Oxford Health Policy Forum CIC (‘OHPF, ‘we’, ‘our’, ‘us’) takes the protection of personal data very seriously.
This policy explains:
- what information we may collect about you
- how we use the information we collect about you
- whether we will share this information with anyone else
- your choices and how you can instruct us if you prefer to limit the use of your information
- measures we have in place to safeguard your privacy.
This policy applies whether you provide information to us through our website, by email or via other means.
1. Information about us
Oxford Health Policy Forum is the data controller responsible for protecting personal information you provide to us. We are a not for profit community interest company registered in England and Wales under company number 10474250; our registered office address is 264 Banbury Road, Oxford, OX2 7DY UK.
If you have any queries about this policy, please contact us by emailing Emma.Georgiou@oxfordhealthpolicyforum.org
2. What are personal data?
‘Personal data’ is information that can be used to detect your identity and includes your name, address, telephone number and email address. Personal data is also information that can be associated with you, together with other information e.g. your IP address.
3. Information we collect
We collect and store personal data you provide to us when you interact with us or register to attend our events. On occasion we may supplement the information we collect about you with records maintained by third parties to provide you with information or services you have requested.
In addition to information you submit to us, we and our third-party service providers may use a variety of technologies that automatically or passively collect certain information whenever you interact with us. This may include the browser and operating system you are using, the URL that referred you to the website and the time of day you interacted with us (‘usage information’).
Usage information may also include the IP address or other unique identifier (‘device identifier’) for any computer, mobile phone, tablet or other device (‘device’) used to access the website. A device identifier is a number that is automatically assigned to your device; our servers identify your device by its device identifier.
4. How we use your information
We may also use your personal information and/or usage information to:
- enable and allow you to participate at events or to contribute to publications (or to assess your suitability to participate or contribute), including without limitation to respond to your queries or comments
- operate our business (including developing new products and services, conducting research, managing our communications, producing training materials and programmes, determining the effectiveness of and optimizing our advertising, analysing our products and services, and performing accounting, auditing, billing and reconciliation activities)
- prepare and provide aggregated data reports showing anonymized information (including, without limitation, compilations, analyses, analytical and predictive models and rules, and other aggregated reports) for our business purposes
- ask for feedback on our services and products
- comply with industry standards and our policies.
5. Sharing your information
We may share your personal information and usage information:
- with third-party service providers that perform services on our behalf, including, without limitation, those that offer, host or operate our systems
- to comply with UK law, a judicial proceeding, court order or other legal process, such as requirements of emergency services and/or law enforcement agencies
- to enforce our agreement with you
- to analyse and enhance our communications and strategies (including by identifying when emails sent to you have been received and read, and your location)
- with other third parties, with your consent
- as aggregate or de-identified information with third parties for marketing, advertising, research and other purposes
If data are disclosed to contractors during commissioned data processing they shall be subject to this policy, and, if applicable, to other additional or relevant alternative data privacy provisions and contractual conditions.
6. Data storage and security
We store information related to our global operation on protected servers located in Oxford and London.
We have appropriate measures in place to protect against unlawful disclosure, loss, misuse, unauthorized access or alteration of information we collect from you. We use encryption to help protect the transmission of personal information from you to us.
We also protect the security of your data during transmission online using Secure Sockets Layer (SSL) encryption software.
7. Your options
If you have provided us with personal data, we will keep your information in accordance with our retention policy. You may withdraw your consent to our processing by emailing us and we will apply your preferences in our future communications. If statutory retention periods require further provision, we will lock those records.
You may also email us to access information we hold about you, or to request rectification of any personal data we hold about you
9. Contacting us