Privacy Policy
Last updated:August 19, 2025
This Policy explains how AtlasSwift (Terxel Neo Vision Ltd) collects, uses, retains, and shares personal data as part of its Services. It complements the Terms of Service and, for end-customer data processed for Merchants, the Data Processing Agreement (DPA).
1) Who is the controller?
AtlasSwift is operated by Terxel Neo Vision Ltd, a company under UK law (No. 13441558), registered office: 483 Green Lanes, London, N13 4BS, United Kingdom. For most data relating to Merchants (accounts, billing, support), AtlasSwift acts as the controller. For end-customer data processed on behalf of a Merchant (logistics execution), AtlasSwift acts as a processor under the DPA.
2) Scope & data subjects
This Policy applies to website visitors, Platform users (Merchants and their teams), and to Merchants’ end-customers when their data is processed via our Services.
3) Data we process
3.1 Account & business relationship data (Merchants)
- Identity & contact: first/last name, email, phone, company, role.
- Credentials & security: login, hashed passwords, roles, access logs.
- Billing & B2B payments: addresses, VAT, bank details, invoice history.
- KYC/Compliance (if required): identity documents, AML/Sanctions information.
3.2 Execution data (Merchants’ end-customers)
- Contact & delivery: name, phone, address, delivery instructions.
- Order & proof: products, amounts, statuses, photos/OTP/signatures, timestamped logs.
- Cash on delivery / mobile money: amounts collected, transaction references/IDs. We do not collect full payment card numbers.
3.3 Technical & usage data
- Logs, IP address, device/browser type, pages viewed, cookies/online identifiers.
- Diagnostics, performance metrics, error messages, support tickets.
3.4 Sensitive data
We do not intend to process special categories of data (health, biometrics, etc.). If a Merchant sends such data, the Merchant must have a lawful basis and notify us in advance (see DPA).
4) Purposes & legal bases
| Purpose | Examples | Legal basis |
|---|---|---|
| Provision of Services | Account creation, order execution, delivery, collection, payouts | Contract performance |
| Support & security | Assistance, incident detection, fraud prevention | Legitimate interests / legal obligations |
| Billing & compliance | Invoices, accounting, KYC/AML, authority requests | Legal obligation |
| Improvement & analytics | Usage analytics, performance, usability | Legitimate interests (with minimisation) |
| B2B marketing | Product communications, newsletters | Consent or legitimate interests (opt-out) |
Where required by law, we obtain your consent (e.g., non-essential cookies, electronic marketing).
5) Cookies & trackers
We use cookies/trackers that are (i) strictly necessary for operation, (ii) for audience measurement, (iii) for functionality and, where applicable, (iv) for advertising. You can manage your preferences via the cookie banner or at any time: Cookie settings.
Refusing certain cookies may degrade your experience.
6) Sources of data
- You (forms, account, support).
- The Merchant (for its end-customers).
- Service providers (payments, logistics, KYC verification).
- Automatically via the Platform (technical logs, cookies).
7) Sharing with third parties
We share data only with service providers necessary to deliver the Services (hosting, payments, messaging/SMS, telephony, analytics, support, carriers), bound by contractual confidentiality and security obligations.
We may also share data with authorities where required by law, or to enforce our rights, prevent fraud, or protect individuals.
8) International transfers
Data may be transferred outside your country (e.g., EU/EEA ↔ United Kingdom, or other countries where our providers/carriers operate). We apply appropriate safeguards (adequacy decisions, Standard Contractual Clauses / UK IDTA, technical and organisational measures) in accordance with GDPR/UK GDPR.
9) Retention periods
- Merchant account & contractual documents: for the duration of the relationship, then up to 6 years (UK tax/accounting obligations).
- KYC/Compliance: generally 5 years after the end of the relationship, unless local law differs.
- Technical logs: 12 months (security/diagnostics), unless an incident requires longer retention.
- Support tickets: 24 months.
- Execution data (end-customers): for the service duration, then according to applicable evidentiary and limitation periods.
- Analytics cookies: according to the lifetime set in the consent manager.
After these periods, data is deleted or anonymised unless the law requires otherwise.
10) Security
We apply technical and organisational measures proportionate to risks: encryption in transit and at rest where relevant, role-based access control, MFA for sensitive access, logging and incident response, backups and restore tests, vendor security reviews.
No system is risk-free: best-efforts obligation and continuous improvement.
11) Automated decisions & profiling
We may use rules or scoring (e.g., fraud prevention, support prioritisation) with a limited impact. No automated decision produces legal effects concerning you or similarly significantly affects you without human involvement. You may request human review, express your point of view, and contest a decision.
12) Your rights
Depending on your jurisdiction (GDPR/UK GDPR), you have rights to access, rectification, erasure, objection, restriction, portability, and to withdraw consent at any time where processing relies on it. To exercise your rights, contact: [email protected].
For data processed on a Merchant’s behalf (end-customers), also address your request to the Merchant (controller) in line with the DPA.
13) Children & vulnerable individuals
Our Services are not directed to children. When a Merchant collects minors’ data, the Merchant must have a lawful basis and the permissions required by local law. If you believe a minor has provided data to us without authorisation, contact us for deletion.
14) External links
The Platform may contain links to third-party sites/apps. We are not responsible for their privacy practices. Please consult their dedicated policies.
15) Changes to this Policy
We may update this Policy for legal, technical, or operational reasons. We will inform you by email, banner, or via the Platform, indicating the effective date. Your continued use after the update constitutes acceptance.
16) Contact & complaints
Questions, requests or complaints: [email protected]. Operational support: [email protected].
You can lodge a complaint with the competent supervisory authority. In the UK: the Information Commissioner’s Office (ICO). In the EEA: your local data protection authority.