wbp equip

Data Protection & Privacy Statement

Last updated: 20/01/2026

Commitment to Data Protection

Wellbeing Places Equip Limited ("WBP Equip") is committed to protecting personal data and respecting the privacy of individuals whose information may be processed in connection with its technology products and digital services.

The Company recognises data protection as a core component of responsible technology development and maintains governance arrangements designed to support lawful, fair, and transparent data use.

Regulatory Framework

WBP Equip's approach to data protection is informed by applicable UK data protection legislation, including:

  • the UK General Data Protection Regulation (UK GDPR); and
  • the Data Protection Act 2018.

The Company monitors relevant legal and regulatory developments and updates its governance arrangements as appropriate.

Lawful and Proportionate Data Use

WBP Equip seeks to ensure that personal data are:

  • processed for specified and legitimate purposes;
  • limited to what is necessary in relation to those purposes; and
  • handled in a manner consistent with individuals' rights and expectations.

Where technology products process personal data, this is done with consideration for necessity, proportionality, and risk.

Data Protection by Design and Governance

The Company applies data-protection-by-design principles in the development and operation of its technology solutions.

This includes consideration of:

  • data minimisation and retention;
  • access controls and role-based permissions;
  • appropriate safeguards for confidentiality and integrity; and
  • oversight of third-party suppliers where relevant.

Internal policies and procedures support consistent application of these principles across the business.

Use of Technology and AI

Where advanced analytics or automated tools are used, WBP Equip seeks to ensure that:

  • personal data are handled responsibly;
  • systems are not relied upon in isolation for decisions affecting individuals; and
  • risks relating to privacy, fairness, or misuse are considered as part of governance and review.

Technology is used to support insight and operational efficiency, not to remove accountability for outcomes.

Third Parties and Data Sharing

WBP Equip may engage third-party service providers or advisers in connection with its operations.

Where personal data are processed by third parties on the Company's behalf, appropriate contractual and governance measures are applied to support data protection and security.

Data Security and Incident Management

The Company applies proportionate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse.

Procedures are in place to identify, manage, and respond to data protection incidents, including escalation and review where required.

Individual Rights

WBP Equip recognises the rights of individuals under UK data protection law, including rights relating to:

  • access to personal data;
  • correction or deletion of data where appropriate; and
  • objection to certain types of processing.

Further information on how these rights may be exercised is set out in the Company's Privacy Notice.

Transparency

This Data Protection & Privacy Statement is intended to provide a high-level overview of the Company's approach.

More detailed information about specific processing activities, cookies, and individual rights is provided through the Privacy Notice and related disclosures.

Review

This Statement is reviewed periodically to ensure it remains accurate and aligned with the Company's activities and regulatory obligations.

All revisions must be approved by the Board and recorded in the Policy Register.