Oxford Computer Consultants is committed to protecting and respecting your privacy and security. Whenever you provide us with your personal information via our website “Site(s)”, we will treat that information in accordance with this policy, our terms and conditions and current UK Data Protection legislation. By giving us your consent to process your data, you agree to be bound by this policy.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. This policy may change from time to time, so please check this page periodically.
Oxford Computer Consultants
Oxford Computer Consultants (OCC) is a company limited by guarantee (number 3521204). The registered address is 23-38 Hythe Bridge Street, Oxford OX1 2EP.
OCC is the Data Controller for all data submitted via the OCC website. Our Data Protection Officer is Hamsa Hassan (Head of Information Governance and Data Protection Officer).
You can contact us at the address above or by email to firstname.lastname@example.org.
Your privacy is important to OCC and we are committed to respecting information about you. We comply with the provisions of the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
In general, you can visit the OCC website without telling us who you are and without revealing any information about yourself. There are times, however, when we may request information from you such as your name, address or e-mail address, for example, if we hope to correspond with you.
By providing your consent, you agree to being contacted by Oxford Computer Consultants where you have submitted your details on the Contact page (email address, address and telephone number). Any information that you agree to give us will be protected by technical and organisational processes. You can unsubscribe from these communications at any time by emailing us at email@example.com.
Data entered on the OCC website is not explicitly shared with any third parties, though data will be stored in Microsoft Office and/or MailChimp.
In accordance with UK General Data Protection Regulation (UK GDPR), the legal basis for our processing of your data is consent (for the purposes listed in the section below). You may withdraw this consent at any time by contacting us by email at firstname.lastname@example.org or by post at our registered address (see above) UK GDPR provides you (the data subject) with the following rights regarding your personal data:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
What personal information is collected from you?
When you visit the Site, we collect various personal information which will include your name, address, contact details, preferences, IP address, and information regarding what pages are accessed and when.
Who has access to your information?
We are committed to protecting the personal data of our supporters, customers and members. Any details you give us will be held in accordance with the General Data Protection Regulation 2016 and Data Protection Act 2018. Oxford Computer Consultants is the sole owner of the information collected on this Site. We will not sell, share, or rent this information to third parties, unless we have your explicit permission to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime. Where you have given us permission, we may contact you about other services and products or pass your details to similar organisations.
Data retention policy
Your data will be retained no longer than is necessary for the data processing purposes identified above; this will be determined based on consent. We will hold the data you submit until your consent is withdrawn or until the details we hold are no longer considered to be valid. Your data will be deleted within one month at the latest if you withdraw your consent to continued processing and request that your data be erased.
For the purposes of business continuity, we create regular backups of website data. Backups will be retained not longer than 30 days. If data is erased, any backup of the data will be deleted at the end of the retention period. However, should we restore any data from a backup before the retention period has elapsed, we will manually remove all such data from the restored system (rather than attempt to delete the data from all the backups).
Google Analytics sets cookies to help us accurately estimate the number of visitors to the website and volumes of usage. This to ensure that the service is available when you want it and fast.
Typical content: randomly generated number
Expires: 2 years
Typical content: randomly generated number
Expires: 30 minutes
Typical content: randomly generated number
Expires: when user exits browser
Typical content: randomly generated number + info on how the site was reached (e.g. directly or via a link, organic search or paid search)
Expires: 6 months
For more information about Google Analytics visit Google Analytics website.
Removing and disabling cookies
If you do not wish to accept cookies on to your machine you can disable them by adjusting the settings on your browser. However, this will affect the functionality of the websites you visit. To find out more about how to delete and disable cookies, visit www.aboutcookies.org.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take employ security best practice to ensure that it is treated securely. The transmission of all information you send to, and receive from, the Site is encrypted. Once we receive your information, it is stored on our secure servers and protected by our strict security procedures.
Whilst we take reasonable steps to protect your personal information, the internet is not completely secure and as such Oxford Computer Consultants cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Where we have given (or where you have chosen) a password which enables you to access certain parts of our Sites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
What happens when visitors link to another site?
18 or Under
Whilst the OCC web sites is not directed towards children, we are committed to complying with applicable laws and requirements such as the UK Children Act 1989. If you are aged 18 or under, you are not allowed to provide us with personal information via the website.
If at any time you would like to contact us with your views about our privacy practices, or with any enquiry relating to your personal information, you can do so by sending an e-mail to us at email@example.com.
If you wish to access, correct or delete any of your personal data held by us, or if you have any questions regarding this statement, please contact us by emailing firstname.lastname@example.org or by post to: Communications Manager, Oxford Computer Consultants, 23-38 Hythe Bridge Street, Oxford OX1 2EP.