Privacy Notice

Effective date: 3 June 2024

This Privacy Notice explains how uWaver Enterprise Ltd (“uWaver”, “we”, “our”, or “us”) collects, uses, discloses, and protects personal data when you use our websites (including uwaver.com), software and games, services, and any other uWaver resources described in this notice (together, the “Services”). It also explains your rights under applicable data protection laws, including the UK GDPR and, where applicable, the EU GDPR.

1. Who we are and how to contact us

The data controller for the Services is uWaver Enterprise Ltd. If you have questions about this notice or our handling of personal data, please contact us via the Contact page. If you prefer to write, please use our registered postal address indicated on our website.

2. Scope

This notice applies to personal data processed when you visit our websites, use or download our software and games (including from third-party app stores), interact with us on social media, participate in promotions, request support, or otherwise engage with uWaver. If a specific product, game, beta programme, developer portal, or event includes a supplementary privacy disclosure, that disclosure will take precedence for that processing.

3. Data we collect

3.1 Data you provide to us

3.2 Data collected automatically

3.3 Data from third parties

Sensitive data: We do not intentionally collect special category data (for example, health information). Please do not include such data in free-text fields.

4. Cookies and similar technologies

We use cookies and similar technologies to operate the site, understand performance, and improve the user experience. You can manage non-essential cookies through your browser settings and, where provided, our cookie controls.

CategoryPurposeExamples of dataRetention
Strictly necessary Enable core functionality such as security and page navigation. Session identifiers, security tokens. Session-based or as long as necessary.
Analytics Measure usage and performance to improve Services. IP address (truncated or masked where supported), device and event data. Disposed of immediately, subject to the capabilities of the tool.

Details of specific cookies and retention may vary by site or product version. Where required, we will obtain your consent before setting non-essential cookies.

5. Purposes and legal bases

PurposeExamplesLegal basis
Provide and support the Services Accountless support, software updates, entitlement checks, refunds. Performance of a contract or steps prior to entering into a contract; legitimate interests.
Improve and secure the Services Diagnostics, analytics, troubleshooting, fraud prevention. Legitimate interests (to develop, improve, and secure the Services).
Communicate with you Respond to enquiries, send service and policy notices. Performance of a contract; legitimate interests; legal obligations.
Marketing (optional) News, product updates, promotions. Consent. You may withdraw consent at any time.
Legal and compliance Record-keeping, responding to lawful requests, enforcing terms. Legal obligations; legitimate interests; establishment, exercise, or defence of legal claims.

6. Marketing communications

We will send electronic marketing only with your prior consent or as otherwise permitted by law. You may withdraw consent or opt out at any time by using the unsubscribe mechanism in our messages or by contacting us.

7. Sharing and processors

We do not sell or rent your personal data. We share personal data only as described below:

8. International transfers

Where personal data is transferred outside the UK or EEA, we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses, an adequacy decision, or other lawful transfer mechanisms. Copies of relevant safeguards are available upon request where legally permissible.

9. Retention

We keep personal data only for as long as necessary for the purposes described in this notice, including to comply with legal, accounting, or reporting requirements. Retention periods vary by data type and context. After the applicable retention period, we will delete or irreversibly anonymise the data.

10. Security

We apply technical and organisational measures appropriate to the risk, including access controls, encryption in transit, logical segregation, vulnerability management, and logging. Access to personal data is limited to personnel and providers who require it to perform their duties and who are subject to confidentiality obligations.

While no method is entirely risk-free, we maintain and review controls to reduce the likelihood and impact of security incidents. Where required by law, we will notify you and/or applicable authorities of a personal data breach.

11. Your rights

Subject to conditions and exceptions in law, you have the following rights regarding your personal data:

To exercise your rights, please contact us via the Contact page. We may need to verify your identity before completing your request.

12. Automated decision-making

We do not make decisions producing legal or similarly significant effects solely by automated means. If this changes for a specific Service, we will provide a specific notice and explain your rights in relation to that processing.

13. Use of uWaver resources

This section applies where you access or use any uWaver resources, including but not limited to developer portals, documentation, sample code, software development kits (SDKs), application programming interfaces (APIs), downloadable assets (such as art, audio, or templates), community forums, and knowledge bases (collectively, “uWaver Resources”).

14. Changes to this notice

We may update this notice from time to time. We will post the updated version on this page and revise the effective date above. If changes are material, we will take additional steps to inform you consistent with legal requirements.

15. Contact, complaints and supervisory authorities

If you have questions, concerns, or wish to exercise your rights, please contact us via the Contact page. You also have the right to lodge a complaint with your local data protection authority. In the United Kingdom, the supervisory authority is the Information Commissioner’s Office (ICO).

If any part of this notice conflicts with a product-specific privacy disclosure, the latter will govern for that product or feature.