Oxbury Client Privacy Notice
Oxbury will store and use your personal information to enable us to run our business and to manage our relationship with you effectively, lawfully and appropriately. This includes using information to fulfil our contractual obligations, to comply with legal requirements, to pursue the legitimate interests of the Company and to protect our legal position in the event of legal proceedings.
We will not share your personal information with 3rd parties except as required to carry out our business or as required by law of other legal processes and we will never sell your personal information.
Most of the information we hold will have been provided by you, but some may have come from 3 rd parties.
What information do we hold and what is it used for?
The sort of information we hold includes your name, job title and business contact details as well as records of our business dealings with you and your organisation. You will also be referred to in documents and messages that we produce, store, or share with you, your colleagues and 3rd parties as part of our normal Company business. We may send you general information about Oxbury, our staff and our services that are relevant to our ongoing business relationship.
How is your information stored and who has access?
Clients’ personal information is stored on a secure central database which can only be accessed with an approved logon and password. In addition, your personal details may be referenced on paper documents (for example a business card, or printed email) which are kept by individual Oxbury employees. Your name and contact details may also be stored on our employees’ mobile devices if they are, or have been, working directly with you.
Oxbury has clear policies and procedures for all staff to protect company documents and equipment from loss or unauthorised access.
Who do we share your information with?
We will only share your personal data with 3rd parties if we are legally obliged to do so, or where necessary to comply with our contractual obligations. We will never sell your personal details.
How long do we keep your personal information?
All information, including clients’ details, relating to the business of Oxbury is kept for 15 years in order to comply with the requirements of our insurance. Information is kept securely in our offices until the contract is complete and will then be moved to secure archive storage.
What are your rights?
You have the right to access the information we hold about you; to have any inaccuracies rectified; and to erase information which is incorrect or should no longer be held. You also have the right to object to and restrict processing of your data. However, be aware that if you do not provide information or allow us to process your data we may be unable to fulfil our legal and contractual obligations. If that is the case we will tell you about the implications of your decision.
If you want to access your personal information you can submit a Subject Access Request in writing to the HR & Practice Manager, Steph Pain at Oxbury’s head office. The Company will either provide the information requested, or will explain why there is a delay, within one month.
You have the right to lodge a complaint with the information Commissioners’ Office if you believe we have not complied with the requirements of the GDPR with regards to your personal data.
Who is the responsible for Data Protection?
Tim Boucher is the Board member with responsibility for Data Protection. If you have any concerns or queries about data protection you can contact him at email@example.com or on 01603 707914.