GDPR Compliance

1. Our Commitment to GDPR

FluxisWave is committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines how we comply with GDPR requirements.

2. Lawful Basis for Processing

We process personal data under the following lawful bases:

• Consent: You have given clear consent for us to process your personal data for specific purposes (e.g., enrolling in programmes, receiving communications)
• Contract: Processing is necessary for a contract we have with you
• Legal obligation: Processing is necessary to comply with the law
• Legitimate interests: Processing is necessary for our legitimate interests (e.g., improving our services) where your rights do not override those interests

3. Your GDPR Rights

Under the UK GDPR, you have the following rights regarding your personal data:

3.1 Right to Access

You have the right to request copies of your personal data. We may charge a small fee for this service.

3.2 Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

3.3 Right to Erasure

You have the right to request that we erase your personal data, under certain conditions.

3.4 Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions.

3.5 Right to Data Portability

You have the right to request that we transfer the data we have collected to another organisation, or directly to you, under certain conditions.

3.6 Right to Object

You have the right to object to our processing of your personal data, under certain conditions.

3.7 Rights Related to Automated Decision Making

We do not use automated decision-making or profiling in our processing of your personal data.

4. How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: [email protected]
Address: 42 Kensington High Street, London, W8 4PF, United Kingdom

We will respond to your request within one month. If your request is particularly complex, we may extend this period by two further months, but we will let you know if this is the case.

5. Data Protection Officer

For all data protection enquiries, please contact our Data Protection Officer at [email protected].

6. Data Security

We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

• Encryption of personal data
• Regular security assessments
• Access controls and authentication
• Regular staff training on data protection
• Secure data backup and recovery procedures

7. Data Breach Notification

In the event of a personal data breach, we will notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay.

8. International Data Transfers

We do not transfer your personal data outside the United Kingdom. If this changes in the future, we will ensure that appropriate safeguards are in place and will update this page accordingly.

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

• Enrolment and programme records: 7 years after completion
• Marketing consent records: Until consent is withdrawn
• Website analytics data: 26 months
• Financial records: 7 years (as required by law)

10. Children's Data

While our services are provided to children and teenagers aged 11-18, we collect personal data from parents or legal guardians. We do not knowingly collect data directly from children under 16 without parental consent.

11. Third-Party Processors

We work with carefully selected third-party service providers who process personal data on our behalf. All processors are bound by data processing agreements that comply with UK GDPR requirements.

12. Complaints

If you believe we have not handled your personal data in accordance with UK GDPR, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Website: fluxis-wave.com
Helpline: 0303 123 1113

13. Updates to This Page

We may update this GDPR compliance page from time to time to reflect changes in our practices or legal requirements. The "Last updated" date at the top of this page indicates when changes were last made.

14. Contact Us

If you have any questions about our GDPR compliance or how we handle your personal data, please contact us at [email protected].