We use Google Analytics on this web-site (anonymised IP addresses) to understand how visitors use our web-site. Your visitor data will be sent to the U.S. and with the recent revocation of the EU-US Privacy shield we now require user consent prior to users accessing and using this site.

Cookie & Privacy Policy

Privacy Policy – March 2021 

 This Website collects some Personal Data from its Users. Among the types of Personal Data that this Website collects, by itself or through third parties, there are: Cookies; Usage Data; first name; last name; phone number; email address. Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection. 


This Privacy Policy outlines how NextWave Consulting Limited and Infinium Consulting B.V (“we”, “us”, or “our”) may collect personally identifiable data from you through this website. Please read the terms of this policy carefully. If you do not agree to these terms, please do not continue to use this website. NextWave Consulting and Infinium Consulting B.V process personal data of current, future and ex-employees, (customers and employees of) customers, suppliers and other parties. We may receive information from you, for example via our website, e-mail, telephone or app. In addition, we can obtain your personal data in the context of our services via third parties (e.g. your employer). We process your personal data according to the rules of the General Data Protection Regulation (‘AVG’). This privacy statement provides you with information as to how we deal with your personal data.  

Owner and Data Controller 

The Data Controller is the person or business that determines the manner in which personal data is processed, and is responsible for the security of any personal data that has been collected. For the purposes of data protection legislation in force from time to time the data controller is NextWave Consulting or Infinium Consulting (or “we”), while the Data Subject is any individual we process personal data for (referred to throughout as “you”).  The nominated data protection representative at NextWave Consulting is our COO/CEO, and can be contacted at the following: 

 Email: HR@Nextwave.co.uk 

Address: 71-75 Shelton Street, Covent Garden, London WC2 9JQ 

 The nominated data protection representative at Infinium Consulting B.V is Jeanette Zeilmaker, and can be contacted at the following: 

Email: operations@infinium.consulting. 

Address: 9th Floor, UN Studio, Parnassusweg 819, 1082 LZ, Amsterdam, The Netherlands 

Personal Data we Collect  

When you register to download a report, register to view a document or submit a CV via our website, certain personal data will be requested from you, such as your name, email address and phone number. If you opt in to receiving job alerts via our website, additional data may be requested from you, such as your job search criteria and salary expectations. 

NextWave Consulting and Infinium Consulting B.V are committed to all aspects of data protection and takes seriously its duties, and the duties of its employees. When you submit personal data via our website, you understand that NextWave Consulting and Infinium Consulting B.V may store your information on our secure server in accordance with our data Retention and Destruction policy. If you would like to review this policy, please contact our Data Controller by emailing HR@Nextwave.co.uk or operations@infinium.consulting.  

Should any of the personal data you submit to us change, please notify us without delay so we can ensure your details are kept up to date and accurate. 

Sources we collect personal data from include, but are not limited to, the following: 

  • When you complete a form on our website; 
  • when you send your CV to us; 
  • when you apply for a role we advertise; 
  • through our website (please refer to our website Privacy Policy for details); 
  • Online jobsites; 
  • Social media (i.e. LinkedIn); 
  • Telephone call; 
  • the public domain; 

Types of Data collected 

Among the types of Personal Data that this Website collects, by itself or through third parties, there are: Cookies; Usage Data; first name; last name; phone number; email address. 

  • Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Website. 
  • Unless specified otherwise, all Data requested by this Website is mandatory and failure to provide this Data may make it impossible for this Website to provide its services. In cases where this Website specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service. 
  • Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner. 
  • Any use of Cookies – or of other tracking tools – by this Website or by the owners of third-party services used by this Website serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy, if available. 
  • Users are responsible for any third-party Personal Data obtained, published or shared through this Website and confirm that they have the third party’s consent to provide the Data to the Owner. 

Legal Basis for Processing 

Our legal basis for the processing of personal data is our legitimate interests, although we will also rely on contractual obligations to which you are subject, legal obligations and consent for specific uses of data. We will rely on contractual obligations if we are negotiating or have entered into a placement agreement with you or your organisation or any other contract to provide services to you or receive services from you or your organisation. We will rely on legal obligation in some cases, where we are required by local laws or regulations to process your data. We will in some circumstances rely on consent for particular uses of your data. Where we rely on consent, you will be asked for your express consent.  

Methods of processing 

The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Website (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time. 

Social Media 

You can also connect to us through LinkedIn via the links on our home page. Please note that we are not responsible for the content or privacy practices of non-NextWave Consulting or non-Infinium Consulting B.V webpages to which this site may link. 

Retention periods 

We will not process your personal data for longer than is useful for the purpose for which it was provided (see the section on ‘Goals of and bases for processing’). This means that your personal data will be kept for as long as it is necessary to achieve the relevant goals. Certain data must be retained for a longer period of time (often 7 years) because we have to comply with statutory custody obligations (for example the fiscal retention obligation) or in connection with instructions from our professional association. 


We have taken appropriate organisational and technical measures for the protection of the personal data insofar as these can reasonably be required of us, taking into account the interest to be protected, the state of the technology and the costs of the relevant security measures. We oblige our employees and any third parties who necessarily have access to the personal data to secrecy.  

Furthermore, we ensure that our employees have received a correct and complete instruction on the handling of personal data and that they are sufficiently familiar with the responsibilities and obligations of the AVG. If you appreciate this, we will gladly inform you about how we have designed the protection of personal data. 

Your rights 

You have the right to inspect, rectify or delete the personal data that we have from you (except, of course, if this would interfere with any legal obligations). You can also object to the processing of your personal data (or a part thereof) by us or by one of our processors. You also have the right to have the information provided by you, transferred by us to yourself, or directly to another party if you so wish. 

Incidents with personal data 

If there is an incident (a so-called data leak) regarding the personal data concerned, we will inform you without delay, subject to compelling reasons, if there is a real chance of negative consequences for your privacy. We will aim to do this within 72 hours after we have discovered this data breach or have been informed about this by our (sub) processors. 

Invalidation of the EU-US Privacy shield 

A recent ruling (July 2020) by the EU, invalidates the EU-US privacy shield. As such we have recently amended our privacy statement to align with this new ruling. In the EU we work with several parties; Siteground (web-site)MicrosoftFreshteamsScoro and Surveyanyplace. Google Analytics is US based and there are on-going privacy discussions with the EU. We have taken measures to anonymise user IP addresses and to remove any Personal Identifiable Information (PII) that is passed to Google from our web-site. All users to the web-site also now have to consent to the Cookies prior to using the site. 


It is possible that our privacy policy needs further amendment and improvement in the future. We, therefore, reserve the right to make changes to this privacy statement. The most recent version of the privacy statement can always be found on our website. 

Finally, we hope that with this privacy statement we have given you a clear picture of our privacy policy. If, however, you have questions about how we handle personal data, please let us know. The first point of contact for privacy aspects at our organisation is our nominated data protection representative, and can be contacted at the following: 

HR@Nextwave.co.uk or operations@infinium.consulting.  


Cookies are files containing a marginal amount of data, stored on a user’s computer by their web browser. Most websites use cookies, and these are not considered to be harmful to your system. We use functionality cookies to facilitate easier use of our website, and when you view our website, cookies are not used to track your visit. Session cookies are used when signing into a registered account on our website, so the user can remain signed in. Our servers may log your computer’s IP address, to maintain system security and prevent unauthorised access. 

 By registering on our website, you are giving your consent to the use of cookies as outlined above. You can review your cookie settings via your internet browser. Disabling your cookies may prevent certain functions of our website from operating correctly. 

 How can I control the cookie preferences? 

Should you decide to change your preferences later through your browsing session, you can click on the “Privacy & Cookie Policy” tab on your screen. This will display the consent notice again enabling you to change your preferences or withdraw your consent entirely. 

In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. To find out more about how to manage and delete cookies, visit wikipedia.org, www.allaboutcookies.org.