Privacy Notice – uWaver Enterprise Ltd

1. Who we are and how to contact us

The data controller for the Services is uWaver Enterprise Ltd. If you have questions about this notice or our handling of personal data, please contact us via the Contact page. If you prefer to write, please use our registered postal address indicated on our website.

2. Scope

This notice applies to personal data processed when you visit our websites, use or download our software and games (including from third-party app stores), interact with us on social media, participate in promotions, request support, or otherwise engage with uWaver. If a specific product, game, beta programme, developer portal, or event includes a supplementary privacy disclosure, that disclosure will take precedence for that processing.

3. Data we collect

3.1 Data you provide to us

Contact and account data: name, email address, phone number, and any information you include in messages or forms.
Support communications: contents of requests, screenshots, crash reports you choose to send, and related metadata.
Transaction data: where relevant to our Services (for example, fulfilment details or refund references). We do not collect or store full card details; in-app purchases are processed by app stores.
Event or programme participation: registration details, surveys, and feedback.

3.2 Data collected automatically

Usage and device data: IP address, device identifiers, operating system and version, language, time zone, app version, feature usage, and diagnostics (such as crash logs). We use analytics to understand usage and improve performance.
Cookies and similar technologies: please see Section 4.

3.3 Data from third parties

App stores and distribution platforms: limited data to enable downloads, updates, entitlement checks, and refunds.
Service providers: information from hosting, analytics, customer support, and email delivery providers.
Public sources and social media: profile information and communications you direct to us.

Sensitive data: We do not intentionally collect special category data (for example, health information). Please do not include such data in free-text fields.

4. Cookies and similar technologies

We use cookies and similar technologies to operate the site, understand performance, and improve the user experience. You can manage non-essential cookies through your browser settings and, where provided, our cookie controls.

Category	Purpose	Examples of data	Retention
Strictly necessary	Enable core functionality such as security and page navigation.	Session identifiers, security tokens.	Session-based or as long as necessary.
Analytics	Measure usage and performance to improve Services.	IP address (truncated or masked where supported), device and event data.	Disposed of immediately, subject to the capabilities of the tool.

Details of specific cookies and retention may vary by site or product version. Where required, we will obtain your consent before setting non-essential cookies.

5. Purposes and legal bases

Purpose	Examples	Legal basis
Provide and support the Services	Accountless support, software updates, entitlement checks, refunds.	Performance of a contract or steps prior to entering into a contract; legitimate interests.
Improve and secure the Services	Diagnostics, analytics, troubleshooting, fraud prevention.	Legitimate interests (to develop, improve, and secure the Services).
Communicate with you	Respond to enquiries, send service and policy notices.	Performance of a contract; legitimate interests; legal obligations.
Marketing (optional)	News, product updates, promotions.	Consent. You may withdraw consent at any time.
Legal and compliance	Record-keeping, responding to lawful requests, enforcing terms.	Legal obligations; legitimate interests; establishment, exercise, or defence of legal claims.

6. Marketing communications

We will send electronic marketing only with your prior consent or as otherwise permitted by law. You may withdraw consent or opt out at any time by using the unsubscribe mechanism in our messages or by contacting us.

8. International transfers

Where personal data is transferred outside the UK or EEA, we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses, an adequacy decision, or other lawful transfer mechanisms. Copies of relevant safeguards are available upon request where legally permissible.

9. Retention

We keep personal data only for as long as necessary for the purposes described in this notice, including to comply with legal, accounting, or reporting requirements. Retention periods vary by data type and context. After the applicable retention period, we will delete or irreversibly anonymise the data.

10. Security

We apply technical and organisational measures appropriate to the risk, including access controls, encryption in transit, logical segregation, vulnerability management, and logging. Access to personal data is limited to personnel and providers who require it to perform their duties and who are subject to confidentiality obligations.

While no method is entirely risk-free, we maintain and review controls to reduce the likelihood and impact of security incidents. Where required by law, we will notify you and/or applicable authorities of a personal data breach.

11. Your rights

Subject to conditions and exceptions in law, you have the following rights regarding your personal data:

Right of access to a copy of your personal data.
Right to rectification of inaccurate or incomplete data.
Right to erasure (“right to be forgotten”).
Right to restriction of processing.
Right to data portability.
Right to object to processing based on legitimate interests, and to object to direct marketing at any time.
Right to withdraw consent where processing is based on consent.

To exercise your rights, please contact us via the Contact page. We may need to verify your identity before completing your request.

12. Automated decision-making

We do not make decisions producing legal or similarly significant effects solely by automated means. If this changes for a specific Service, we will provide a specific notice and explain your rights in relation to that processing.

13. Use of uWaver resources

This section applies where you access or use any uWaver resources, including but not limited to developer portals, documentation, sample code, software development kits (SDKs), application programming interfaces (APIs), downloadable assets (such as art, audio, or templates), community forums, and knowledge bases (collectively, “uWaver Resources”).

Account and access: Some uWaver Resources may require registration or authentication. We will process account and usage data to provide access, maintain security, enforce acceptable use, and improve the Resources.
Telemetry and improvements: Where enabled, SDKs and developer tools may collect limited telemetry (for example, version, environment, feature flags, and error reports) to improve stability and performance. You may disable or control telemetry where settings are provided.
Community content: Content you post on forums or feedback channels may be public. Please avoid sharing personal data or confidential information in public areas.
Licensing and enforcement: We may process data necessary to verify entitlement to assets, enforce licence terms, prevent fraud or misuse, and protect our intellectual property and that of our partners.

14. Changes to this notice

We may update this notice from time to time. We will post the updated version on this page and revise the effective date above. If changes are material, we will take additional steps to inform you consistent with legal requirements.

15. Contact, complaints and supervisory authorities

If you have questions, concerns, or wish to exercise your rights, please contact us via the Contact page. You also have the right to lodge a complaint with your local data protection authority. In the United Kingdom, the supervisory authority is the Information Commissioner’s Office (ICO).

If any part of this notice conflicts with a product-specific privacy disclosure, the latter will govern for that product or feature.