MENU
Let's Chat!

Privacy Policy

DATA PRIVACY POLICY

© 2025 Kristy Ching, EchoWave VA. All rights reserved.

To copy or adapt this, please contact kristyc@echowaveva.co.uk.

At EchoWave VA, your privacy is of the utmost importance. This privacy policy explains how we collect, use, protect, and store your personal data in compliance with applicable data protection laws. By using our services, you agree to the terms set forth in this policy.

1. WHO IS HOLDING YOUR INFORMATION?
Name: Kristy Ching
Email: kristyc@echowaveva.co.uk
Business Name: EchoWave VA
Data Retention Period: 12 months after completion (clients), 6 months after enquiry (prospective clients)
Payment Processor(s): BACS payments only
Cookie Policy: Please refer to our separate cookie policy
Third Parties We Share Information With: See Section A.7 below
Person Responsible for Data: Kristy Ching, EchoWave VA
Contact for Data Concerns: kristyc@echowaveva.co.uk
Our Data Regulator Contact Details:
UK: ICO
EU: EDPB
Last Updated: 01/02/2025

2. WHOSE INFORMATION DO WE COLLECT?

We process information about:

  • Prospects: Contacts working at or connected with potential clients
  • Clients: Individuals who have purchased services from us
  • Client Contacts: Individuals employed by or contracted to clients

3. OUR POLICY

We are committed to respecting your personal information. This Policy explains how we collect, use, and protect your personal data. We do not sell, rent, or trade email lists. We aim to comply with all applicable data protection laws, including the GDPR in the UK, and this policy provides transparency in how your information is handled.

Please review this Policy regularly for updates.

A.1. OUR GENERAL APPROACH TO PERSONAL DATA

We only collect and use personal data when needed:

  • Because you have requested our services
  • To reply to queries or complaints
  • To fulfil contracts and provide services to clients
  • To meet legal obligations

We do not collect excessive or unnecessary data and will never share your personal data without your consent, except in exceptional circumstances (outlined below).

A.2. CATEGORIES OF DATA

Depending on our relationship, we may collect and process the following types of data:

  • Personal Information: Name, email address, job title, business name, contact address
  • Client-related Information: Financial records, communications, and service usage history

We will only process data necessary to provide our services and manage our business operations.

A.3. HOW WE USE YOUR DATA

We use your personal data for the following purposes:

  • Communication: To inform you about services, respond to inquiries, or address any issues you may have
  • Marketing: We may send you updates, newsletters, or other marketing communications if you have opted in. You can unsubscribe from marketing communications at any time.
  • Service Management: Your information may be used to deliver our services, including managing service requests and processing payments.

We do not share personal information with third-party marketers, and you may opt-out of all marketing communications at any time.

A.4. SOCIAL MEDIA

When you interact with us via social media platforms (LinkedIn, Facebook, etc.), please be aware that these platforms are governed by their own privacy policies. We may keep a record of your interactions on these platforms to improve our customer service and marketing efforts.

A.5. NO SALE OR EXCHANGE OF YOUR DATA

We do not sell or exchange your personal data with third parties for marketing purposes. Your data is used strictly for fulfilling your requests and providing the services you’ve contracted for.

A.6. DATA LOCATION AND PLATFORMS

We store and process personal data using reputable, secure service providers, including cloud platforms like Google Workspace. In some cases, data may be stored outside the UK or EU, but we ensure all third-party providers adhere to appropriate data protection standards (e.g., EU-U.S. Privacy Shield, UK-approved safeguards).

A.7. THIRD PARTIES WE MAY SHARE YOUR DATA WITH

We may share your data with third parties such as:

  • Payment processors: For processing transactions (BACS payments only)
  • Service providers: These may include virtual assistants, web developers, IT support, or other service providers we engage to assist in our business operations.
  • Legal or regulatory authorities: If required by law or to protect our legal rights.

All third-party service providers are required to sign Data Processing Agreements and comply with applicable data protection regulations.

A.8. DATA SECURITY

We take your data security seriously. We implement technical and organizational measures to safeguard your personal data from unauthorized access, use, disclosure, alteration, and destruction. This includes encryption of data where appropriate, secure payment processing systems, and regular security audits.

A.9. DATA RETENTION PERIOD

We retain personal data for no longer than necessary:

  • Client Data: 12 months after the completion of services or the termination of our relationship with you
  • Prospective Client Data: 6 months after the initial enquiry, or if no contract is signed

We retain data in accordance with legal, accounting, or regulatory obligations.

A.10. YOUR RIGHTS UNDER DATA PROTECTION LAW

As a data subject, you have the following rights:

  • Right to Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we correct or update any inaccuracies in your data.
  • Right to Deletion: You can request that we delete your personal data, subject to legal and contractual obligations.
  • Right to Object: You can object to our processing of your personal data in certain circumstances.

To exercise your rights, please contact us at kristyc@echowaveva.co.uk. We will respond to your request within 30 days.

A.11. COMPLAINTS AND DISPUTES

If you have any concerns about how we handle your data or feel that we are not complying with data protection laws, please contact us directly. If we cannot resolve the matter, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) or your local data protection authority.

A.12. LIMITATION OF LIABILITY

While we take all reasonable steps to protect your data, we cannot guarantee the absolute security of your data due to the inherent nature of online data processing. By using our services, you acknowledge that you understand the risks associated with online data transmission and accept our terms.

This Privacy Policy is designed to give you transparency and confidence in how we manage your data, while providing strong protections for your privacy. If you have any questions or concerns, please don’t hesitate to contact us at kristyc@echowaveva.co.uk.