Effective: 25 May 2018
Revised: 26 August 2022
Oxquant Consulting Limited ("Oxquant", "we", "us", "our") know how important privacy is to our clients. We wish to be clear about how we may collect, use, disclose, transfer and store your personal information.
We may collect various types of information, including:
information you provide directly to us;
information we may collect about your use of our Services;
information we may obtain from third-party sources; and
other information we may collect.
1.1 Information you provide directly
Some of our Services may enable you to give us information directly. For example, if you create an account or profile and agree to provide information about yourself to set up the account or profile. Such information about yourself is likely to include your name and email address and other necessary information that we might reasonably request in order to set up your account or profile. If you order a product or paid service from us, we will typically ask for your name, email address, at least one phone number, shipping address and payment information in order to process your order.
1.2 Information about your use of our Services
In addition to the information you provide, we may collect information about your use of our Services through software on your device and other means. For example, we may collect:
device information such as your hardware model, device hardware information, IMEI number and other unique device identifiers, phone number, serial number, MAC address, IP address, cookies, operating system versions and settings of the device you use to access the Services;
log information such as diagnostic, technical, error and usage information such as the time and duration of your use of the Service, search query terms you enter through the Services, and any information stored in cookies that we have set on your device;
location information such as your device's GPS signal or information about nearby Wi-Fi access points and cell towers that may be transmitted to us when you use certain Services and enable this function; and possibly
other information about your use of the Services, such as the apps you use, the websites you visit, and how you interact with content offered through a Service.
1.3 Information from third-party sources
We may receive information about you from publicly and commercially available sources (as permitted by law), that we may combine with other information we receive from or about you. We also may receive information about you from third-party social networking services when you choose to connect with those services.
1.4 Other information we collect
We may also collect other information about you, any device you use to connect with us, or your use of the Services we offer in ways that we describe to you at the point of collection or otherwise with your separate consent where required. You can choose not to provide us with certain types of information but doing so may affect your ability to use our Services. We will provide you with relevant information at such time and the ability to decline permission for us to collect such data.
2 Use and Sharing of Information
We may use the information we collect (among other things) to:
provide the Services you request;
understand and improve the way you use the Services we provide; and
provide specific content and advertising with your separate consent where required.
We may share your information:
internally within Oxquant with relevant teams for legitimate business reasons;
other legal entities related to Oxquant by common ownership or control;
business partners trusted companies where you have provided your separate consent;
service providers reputable companies that provide services for or on behalf of Oxquant whose privacy policies are generally in accordance with that of our own; and
legal and/or other authorities when we are required or compelled to do so by law.
3 Keeping Your Information Secure
We take the protection of your data extremely seriously and have put in place appropriate physical and other technical measures to safeguard the information we collect in connection with the Services we offer. Note that no website, Internet transmission, computer system, wireless connection or other electronic communication mechanism can be assumed to be completely secure.
Your use of our Services may involve the transfer, storage, and processing of your personal information outside of your country of residence. In addition, your use of the Services may also involve the transfer, storage, and processing of your personal information within or outside of the European Economic Area (EEA). We will take appropriate measures, in compliance with applicable law, to ensure that your personal information remains protected. Such measures include the use of standard contractual clauses to safeguard the transfer of data outside of the EEA. We will only transfer data to countries outside of the EEA that we believe offer an appropriate level of protection.
We will not keep your personal data for longer than is necessary for the purpose it was collected. This means that data will be destroyed or erased from our systems when it is no longer required. We will generally retain your data only for as long as is necessary for the purpose for which it was collected, is processed, or longer if required under any contract, by applicable law, or for statistical purposes.
Our Services may link to third-party websites and services that are outside our control. We are not responsible for the security or privacy of any information collected by third-party websites or other services. You should exercise caution and review the privacy statements applicable to such third-party websites and any services you decide to use.
Cookies are small files that store information on your computer, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices, and/or browsing sessions. Cookies serve many useful purposes. For example, they can remember your sign-in credentials so you don't have to enter those credentials each time you log on to a service, help us understand which parts of our Service are the most popular because they help us to see which pages and features visitors access most frequently and for how long. Your chosen web browser is likely to give you some control over how cookies are treated. However, all browsers are different and you may not have control over all cookie features.
6.2 Social network plugins
Our Services may make use of certain social network plugins. When you use a Service that contains plugins, information may be directly transferred from your device to the operator of the social network. We have no influence over the data gathered by the plugin. If you are logged into a social network when you use our Service, it may be referenced to your social network account. If you interact with the plugins, for example by clicking "Like", "Follow", or "Share", or enter a comment, the information may automatically show in your social network profile. Even if you are not logged into a social network account, it may be possible that the plugins transmit your IP address to the social network operators. Please consider this when using our Services.
It is rare that we will engage in direct marketing. If we do, we will have taken steps to obtain your explicit consent to do so. In addition, we will ensure that the marketing materials we send to you cover legitimate business interests that we believe are of benefit to you and that the material being sent is something you would usually expect to receive.
As well as giving us explicit opt-in consent to market to you, you always retain the right to opt-out of any or all marketing at any time regardless of any previous consent given. Marketing covers all electronic communication including phone, email, text, web chat and social networking communication methods; as well as printed or handwritten communication. You may contact the relevant marketing team or firstname.lastname@example.org at any time if you wish to withdraw your marketing consent.
8 Privacy of Persons Under 16
Our Service does not address anyone under the age of 16.
We do not knowingly collect personally identifiable information from anyone below the age of 16. If you are a parent, guardian or other person and you are aware that a person below the age of 16 for which you are legally responsible has provided us with personal data, please contact us at email@example.com granting us specific permission or requesting removal of this information; see also Section 10 below. If we become aware that we have collected personal data from anyone below the age of 16 without suitable consent, we will take immediate steps to remove that information from our systems.
9 Data Protection Regulation
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within both the European Union and the wider European Economic Area. GDPR came into force on the 24 May 2016 and its provisions became directly applicable in all member states on the 25 May 2018. The Data Protection Act 2018 (DPA 2018) sets out the framework for data protection law in the UK. It sits alongside the GDPR, and tailors how GDPR applies in the UK. DPA 2018 updates and replaces the Data Protection Act 1998 and came into effect on the 25 May 2018.
The UK regained full autonomy over its data protection rules from 1 January 2021. The EU-UK Trade and Cooperation Agreement bridging mechanism for personal data (Part Seven, Article FINPROV.10A) operates on the basis of UK law, as it stands on 1 January, and with some restrictions on the UK's use of international data transfer powers. This provision includes mechanisms to enable the UK to make changes to its data protection regime or exercise international transfer powers, subject to mutual agreement, without affecting the bridging mechanism. The EU does not have the power to block changes to UK data protection rules, framework or use of its powers. If the EU objects to changes that the UK wishes to make, the bridge will end.
Oxquant seeks to maintain compliance with UK data protection rules at all times in terms of your personal data, data accountability and management, your rights in terms of control of the data that we hold and to seek explicit consent from you to use your data where this is required. As part of this process, we review policies regularly including this one for effectiveness, changes in the handling of data and changes to the state of affairs of other countries in which your data may reside.
Oxquant Consulting Limited is registered under the Data Protection Act 2018 as a data controller (ZA303966).
You have the right to request details about the information we collect about you and to request us to correct inaccuracies in that information. You may also restrict the processing of your information, transfer of such information and/or request that we permanently delete your information provided we are not required by law to retain such information about you.
If you have any specific questions or would like to exercise your rights to information access, correction, deletion, processing, portability or other data-related matter you may contact us via email at firstname.lastname@example.org or write to:
The Data Controller
Oxquant Consulting Limited
5 South Parade
Oxford OX2 7JL
Oxquant Consulting Limited | Registered in England and Wales | Company Number: 4205453