereby they are processed lawfully, fairly and transparently in relation to the data subject and are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

The RESPONSIBLE guarantees that it has implemented appropriate technical and organisational policies to apply the security measures established by the RGPD and the LOPDGDD in order to protect the rights and freedoms of the Users and has communicated the appropriate information to them so that they can exercise them.

The RESPONSIBLE may change this Policy at any time, informing the date on which it was last updated. If there have been significant changes it will try to alert the User when possible.

bottom of page