Privacy Policy

  • GDPR
  • California Consumer Privacy Act (CCPA)
  • Cookies

We own and operate the Ocean Optics website ( We offer certain software applications, including without limitation the Wave illumination mobile application for both iOS and Android (“Applications”), (hereinafter the Website and Applications are collectively referred to as the “Services”). This Privacy Policy applies when you utilize any of these Services and also describes how your personal data is collected, used, shared, and secured, as well as your related choices regarding use, access and correction. Please read the Privacy Policy carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purposes of the General Data Protection Regulation 2016 (GDPR), the data controller is Ocean Optics, Inc, Quadrangle Blvd., Orlando, Florida 32817, USA.

If you need more information on this, please contact: [email protected]

For California residents, additional disclosures required by California law may be found in our California Supplemental Privacy Notice located on CCPA tab.

What kind of personal data do we collect about you?

We may collect and process the following data about you:

Contact and Identity Data, including your name, address, e-mail address and phone number, and the business or organization you work.

Technical Data, including your Internet Protocol (IP), device identifiers, device information (such as type and model, operating system type, browser type, language, and settings), your login information, geolocation data, mobile ad identifiers, cookie IDs, referring / exit pages and URLs, interaction information (such as clickstream data), domain names, pages viewed, and software crash data.

Usage Information, including the time, date, and duration of your use of our Services, and your interaction with content offered through the Services, and any referring websites.

Financial Data, including information related to your preferred payment method and credit history.

Marketing and Communications Data, including your preferences in receiving marketing from us and your communication preferences.

How do we collect your personal data?

We may obtain your Contact and Identity Data, Technical Data, Usage Data, Financial Data, and Marketing and Communications Data using any of the below methods.

When you provide the personal data to us. You may provide the personal data to us when you enter or upload information into the Website or an Application, sign up to use the Services, or when you communicate with us via telephone, email, or otherwise.

Through technical means when you use our Services. When you visit or use our Website or Applications, we may collect your personal data using cookies and other similar technology.  For more information on how we use cookies, please review our cookie policy located here. When you use an Website or Applications, we will also receive personal data your device automatically communicates to us, such as information about your location, and other technical information about your device and the software it uses.  

When your organization or a third party provides it to us. Your organization may provide us with your personal data so that we may activate and manage your access and sue of the Services. We may also receive personal data from our parent company, Halma plc, or its affiliates. If we receive personal data from Halma plc or its affiliates, you will have been informed that your personal data may be transferred to us and informed of the purpose of that transfer.  We may also receive your personal data from carefully vetted third parties who provide services on our behalf (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies).

How do we use the personal data we collect?

We may use your personal data for the following purposes:

  • to perform our obligations arising under our contract with you;
  • to provide you with information you request;
  • to provide you with information about other goods and services we offer that are similar to those that you have already purchased or inquired about (you will be given opportunities to opt out of these communications);
  • to notify you about changes to the services we offer or products we sell (e.g., changes in opening hours, delivery charges, delivery options, warranty/returns processes etc.)
  • to ensure the content provided in our Services is presented in the most effective manner for you and for your device;
  • to administer our Website and Applications, and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • to allow you to participate in interactive features of our Services, when you choose to do so;
  • as part of our efforts to keep our site safe and secure;
  • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you or others; and
  • to distinguish you from other users of our site.


Legal basis for processing

We must have a lawful basis for processing your personal data; this will vary on the circumstances of how and why we have your personal data.

We may process your personal data by relying on the following lawful bases: when you have given us consent to process your personal data for one or more specific purposes to perform a contract we are about to enter into or have entered into with you, to comply with a legal obligation (e.g., providing information to governmental or  regulatory bodies); and when it is for our legitimate interests and your interests rights do not override those interests (e.g., to send you information about our products and services, to make our services more efficient, to develop our product offerings or to carry out fraud prevention activities).

We do not process any special categories of information (i.e., information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic data, processing of biometric data for the purpose of uniquely identifying individuals, health data, or data concerning your sex life or sexual orientation). 

With whom do we share your personal data? 

You agree that we have the right to share your personal data with:

Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. This may include transferring your personal data outside of the European Economic Area.

Selected third parties including: business partners, suppliers and sub-contractors for the performance of any contract we enter into with you; analytics and search engine providers that assist us in the improvement and optimization of our site; credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you; third party organizations which process data for us and on our behalf. These third parties may be based (or store or process personal data) in the UK or elsewhere including outside of the EEA. As with many businesses, these third parties may include third party IT platforms (including cloud-based platforms), suppliers of administrative and support services and suppliers of other specialist products.

We may also disclose your personal  data to third parties:

In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.

If a third party acquires some or all of our business or assets during a re-structuring, , in which case personal data held by us may be one of the transferred assets.

If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of us, our customers, or others. This includes exchanging your personal data with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Where do we store your personal data?

The data that we collect from you may be transferred to, and stored throughout the world, including at destinations inside and outside of the USA and European Economic Area (“EEA”). It may also be processed by staff operating inside and outside of the USA and EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the fulfillment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy and all relevant data protection legislation (including the provisions requiring appropriate safeguards for out of EEA transfers). Further information is available on request.

All personal data you provide to us is stored on secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our site; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorized access.

How long do we store your personal data?

We keep your personal data for no longer than is necessary for the purposes it was collected for. The length of time we retain your personal data for is determined by operational and legal considerations. For example, we are legally required to hold some types of personal data to fulfill our statutory and regulatory obligations (e.g. tax/accounting purposes).

We review our retention periods on a regular basis. If you need more information on this, please contact: [email protected]

Your rights

GDPR gives you the right to access personal data held about you. Your right of access can be exercised in accordance with GDPR, and can be achieved by contacting [email protected]. We may require you to provide sufficient information to us in order that we can satisfy ourselves as to your identity.

You have the right to ask us not to process your personal data for marketing purposes including profiling for these purposes. We will inform you (before collecting your data) if we intend to use your personal data for such purposes or if we intend to disclose your personal data to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your personal data. You can also exercise the right at any time by contacting us at [email protected].

You have the right to require us to correct any mistakes in your personal data which we hold. You also have the right to object to, request erasure or request the restriction of the processing of personal data concerning you in certain situations.

You have the right to receive the personal data which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations.

You also have the right to object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you (although we do not currently carry out any such decision making).

More details on your rights can be seen by visiting You can also make a complaint to the ICO at any time about how we process your information.


Changes to our privacy policy and other websites

We may change this privacy notice from time to time as our business and internal practices and/or applicable laws change. We will not make any use of your personal data that is inconsistent with the original purpose(s) for which it was collected or obtained (if we intend to do so, we will notify you in advance wherever possible via our site and/or otherwise contact you by post or email) or otherwise than is permitted by applicable law.

Please check back frequently to see any updates or changes to our privacy policy.

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.


Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to [email protected].

For individuals who are California residents, the California Consumer Privacy Act requires disclosures about the categories of personal data Ocean Optics, Inc. (d/b/a Ocean Insights and owner of the Wave Illumination brand) (“we”, “us, or “our”) collects and how we use it, the categories of sources from where collect personal information, and the third parties that we share it with. While we have set out the categories below as required by the California Consumer Privacy Act, you can review our Privacy Policy as previously disclosed to you and which have not changed under this notice.

Depending on how you interact with us, we may collect the following categories of information as summarized in the table below.

All of the categories of personal information we collect about you (as detailed below) come from the following categories of sources:

You, including through your use of the Wave Illumination website ( (“Website”), offer certain software applications, including without limitation the Wave illumination mobile application for both iOS and Android (“Applications”), (hereinafter the Website and Applications are collectively referred to as the “Services”);

Automatically collected from you;

Your organization;

Our affiliate companies; and

Third parties.

Categories of Business/Commercial Purposes for Our Use of Your Information 

All of the categories of personal information we collect about you (as detailed above) are used for the following purposes:

  • Providing our services (e.g., account servicing and maintenance, customer service, advertising and marketing, analytics, and communication about our products and services);
  • For our operational purposes, and the operational purposes of our service providers and integration partners;
  • Improving our existing products services and developing new products and services;
  • Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
  • Bug detection, error reporting, and activities to maintain the quality or safety of our services;
  • Auditing consumer interactions on our site (e.g., measuring ad impressions); and
  • Other uses that we notify you about.

California Rights and Choices

Subject to certain restrictions, California residents have the right to request that we disclose what personal information we collect about you, to delete any personal information that we collected from or maintain about you, and to opt-out of the sale of personal information about you. As a California resident, you also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests, including our means of verifying your identity.

Right to request access to your personal information

California residents have the right to request that we disclose what categories of personal information that we collect, use, or sell about you. You may also request the specific pieces of personal information that we have collected about you, the categories sources where we obtain your personal information, and the purpose we have for collecting or selling your personal information. Please note however, that we are not required to (1) retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained; or (2) re-identify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; or (3) provide the personal information to you more than twice in a 12-month period.

Right to request disclosure of personal information sold or used for a business purpose.

If you are a California resident, you have right to request that we disclose to you the categories of your personal information that we disclosed to third parties for a business purpose.  However, since we do not “sell” your personal information, as we understand that term to be defined by the California Consumer Privacy Act and its implementing regulations, there is no information to provide to you about the sale of your personal information. 

Right to request deletion of your personal information

You may also request that we delete any personal information that we have collected from/about you, and that we direct any service providers to delete your personal information from their records.  However, we may retain personal information as authorized under applicable law, such as personal information required as necessary to provide our products and services, protect our business and systems from fraudulent activity, and to comply with legal obligations. We need certain types of information so that we can provide our services. If you ask us to delete it, you may no longer be able to access or use our services.

How to exercise your access and deletion rights

California residents may exercise their California privacy rights by emailing us at [email protected]

For security purposes, we may request additional information from you to verify your identity when you request to exercise your California privacy rights.

We will request additional information from you to match with our existing records to verify your identity, depending on the nature of the request and the sensitivity of the information sought.

Once you submit a request to (1) access the categories of personal information we have about you or (2) obtain a copy of specific pieces of personal information we have about you, we will ask that you verify your identity.

To request that we delete personal information we have collected from you, you will need to authenticate your identity with us and once your identity is authenticated, we will initiate the deletion process.

Sales of Personal Information

California residents may opt out of the “sale” of their personal information. We do not “sell” your personal information as we understand that term to be defined by the California Consumer Privacy Act and its implementing regulations.

Non-Discrimination Rights

California residents have the right to not be discriminated against for exercising their rights as described in this section. We will not discriminate against you for exercising your CCPA rights.

Do Not Track

Do Not Track is a privacy preference that users can set in their web browsers. When a user turns on the Do Not Track signal, the browser sends a message to websites requesting them not to track the user. We currently do not respond to “Do Not Track” or similar signals.


If you have any questions, comments and/or requests regarding your personal data, please contact [email protected]

Disclaimer: This is not to be understood as legal advice or representative of our interpretation of privacy laws. This is intended to help our customers understand our approach to CCPA in practical terms. If you have questions about CCPA or require advice on any of the areas covered, please seek independent legal counsel.

Cookies are small text files that are stored in your device’s browser when you visit a website. Cookies make it possible to recognize you as the same user across one or more browsing sessions, and across one or more websites.

We and our third party partners use cookies for a variety of purposes, including remembering your sign-in credentials and preferences so that you do not have to input them each time you use our services; customizing your experience using the services, including by determining the most relevant content and advertisements to show you; and allowing us and third parties to monitor website traffic and performance so that we may improve our services.

We may use both session cookies and persistent cookies on this website. A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. We may link the information we store in cookies to your personal information in order to provide a faster and more pleasant online experience. You can refuse cookies by turning them off in your browser. You do not need to have cookies turned on to use this website. If you reject cookies, you may still use our website, but your ability to use some areas of our website will be limited. We may use session cookies to make it easier for you to navigate our website. We use session cookies to record session information, such as which web pages a user has visited, and to track user activity on the website. Session cookies expire when you close your browser.

We also may use persistent cookies to track and target the interests of our users to enhance the experience on our website. Persistent cookies remain on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your browser’s “help” file.