Privacy policy

1. Who we are

Waveko ("we", "us", "our") provides offline-first budget and cost software and free production tools for live events. We are the data controller for the personal data described in this policy. We operate from the United Kingdom and you can reach us at hello@waveko.net.

2. What we collect

We collect only what we need to run the service:

• Account details you give us: name, work email, company name and password (stored only as a secure hash).
• Budget and production data you enter, such as estimates, actuals, change orders and wrap reports.
• Billing information for paid plans, processed by our payment provider — we do not store full card numbers.
• Technical data such as device type, browser and limited usage logs needed to keep the service secure and reliable.
• Anything you send us by email or through the contact form.

3. How we use it

We use your data to provide and improve the service, including to:

• Create and secure your account and sync your budgets across your devices.
• Provide support and respond to your enquiries.
• Process payments and manage subscriptions.
• Keep the service stable, diagnose problems and prevent abuse.
• Send essential service messages. We only send product updates or marketing if you opt in, and you can opt out at any time.

4. Legal bases

Under UK GDPR we rely on the following bases: performance of our contract with you (to deliver the service), our legitimate interests (to secure and improve the service), your consent (for optional communications), and legal obligation (for example, tax and accounting records).

5. Offline & sync data

Waveko is designed to work without a connection. When you work offline, your entries are stored locally on your device and queued. When a connection returns, that queue syncs to our servers so your team can see the same numbers. Locally stored data remains on your device until it syncs or you sign out; you can clear it by signing out of the app.

6. Sharing

We do not sell your data. We share it only with service providers who help us run Waveko — such as cloud hosting and payment processing — under contracts that require them to protect it. We may disclose data if required by law or to protect our rights, users or the public.

7. Retention

We keep account and budget data for as long as your account is active. If you close your account, we delete or anonymise your data within a reasonable period, except where we must keep certain records (for example, billing) to meet legal obligations. You can export your data at any time before deletion.

8. Your rights

Subject to UK GDPR, you have the right to:

• Access the personal data we hold about you.
• Ask us to correct inaccurate data.
• Ask us to delete your data where there is no overriding reason to keep it.
• Object to or restrict certain processing.
• Receive your data in a portable format.
• Withdraw consent at any time, where we rely on it.

To exercise any of these, email hello@waveko.net. You also have the right to complain to the UK Information Commissioner's Office (ICO).

9. Security

We protect your data with encryption in transit, hashed passwords, access controls and regular review of our systems. No method of storage or transmission is completely secure, but we work to protect your data and to notify you and the relevant authority if a serious breach occurs.

10. International transfers

Where data is processed outside the UK, we ensure an appropriate safeguard is in place, such as an adequacy decision or standard contractual clauses, so your data receives equivalent protection.

11. Changes to this policy

We may update this policy as the service changes. When we make material changes we will update the date above and, where appropriate, let you know in the app or by email.

12. Contact

Questions about this policy or your data? Email hello@waveko.net or use our contact page. We operate from the United Kingdom.