Welcome to WFAA

Welcome to the Waste Facilities Audit Association. WFAA was formed in 1993 principally in response to tightening legal environmental requirements, increased cost of waste disposal and increased public and corporate expectation.

The WFAA is a non-profit making association of companies who in the course of their normal business activities generate waste. For more information download our brochure. Aims of the WFAA To assist members in obtaining authoritative information on UK, Irish & mainland Europe waste management facilities through commissioning and sharing independent audits at cost effective rates. [More …]

Home Featured

EDOC News

The new way to record waste transfers. Environment Agency Electronic Duty of Care News

Home Featured

Prospect Law

Latest newsletter, legal information and commentary on environment and waste matters from Prospect Law.

Home Featured

AECOM

AECOM have provided environmental auditing and other support services to the WFAA for over 10 years.

Home Featured

weathershop.co.uk

Weather instruments, barometers, weather stations and environmental monitoring solutions for commercial or educational needs

Home Featured

Planned Changes to ISO140001

ISO 14001:2004, the standard for the development, implementation and application of an effective environmental management system, is being revised.

Home Featured

Did you know?

WFAA members commission audits of waste facilities that they commonly use in the UK and mainland Europe through expert international environmental consultants.

Members and Consultants

WFAA Audits

To see the current list of WFAA commissioned audits you can access an interactive database of waste sites over-layed on to Google Maps or Google Earth with map pins representing each site and giving more infomation on the site.

CIWM

As the leading professional body for resource and waste professionals, CIWM is the voice of the sector and represents over 5,500 individuals and organisations in the UK and overseas.

MIROG

AECOM founded the Major Infrastructure–Resources Optimisation Group (MI-ROG) in 2013 as a forum for the UK’s infrastructure operators to collaborate across the circular economy theme and to meet the challenge of delivering major infrastructure in a constrained economy.

Upcoming Events

The Waste Facilities Audit Association, Zoom Webinar – Tuesday 30 June 2020 at 11am BST. More details  available here.

Please note that due to the uncertainty with travel arrangements and the Coronavirus, the meeting on 8 April 2020 has been rescheduled to 14 October 2020

  • WFAA Seminar 14 October 2020 at BT, BT Tower, London. For further information please contact the WFAA Secretariat secretariat@wfaa.org.uk

Login Status

Featured Video

Site Security

This site is secured by Secure Sockets Layer (SSL), a standard security technology for establishing an encrypted link between a web server and a client.

WFAA Privacy Policy

1 WFAA Privacy Notice

1.1 At WFAA, we respect your privacy and commit to protecting your personal data. This notice explains what we do with your personal data, why we want to use it, how we protect it, and what rights you have to control our use of it.

1.2 It applies to use of our website and personal data that we process via other interactions in the course of running our organisation, with individuals such as the staff of our member group companies, customers, partners and suppliers.

1.3 Our website and services are not intended for children and we do not knowingly collect data relating to children.

1.4 WFAA is a membership organisation for businesses which generate waste.

1.5 We collect, use and are responsible for certain personal data about you and those activities are regulated under the General Data Protection Regulation (“GDPR”), which applies across the European Union (including the United Kingdom). We are responsible as “data controller” of that personal information under GDPR.

1.6 This privacy notice is issued on behalf of all group companies, so when we mention “WFAA”, “we”, “us” or “our”, we are referring to the relevant group company responsible for processing your data.

1.7 Our contact address is c/o Tempcon Instrumentation Limited, Unit 19, Ford Lane Business Park, Ford Lane, Ford, nr Arundel, West Sussex BN18 0UZ.

1.8 Our mission is to assist members in obtaining authoritative information on UK, Irish and European waste management facilities through commissioning and sharing independent audits and providing information exchange between members through provision of discussion forum on our website, regular seminars, meetings and the WFAA web site’s document management system.

1.9 If you want to contact us about this privacy notice, or generally about how we protect your privacy, please email us at secretariat@wfaa.org.uk

2 The purpose and lawful basis for processing your personal data, how we collect it and how long we hold it for

2.1 Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

2.2 We use personal data from different categories of individual for several different purposes and these each have a different lawful basis. This section describes these in detail and, although it’s technical, we’re required by law to explain this to you.

2.3 If you visit any of our websites:
(a) We may in the future use Google Analytics on our website to track visitor numbers and user activity on our site. We record your computer’s IP address, so we can tell how each user and repeat visitor is using our site (your IP address is also a piece of your personal data). We do this on the basis that it is necessary for our legitimate interests in tracking website users so that we can improve our service and keep our websites relevant and useful. The IP address information will be held in accordance with Google’s standard procedures.
(b) If you fill in a “contact us” form we will hold your name, contact details and any other text you enter for the purpose of corresponding with you. We do this on the basis that it is necessary for our legitimate interests in running our business.
(c) If you are an employee, worker or contractor of a customer or partner of WFAA or if you are an industry contact or working in a field relevant to our mission: we may hold your name, company, job title and contact details. We may have been provided with this data by you or your employer or in some cases we may have sourced it from publicly available sources, such as Linked In and internet searches. We need this data in order to interact with you (or your employer) for the following purposes:
(i) Running and developing our business;
(ii) Communicating with interested people regarding industry events, news and updates.
We do this on the basis that it is necessary for our legitimate interests in running and growing our business. We will hold your details for as long as we need to interact with you for these purposes. In all cases if you would like us to update or delete your information, just send us an email (see “How to contact us” below).
(d) If you are a supplier or an employee, worker or contractor of a supplier: we may hold your name and contact details because we have a legitimate interest in doing business with your company. Our purpose for processing your personal data is to interact with you or your employer to procure and pay for goods and services. We will aim to hold this information for as long as we need to interact with you.

2.4 In some cases where we are required to collect personal data by law or under a contract with you or your employer, if you fail to provide the personal data requested we will not be able to perform the contract we have or are trying to enter into with you or your employer.

2.5 Who we share your personal data with:
(a) If you visit our website, we use Google Analytics (as our ‘data processor’) to store your IP address and user journey on our website.
(b) If you work for a customer, partner or supplier or are an industry contact we may hold your name and contact details in email and contacts applications provided and hosted by Microsoft (as our ‘data processor’). We may also hold data in spreadsheets or documents stored in Dropbox (as our ‘data processor’) and/or SMARTdoc (as our ‘data processor’).
(c) We may also hold your contact details on our accounting system, Sage (as our ‘data processor’).

2.6 We may also share your personal data with third parties in the following circumstances:
(a) We will share personal information with law enforcement or other authorities (such as tax authorities) if required by applicable law.
(b) We may share personal information with third parties to whom we may choose to sell, transfer, or merge parts of our organisation or our assets. Alternatively, we may seek to acquire other organisations or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
(c) We may share personal information with professional advisors such as lawyers, accountants or auditors in order to provide legal, accounting or auditing services.

2.7 We will not sell or rent your information to third parties and we will never share your information with third parties for marketing purposes.

3 International transfers of personal data, and the measures in place to safeguard it

3.1 We do not directly transfer any of your personal data outside the European Economic Area (EEA). However, some of our data processors may do so and this section explains the impact of these international transfers and how your information is protected.

3.2 Several of our data processors (e.g. Microsoft, Dropbox and Egnyte) operate “cloud-based systems”, which means the information is held in information data centres in different locations.

3.3 All the cloud-based systems we use reserve the right to hold copies of your personal information outside the EEA. Please note that the reason companies may choose to do this is to hold back-up copies, so they can guarantee recovery.

3.4 Microsoft, Dropbox and Sage may transfer your personal information to cloud data centers in the USA. The personal privacy laws and safeguards in the USA are not equivalent to those in the EEA, so the European Commission has approved a system called “EU-US Privacy Shield” to make sure the personal information of European citizens is properly protected if held by participating companies in the USA. For further details, see European Commission: EU-US Privacy Shield.

4 Your personal data rights

4.1 The personal data we hold about you is your data, so you have certain rights over the data under the GDPR. This section summarises your rights and how you can exercise them (generally free of charge).

4.2 You have the right to request a copy of all personal data we hold relating to you. You also have the right to require us to correct any mistakes in the personal data we hold relating to you.

4.3 Where we are processing your data based on your consent you can withdraw that consent and we must immediately stop processing your data. Please note that up to that point, we’re acting lawfully with your consent, withdrawal of consent cannot be backdated.

4.4 Where we process your data based on a “legitimate interest” (underlined in the section on “purpose and lawful basis”, above) you still have the right to object to our processing of that data if you feel it impacts on your fundamental rights and freedoms. From that point, we must stop processing your data until we have determined whether your rights override our interests.

4.5 You also have the right to object where we are processing your personal data for direct marketing purposes.

4.6 In certain situations, you have the right to require us to erase personal data where there is no good reason for us continuing to process it. However, note that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

4.7 You have the right to request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
(a) if you want us to establish the data’s accuracy;
(b) where our use of the data is unlawful, but you do not want us to erase it;
(c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
(d) where you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

4.8 Finally, you have the right to request the transfer of your personal data to you or a third party in a structured, commonly used, machine-readable format. Note that this right only applies to automated processing of information about you, which we carry out based on your consent or where it is necessary to perform a contract with you.

4.9 For further information on each of these rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.

4.10 If you would like to exercise any of these rights, the easiest way is by dropping us an email (see “How to contact us” below). Please note:
(a) We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
(b) We try to respond to all legitimate requests quickly, but in any event within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

5 Your rights to lodge a complaint with the Regulator

5.1 At all times, you have the right to report a concern or lodge a complaint with the Information Commissioner’s Office. Please refer to the ICO at https://ico.org.uk/concerns/ or by calling them on 0303 123 1113. Of course, we hope that we can resolve your issue quickly and fairly.

6 Limit of Liability

6.1 As a membership organisation for businesses WFAA excludes all implied conditions, warranties, representations or other terms that may apply to our site or any content or the consequence of relying on such content on it.

6.2 We will not be liable to you for any loss or damage, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, even if foreseeable, arising under or in connection with:
(a) use of, or inability to use, our site;
(b) use of or reliance on any content displayed on our site or appearing in or referred to on or in any discussion forums displayed on our site.
(c) In particular, (but without limitation) we will not be liable for:
(i) loss of profits, sales, business, or revenue;
(ii) business interruption;
(iii) loss of anticipated savings;
(iv) loss of business opportunity, goodwill or reputation; or
(v) any indirect or consequential loss or damage.
7 Automated processing of your personal data

7.1 We do not undertake any automated processing of personal data, or profiling.

7.2 Note that you have a right to object to any decisions being taken through the processing of your personal data by automated means if they produce legal effects concerning you or similarly significant effects on you. We do not use your personal data in a way that makes such decisions.

8 Keeping your personal information secure

8.1 We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. In addition, we limit access to your personal data to those employees, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

8.2 We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

9 Other purposes for processing personal data

9.1 We don’t process your personal data for any other purpose than we’ve described here. We won’t sell your personal data to other companies.

9.2 As we develop our activities and services, we might add new data processes that use your personal information. Should we decide that we want to develop a new processing purpose, we will contact you to let you know what we intend to do, the lawful basis we will use, and your rights over our intended new processing. We’ll also publish information about it here.

10 Changes to this privacy notice

10.1 This privacy notice was last updated on 31 May 2019 and historic versions can be obtained by contacting us.

10.2 We may change this privacy notice from time to time by amending this page.

How to contact us:
If you have any questions, concerns or just want some more information about our privacy management, drop us a line at secretariat@wfaa.org.uk

WFAA GDPR Privacy Policy -10 July 2019