1.1 Wave Design Ltd is committed to safeguarding the privacy of Wave Design website visitors and service users; in this policy, we explain how we will handle your personal data.
1.3 We would like to keep in touch with you about our design service for print and websites.
1.4 We are committed to protecting and respecting your privacy. We will never sell your data to third parties, and we promise to keep your details safe and secure.
Please click here to tell us how you would like us to contact you.
We may change this policy from time to time, it will be always be easy to find and kept up to date on our website.
You can contact us at any time by email: [email protected] or by telephone at 01424 235000 for more information, or to let us know if you do not wish to receive communications from us.
2. Who are we?
2.1 Wave Design Ltd is an incorporated co-operatuve that has been trading since 1989.
2.2 Wave Design Ltd is registered UK company no 2160065.
3. Our commitment to you
3.1 At Wave Design we take your privacy seriously. We are committed to meeting our obligations under the Data Protection Act 1998 and the General Data Protection Regulation 2018 (GDPR).
3.2 We are registered as data controllers with the Information Commissioner for the United Kingdom. The Information Commissioner remains the UK’s independent supervisory authority on data protection.
4. What personal data we collect
4.1 If you sign up to receive our updates; we will usually collect these personal details: your name, email address, phone number.
4.2 If you would like to stop receiving our communications at any point contact us and you will be removed from our mailing list.
5. How we will use your personal information
5.1 To send you information in the way that you prefer; to keep you updated about our work.
5.2 For administrative purposes to keep a record of your relationship with us.
5.3 To improve the information and services offered on our website, so we can provide you with the most user-friendly navigation experience we can.
5.4 To make our marketing campaigns more targeted, so that you receive the information from us that is most relevant to you. We may add general profiling information to your personal information to help us with our targeting. So, for example, we can then just send information about services we offer that you may not be aware of.
5.5 To make our marketing cost-effective. We may also analyse, ‘model’ or segment information. This also enables us to promote Wave Design in the most cost-effective way.
5.6 To understand and ‘profile’ who visits our website; by analyzing general demographic information. For example, we may look at factors such as gender, age, location, and previous involvement; to ensure that marketing information is sent out to appropriate supporters.
5.7 To use your IP (Internet Provider) addresses to identify relevant information. This may include information such as your approximate location. This helps us understand information about the number and nature of visits to our website. It also helps us to block disruptive or inappropriate use of our website.
5.8 To combine information collected at different times or through different means. This could include information collected online and offline; from you, or from other trusted third party and publicly available sources. This will help us ensure that the information we hold about you is accurate and up to date.
6. How we keep your data safe and who has access
6.1 We ensure that appropriate technical controls are in place to protect your personal details. All personal details are stored on a secure password locked database to which only relevant professional staff have access.
6.2 At Wave Design we strive to observe the law in the collection, processing and storing of all personal data and will meet any subject access request in compliance with the law.
6.3 We will do our utmost to keep all data accurate, timely and secure and will only use data in ways relevant to carrying out the legitimate purposes and functions of Wave Design in a way that is not prejudicial to the interests of individuals.
6.4 Wave Design will seek to give individuals as much choice as it is possible and reasonable regarding what data is held and how it is used.
6.5 Anyone processing personal data will comply with the eight enforceable principles of good practice following the procedures set in place by Wave Design. According to the principles of data protection outlined in the Data Protection Act 1998, data must be:
- fairly and lawfully processed
- processed for limited purposes
- adequate, relevant, and not excessive
- not kept longer than necessary
- processed in accordance with the data subject’s rights
- not transferred to countries without adequate protection
6.6 We will NOT rent or sell your personal information to other organisations for use by them in any way, including in their own direct marketing activities. Where we use an external service provider to act on our behalf, we will disclose only the personal information necessary to deliver the service. We will have a contract in place that requires the provider to comply with Wave Design data protection and information security requirements. We may disclose personal information to third parties if we are legally obliged to do so.
This includes exchanging information with other organisations for the purposes of fraud detection and protection.
7. How we will keep your information up to date
7.1 To make sure that we have the most up to date information about how to contact you, we may, from time to time, update your records to reflect any changes to your personal information.
7.2 This updated information may come directly from you to us at Wave Design, or it may come from a trusted third party where you have had a clear expectation that your details would be passed on to us for this purpose.
8. How long we keep your personal information
8.1 Wave Design always has your best interests at heart, and your personal information will not be retained by us for longer than is necessary in relation to the purposes for which it was originally collected, or for which it was further processed, always in line with our legal obligations. We hold personal information relating to:
- Payments you have made to us (held for 7 years since your payment)
- Subscribing to a newsletter (you can unsubscribe at any time)
8.2 We are legally required to hold some personal information to fulfil statutory obligations for example the collection of VAT or to support certain financial transactions.
9. Our professional approach to protecting your privacy
9.1 Your personal details will only be accessible to trained staff. All Wave Design staff and volunteers, as part of their induction and training, are required to read, understand, and accept any policies and procedures that relate to the personal data they might handle in the course of their work.
9.2 At Wave Design we ensure that staff are properly trained; and are able to understand and explore Data Protection issues through training, team meetings, and supervision.
9.3 Each team member who handles personal data is responsible for drawing up personal procedures to ensure that good Data Protection practice is followed. Our staff will not disclose data except where there is subject consent or legal requirement.
10. Your rights
10.1 You have a right to ask us to stop processing your personal data at any point, and if it’s not necessary for administrative purposes such as processing donations or any fundraising activity, we will cease to process your data.
10.2 You have the right to object to the use of your personal information for profiling and automated decision-making processes. You can also request access to any information which we hold about you.
10.3 You can phone us on 01424 235000, email us at [email protected], or write to us at:
Rock House 49 – 51 Cambridge Road
11. Keeping this policy up to date
11.1 We may change this policy from time to time. It will be kept up to date on our website or alternatively, you can request a written copy of the most up to date policy.
11.2 This policy will be updated as necessary to reflect best practices in data management, security, and control and to ensure compliance with any changes or amendments made to the Data Protection Act 1998 or the General Data Protection Regulations (GDPR) May 2018.
11.3 Wave Design will keep our notification at Information Commissioner’s Office up to date.
11.4 Wave Design Data Protection Officer is the Company Secretary of Wave Design.
11.5 The Directors of Wave Design Ltd recognise its overall responsibility for ensuring that Wave Design complies with its legal obligations.
12. Data Breaches
12.1 Section 12 outlines the procedure Wave Design will follow in detecting, reporting, and investigating any data breach.
12.2 We have identified that we store data in a number of sources, and we will ensure that these places are:
(a) Password protected and that passwords are regularly changed;
(b) Supported by relevant software;
(c) Kept in a secure location which can only be accessed by staff who are authorised to.
12.3 We will report a breach to the ICO, as such a breach could compromise bank account details resulting in a financial loss. This is only where such a breach can result in a risk to the rights of freedoms of individuals.
12.4 We will contact those individuals whose data has been breached to notify them and advise them of any action they may need to take.
12.5 We will investigate how the breach has happened and ensure relevant steps are taken that it does not happen again.