Welcome to WaveCrest Holdings Limited’s privacy notice.
WaveCrest respects your privacy and is committed to protecting your Personal Data, also referred to herein as Personal Information. This privacy notice will inform you as to how we look after your personal data when you use our services (regardless of where you are) and tell you about your privacy rights and how the law protects you.
We will collect and process all Personal Data that you provide us, be that by filling in forms on the website or by corresponding with us via email or post. This includes information you provide us when you subscribe to any of our services or respond to a promotion or survey. If you contact us, we will keep a record of that correspondence.
By entering your details in the fields requested, you enable us and our service providers to provide you with the services you select. Whenever you provide such personal information, we will treat that information in accordance with this policy. When using your Personal Information we will act in accordance with current legislation and aim to meet current Internet best practice.
WaveCrest is the controller and responsible for your personal data (collectively referred to as “WaveCrest”, “we”, “us” or “our” in this privacy notice).
Our services are not available to anyone under the age of 18 years and therefore we do not knowingly collect data relating to individuals under this age.
This privacy notice is provided in a layered format so you can click through to the specific areas set out below.
- THE DATA WE COLLECT ABOUT YOU
- HOW WE COLLECT AND USE INFORMATION
- WHO WE SHARE INFORMATION WITH
- HOW WE APPLY OUR POLICY
- INTERNATIONAL TRANSFERS
- YOUR LEGAL RIGHTS
- CHANGES TO THIS STATEMENT
- CONTACTING US
1. THE DATA WE COLLECT ABOUT YOU
Personal Data, or Personal Information, means any information about an individual from which that person can be identified. As defined by the General Data Protection Regulation (GDPR), we are data controllers and have a lawful basis for collecting your Personal Information where you have given us clear consent to do so. Please note that we are not able to provide our services if you do not consent to us using your data in the manner set out within this policy.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data includes first name, maiden name, last name, username or similar identifier, title, date of birth, gender and identity numbers as contained within your provided identity documents.
- Contact Data includes your home address, delivery address, email address, telephone numbers and ID for Skype or other social media and communication platforms.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us including bank and other payment service provider details. Please note that these details are also held subject to the relevant payments legislation.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version and other technology on the devices you use to access this website.
- Profile Data includes your username, password and any unique identifier assigned by us.
- Usage Data includes information about how you use and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
2. HOW WE COLLECT AND USE INFORMATION
We collect personal information on our customers in various ways, including: subscriptions; sign up for products and/or services by telephone, post, the Internet or email; offers; competition entry forms; or feedback, research or request forms and in writing or through any other medium.
From time to time, we may use your personal details:
- to verify your identity to confirm your continued eligibility to use our products and services, to protect against fraud and to comply with relevant laws;
- to meet orders or requests for services or information; to process payments; and to keep our records up-to-date;
- to tell you by telephone, post or email about special offers and current or new products and/or services that you may be interested in;
- to enable other people or businesses to carry out our work on our behalf;
- where you have given us your permission, to pass your information to carefully selected organisations to allow them to tell you about their special offers or products and services that may be of interest to you; and
- to manage our competitions and contact the winners.
3. WHO WE SHARE INFORMATION WITH
To provide you with our service, we share your data with a small number of trusted third-party service providers. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
4. HOW WE APPLY OUR POLICY
In order to put our policy into practice, we use our best endeavours to follow seven guidelines:
- We will ensure our systems are secure to protect your Personal Information from misuse and follow appropriate physical, electronic and managerial procedures to safeguard it;
- We will respect your privacy in the way that we contact you, whether by post, telephone, email or text message;
- We will not hold your Personal Information for longer than is necessary to effectively provide you with our services and comply with applicable legislation;
- We will not sell, trade or rent your Personal Information.
- We will comply promptly with any instructions from you to update your Personal Information or requests from you to see the Personal Information that we hold on you;
- We will comply with lawful requests to disclose personal information to certain authorities (e.g. the police);
- We may monitor and record any telephone calls to ensure we follow your instructions correctly and to improve our service
6. INTERNATIONAL TRANSFERS
We ensure your personal data is protected by requiring all our group companies to follow the same rules when processing your Personal Data. These rules are called “binding corporate rules”.
Some of our external third parties/ service providers are based outside of the European Economic Area (EEA) so their processing of your Personal Data will involve a transfer outside the EEA.
Whenever we transfer your Personal Data outside of the EEA, we ensure that the organisation receiving the personal data has provided adequate safeguards.
Adequate safeguards may be provided for by:
- a legally binding agreement between public authorities or bodies (e.g. the Privacy Shield in the US);
- binding corporate rules between entities within the WaveCrest Group of companies;
- standard or ‘Model’ data protection clauses in the form of template transfer clauses adopted by the European Commission;
- standard data protection clauses in the form of template transfer clauses adopted by a supervisory authority and approved by the European Commission;
- compliance with an approved code of conduct approved by a supervisory authority;
- certification under an approved certification mechanism as provided for in the GDPR;
- contractual clauses agreed authorised by the competent supervisory authority; or
7. YOUR LEGAL RIGHTS
Under certain circumstances, you have rights under data protection laws in relation to your Personal Data. They are as follows:
- Request access to your personal data.
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Right to withdraw consent.
You can request a copy of the Personal Information we may hold by writing to us at the address below. In respect of a request of erasure of your Personal Data, you can also do this by writing to us at the address below. Please note that on occasion, your rights as set out above will be subject to restrictions imposed by other legislation. In this instance we will so our utmost to comply with your request.
8. CHANGES TO THIS STATEMENT
We may change this policy to keep up to date with changes in legislation and best practice.
9. FURTHER INFORMATION
If you are unhappy with the way in which we are handling your personal information, you have the right to contact the Gibraltar Regulatory Authority (GRA) at http://www.gra.gi/.
10. CONTACTING US
If you wish to contact us in respect of this policy, please write to:
Data Protection Officer
WaveCrest Holdings Limited
Suite 5.16 World Trade Center
6 Bayside Road