At WaveCrest looking after the personal data you share with us is important to us. We want you to be confident that your data is safe and secure with us and understand how we use it to offer you a better and more personalised experience.
We are committed to doing the right thing when it comes to how we collect, use and protect your personal data. That’s why we’ve developed this privacy and cookies policy (“Policy”), which:
- Sets out the types of personal data that we collect
- Explains how and why we collect and use your personal data
- Details when and why we will share personal data within the WaveCrest Group and with third parties; and
- Explains the rights and choices you have when it comes to your personal data
What this Policy covers.
The Data Controller is WaveCrest (UK) Limited (collectively referred to as "we" or "us” in this Policy)
We offer different products and services, so we want you to be clear about what the Policy covers. If you
- Use any website (“our Website”) or mobile applications ("our Mobile Apps”) where this Policy is posted; or
- Use our retail end-user products such as Bob, Planet Talk Instant, Planet Talk Account, Topup2Talk, GoTalk, First Number or Just Call (our “Retail Products”); or
- Our wholesale telecommunications network (the "Network")
(collectively known as “our Services"), then this Policy applies to you. This Policy also applies if you contact us or interact with us with regard to our Services.
Personal data we collect.
When you register for our Services, you may provide us with -
- Your personal details, including your postal and billing addresses, email addresses, phone numbers and date of birth and title;
- Your debit or credit card details, bank details and other payment information;
- Your account login details, such as your username and the password you have chosen.
When you top-up your account or browse our Website or use our Mobile Apps, we may collect -
- Personal data you provide about yourself any time you contact us in relation to our Services including by phone, email or post or when you interact with us online or on social media (for example, your name, social media handle and contact details);
- Information about when and how much you top up and pay your bill or how often and why you access your account with us;
- Information about your online browsing behaviour on our Website and Mobile Apps;
- Information about any devices you have used to access our Service; including device make, model and operating system, IP address, browser type and mobile device identifiers;
- So we know how best to process your calls and also protect you from fraud we sometimes use certain information such as IP address to check which country you are located in.
When you contact or interact with us or take part in promotions, competitions, surveys or questionnaires in relation to our Services, we may collect -
- Details of the emails and other digital communications we send to you that you open, including any links in them that you click on;
- Your feedback and contributions to customer surveys and questionnaires.
Additional sources of personal data
We may supplement the data we collect with personal data from other sources, such as specialist companies that supply data, companies that operate online media channels and public registers. For example, this additional data helps us to -
- Review and improve the accuracy of the data we hold;
- improve and measure the effectiveness of our marketing communications, including online advertising.
How and why we use personal data.
We use personal data to:
This means that processing your personal data allows us to:
Do we have to process your personal data this way?
Make our Services available to you.
Manage the accounts you hold with us, check whether you qualify for credit or our products are appropriate for you, and process your orders and refunds.
Please see further information below about how we use and share your data with credit reference agencies.
Yes, it is necessary for us to process your personal data so that we can operate your customer accounts, provide you with the goods and services you want to purchase (including assessing and deciding on whether we can give you and members of your household credit or credit-related services) and to help you with any orders and refunds that you may request.
Manage your connection to our Network and to get in touch with you if we need to tell you about any problems with the Network.
Yes, it is necessary for us to process your personal data so that we can connect you to and improve the operation of the Network.
Manage and improve our Websites and Mobile Apps.
Manage and improve our day-to-day operations.
Help to develop and improve our product range, services, information technology systems, know-how and the way we communicate with you.
Yes, it is in our legitimate interest to undertake market research and internal research and development, and to improve our information technology systems (including its security) and our product ranges and services.
Detect and prevent fraud, money laundering or other crime
See further information below about how we use and share your data with fraud prevention agencies.
Yes, it is in our legitimate interest to monitor how our Services are used to detect and prevent fraud, other crimes and the misuse of services. This helps us to ensure that you can safely use our Services.
Recover any money you might owe us.
Assign your debt to permitted third parties.
Yes, it is in our legitimate interest to obtain payment for our Services.
Personalise your WaveCrest experience.
Use your online browsing behaviour as well as your online to help us better understand you as a customer and provide you with personalised offers and services.
Yes, it is in our legitimate interest to look at your preferences that we derive from your browsing behaviour and purchases so that we can personalise our offers and services for you, to better meet your needs as a customer – provided this is in line with your marketing choices.
Provide you with relevant marketing communications (including by text, email, post or online advertising), relating to our products and services. This includes measuring the effectiveness of our marketing communications campaigns, including online advertising.
It is in our legitimate interest to provide you with marketing communications that are relevant to your interests. However, you can change your marketing choices, at any time.
Please see your choices when it comes to cookies below.
Contact and interact with you.
Investigate any complaints or questions you may raise and contact you in relation to our Services, for example by phone, email, online or post or responding to social media posts that you have directed at us.
Yes, it is in our legitimate interest to provide any clarification or assistance in response to your communications to serve you better as a customer,
Manage promotions and competitions you take part in.
Yes, it is necessary for us to process your personal data so that we can manage the promotions and competitions that you choose to enter into.
Invite you to participate in and manage customer surveys, questionnaires and other market research activities carried out by the WaveCrest Group and by third parties on our behalf.
It is in our legitimate interest to carry out market research. However, while we may contact you about this, you are of course not obliged to take part in these activities. If you tell us that you do not want to be contacted for market research, we will respect this choice and you will not receive any further market research communications from us. This will not affect your ability to use our Services.
Fraud Prevention Agencies.
When processing credit and debit card payments, we may access and use information held by fraud prevention agencies to prevent fraud and money laundering, for example, when: checking applications for, and managing credit and credit related or other facilities and recovering debt.
We will also share personal information we have collected from you with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found below.
Full Fraud Prevention Notice.
Before we provide you with certain of our account based or pre-pay products, where you pay by debit or credit card we may undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process personal data about you.we may undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process personal data about you.
- The personal data you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and money laundering, and to verify your identity.
- Details of the personal information that will be processed, for example: name, address, date of birth, contact details, financial information, employment details, device identifiers including IP address.
- We and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
- We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services you have requested.
- Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
- As part of the processing of your personal data decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk or if our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct; or is inconsistent with your previous submissions; or you appear to have deliberately hidden your true identity. You have rights in relation to automated decision making: if you want to know more please contact us using the details provided.
Consequences of Processing
- If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services you have requested, or we may stop providing existing services to you.
- A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details provided.
• Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to 'international frameworks' intended to enable secure data sharing.
- Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data; request that your personal data is erased or corrected; request access to your personal data.
- For more information or to exercise your data protection rights, please contact us using the contact details provided.
- You also have a right to complain to the Information Commissioner's Office which regulates the processing of personal data.
Sharing personal data within the WaveCrest Group.
We may share the personal data we collect with other companies in the WaveCrest Group. For example, we share personal data with the following WaveCrest Group companies.
WaveCrest Networks Limited
WaveCrest Communications (France) SAS
WaveCrest (UK) Limited - Neiderlassung Deutschland
Sharing personal data to third parties
We may share your personal
data with our
Service Providers. When we share personal data with these companies we require them to keep it safe, and they must not use your personal data for their own marketing purposes.
We work with carefully selected Service Providers that perform certain functions on our behalf. These include, for example, companies that help us with customer care services, Network and technology services, storing and combining data, credit checks and payment processing.
We only share personal data that enable our Service Providers provide their services.
Sharing personal data with other organisations.
We may share personal data with other organisations in the following circumstances -
- where we are required to do so by law or by public authorities;
- credit reference agencies: We will share details of your credit agreement with us, the payments you make under it and any default or failure to keep to its terms. The credit reference agency will record details of our search of their database, whether or not your application proceeds.
- fraud prevention agencies: If when placing an order with us false or inaccurate information is provided by you and fraud is identified or suspected, your details may be passed to fraud prevention agencies. Law enforcement agencies may access and use this information,
- in order to establish, exercise or defend our legal rights (including providing data to others for the purposes of fraud prevention and reducing credit risk);
- to whom we sell or transfer (or enter into negotiations to sell or transfer) any of our businesses or any of our rights or obligations under any agreement we may have with you. If the transfer or sale goes ahead, the transferee or purchaser may use your personal information in the same way as us;
- to any other successors in title to our business.
How we protect personal data.
We know how important it is to protect and manage your personal data. We use computer safeguards such as firewalls and data encryption, and we enforce physical access controls to our buildings and files to keep this data safe. We only authorise access to those employees who require it to fulfil their job responsibilities. When you provide data to us through our Websites or Mobile Apps, that data is protected by secure socket layer (SSL) encryption.
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA"). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers. We will put in place appropriate safeguards to ensure that your personal data remains adequately protected and is treated in accordance with this Policy.
How long we use personal data for.
We will not keep your personal data longer than we need to, how long this is depends on several factors, including:
- Why we collected it in the first place;
- How old it is;
- Whether there is a legal/regulatory reason for us to keep it;
- Whether we need it to protect you or us.
Marketing: changing how and when we communicate with you.
We may send you relevant offers or marketing information about our products and services in a number of ways including push notification, email, post or SMS. If you don't want to receive offers or marketing information, you can opt out at any time.
We also like to hear your views to help us to improve our Services and we may contact you for market research purposes. You always have the choice about whether to participate in our market research.
Cookies and similar technologies.
Cookies and similar technologies, such as tags and pixels ("Cookies"), are small data files that allow a website to collect and store a range of data on your desktop computer, tablet, laptop or mobile device.
Enhance our Websites’ and Mobile Apps functionality.
Cookies allow us to enhance the functionality of our Website and Mobile Apps so that we can personalise your experience and allow you to use may of the useful features of our Website and Mobile Apps.
Enhance our Websites' and Mobile Apps' performance.
Cookies can help us to understand how our Website and Mobile Apps are being used, for example, by telling us if you encounter an error message as you browse.
These Cookies collect data that is mostly aggregated and anonymous.
Measuring the effectiveness of our marketing communications.
Your choices when it comes to Cookies
You can use your browser settings to accept or reject the placement of new Cookies and you can delete existing Cookies. You can also configure your browser settings so you will be notified each time a new Cookie is placed. You can find more detailed information about how you can manage Cookies at the All About Cookies and YourOnlineChoices websites.
If you choose to disable some or all Cookies, you may not be able to make full use of the functionalities of our Website. For example, you may not be able to use any of our products and services that require you to sign in.
Subject Access Rights.
You have a right to see the personal data we hold about you. This is called a Subject Access Request.
If you would like to obtain a copy of the personal data we hold about you, please contact us through the normal customer service channels for your product(s). You can also email us at firstname.lastname@example.org
In certain circumstances we may charges a fee before providing the information.
Other Data Protection Rights.
In relation to your personal data, you also have the right to:
- In some circumstances, to receive some of your information in a useable format and/or request we transmit that data to a third party where this is technically feasible. Please note that this right only applies to information which you have provided to us.
- Ask that we update your information if it is inaccurate or incomplete.
- Ask that we erase your information in certain circumstances. Please note that there may be circumstances where you ask us to restrict the processing of your information, but we are legally entitled to refuse the request.
- The right to make a complaint with the Information Commissioner www.ico.org.uk if you think that any of your rights have been infringed.
The ICO website www.ico.org.uk contains more detail on the data protection rights mentioned above. Or if you would like to speak to us about these rights in more detail, see the “how to contact us” section below.
How to contact us.
If you have any questions about how we collect, store and use personal data please contact us
Mail: WaveCrest (UK) Ltd, 1st Floor, Bishopsgate Court, 4-12 Norton Folgate, London, E1 6DB.