Registered Charity Number: 1105270. Registered as a limited company at Companies House Number: 5178212
Aims of this policy:
For WAVES to comply with the Data Protection Act.
For WAVES to abide by the General Data Protection Regulation (GDPR).
What is the GDPR?
The General Data Protection Regulation (GDPR), which comes into force on May 25th, 2018, aims to protect the fundamental right to privacy and the protection of personal data of European Union (EU) citizens.
This regulation affects any entity (including websites) that processes EU citizens' personal data. Whether or not you or your business is located in the EU, if you have EU site visitors, or if your marketing campaigns target EU citizens, this affects you.
The aim of the WAVES website is to: provide information about the WAVES agency, provide support and guidance regarding domestic abuse and violence, to provide motivational and inspirational media, to provide informative media.
We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile. Should any forms be completed via the WAVES website (i.e. enquiries, referrals, requests, placement applications) and submitted, this information will also be stored and recorded, however will be anonymised in 6 years or less from the submission date, or deleted. Any data stored is secured by encryption, where data bases created by WAVES using this information are accessed by encrypted devices with each file being encrypted also.
When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.
We collect such Non-personal and Personal Information for the following purposes:
To provide and operate the Services;
To provide our Users with ongoing customer assistance and technical support;
To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
To comply with any applicable laws and regulations.
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. The WAVES website provides a PayPal donation link which will direct you away from the WAVES website and to PayPal itself.
We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.
Data Stored Offline
Any data stored or accessed by WAVES is accumulated in some of the following ways: websites, social media, phone, text, email or letter (this list of means in non-exhaustive). This data is encrypted and will be anonymised after 6 years or less or deleted and/or destroyed.
You have the right to access any information in relation to yourself within 30 days of request.
Any information passed between WAVES to another agency will only be done so with your consent.
Any information passed between WAVES and external agencies will be recorded and tracked.
Data stored electronically will be encrypted and viewed and modified where appropriate on encrypted devices.
Paper documents will be stored in file cabinets, and any documents in transport will be secured within a bag in possession of the employee, volunteer or contracted professional, and remain on the individual’s person always.
Where WAVES come to believe any data of any individual may be compromised in any way, WAVES will inform the relevant individual(s) affected as soon as possible where it is deemed reasonably safe to do so by the WAVES manager.
If data is believed to be breached by any individual employed by, contracted by or volunteering for WAVES, the WAVES manager will be informed immediately by the individual.
If you don’t want us to process your data anymore, please contact us at email@example.com or send us mail to:
WAVES Counselling Project
P.O Box 80
For data protection enquiries please contact trust manager: firstname.lastname@example.org with the subject 'Data Protection Query'
Full policy is available here: