Wavemaker is committed to protecting your privacy and handling your personal data openly, responsibly, and in line with UK data protection law.
This Privacy Policy explains:
- What personal data we collect
- How and why we use it
- How we keep it safe
- Your rights and how to exercise them
This policy applies to our website, services, programmes, training, digital platforms, and communications.
Organisation: Wavemaker
Website: www.wavemaker.org.uk
Email: info@wavemaker.org.uk
For the purposes of data protection law, Wavemaker is the data controller.
We only collect data that is relevant and necessary. Depending on how you interact with us, this may include:
Personal Information
- Name
- Email address
- Telephone number
- Organisation, role, or job title
Learner and Programme Data
- Registration and attendance details
- Course progress and completion information
- Feedback and evaluation responses
Device and Support Programmes
- Eligibility information
- Device allocation records
- Support notes related to delivery
Website and Technical Data
- IP address
- Browser type and version
- Operating system
- Pages visited and usage data
- Cookies (see our Cookie Policy)
Marketing and Communications
- Mailing list sign-ups
- Communication preferences
We do not collect more data than we need, and we do not sell personal data. Ever.
We use personal data to:
- Deliver training, programmes, and servicesManage learner participation and support
- Communicate with you about activities you’re involved inImprove our services and understand impact
- Meet legal, contractual, and funding requirements
- Send relevant updates where you have opted in
We do not use your data for anything unexpected or sneaky.
Under UK GDPR, we rely on the following lawful bases:
- Consent - where you have actively opted in (e.g. mailing lists)
- Contract - where processing is needed to deliver a service or programme
- Legal obligation - where required by law or regulation
- Legitimate interests - to run our organisation effectively, provided your rights are not overridden
We’ll always tell you which applies.
We only share personal data where necessary and appropriate, including with:
- Delivery partners and associates involved in programmes
- Platform providers (e.g. learning platforms, email tools, cloud services)
- Funders or commissioners, usually in anonymised or aggregated form
All third parties are required to handle data securely and lawfully.
We do not share data for unrelated marketing purposes.
We take data security seriously.
Your data is:
- Stored securely using reputable digital platforms
- Accessed only by those who need it
- Protected by appropriate technical and organisational measures
No system is perfect, but we take reasonable and proportionate steps to keep your data safe.
We keep personal data only for as long as necessary, including:
- For the duration of a programme or service
- To meet reporting or funding requirements
- To comply with legal obligations
Retention periods vary depending on the type of data. When data is no longer needed, it is securely deleted or anonymised.
Under UK GDPR, you have the right to:
- Access your personal data
- Correct inaccurate or incomplete data
- Request deletion of your data
- Restrict or object to certain processing
- Withdraw consent at any time
- Request data portability where applicable
- Complain to the Information Commissioner’s Office (ICO)
There is no fee for making a request.
To exercise your rights, contact: info@wavemaker.org.uk
Our website uses cookies to improve functionality and understand usage.
For full details, see our
Cookie Policy.
We may update this Privacy Policy from time to time to reflect changes in law or how we work.
The latest version will always be published on our website.
If you have any questions or concerns about how we handle your data, contact:
Email: info@wavemaker.org.uk
If you are not satisfied with our response, you have the right to complain to the Information Commissioner’s Office (ICO).
