Privacy Policy

Oxford Impact Group (OIG) is one of the world’s leading global sustainability consultancy firms and is committed to always operating in a manner which complies with relevant legislation, is ethical and is equitable to all of its stakeholders. Oxford Impact Group is committed to maintaining the privacy of all individuals (including any identified or identifiable natural person) with whom we interact during our business. At all times Oxford Impact Group will comply with the relevant Data Protection legislation in the countries in which they operate.

Here at Oxford Impact Group (OIG), we take your privacy seriously and will only use your personal information to provide the information, products or services you have requested from us.

Where we process personal information for purposes which are not directly to comply with our contractual obligations, we [generally] do so for certain legitimate business purposes. Whenever we process data for these purposes, we will always ensure that we give your personal data rights due consideration and hold them in the highest regard.

Some of the third-party systems we use to communicate with you may utilize ‘Cookie Policy cookies’ to collect personal information. We are working with our suppliers to ensure that this is done in compliance with the data protection legislation. No OIG-owned products collect personal data (such as names and email addresses,) in cookies but we do store other information necessary to ensure data security and session continuity. However, some of the software products we use or maintain on behalf of others, may collect personal data. We are in contact with these suppliers and our clients to ensure that each of these products is GDPR-compliant and covered by its own privacy statement.

From time to time, we would like to contact you with details of other webinars, events, products and services we offer. Don’t worry, we will never pass your information on to anyone outside of the OIG unless the law requires us to do so or where we are acting as a data processor and our client (the data controller) requires us to do so.

How is your personal information managed?

When our IT hosting is done outside the EEA, we ensure that the appropriate legal safeguards are in place to protect your rights. Under data protection regulations (EU and UK), individuals (you) have enhanced rights:

Individuals have the right to be informed as to what information we collect and how we use it.
The right to erasure.
The right of access. Please contact us (see details below) for a copy of the data we hold on you.
The right to have information we hold about you rectified.
The right to restrict processing. That is, you have the right to decide how we use your personal data and, for example, to decide that you don’t want to receive certain types of information or to change the permissions for our use of your personal information e.g., withdraw the right to send you marketing information. You have the right to object to this process, and if you wish to unsubscribe, please contact us.
The right to data portability (we are obliged to send any data which you have supplied to us and which we hold to another supplier if you request this).
Rights in relation to automated decision making and profiling.
For any queries relating to personal data, please contact our Data Protection Team.

Unless it is required for legal or contractual reasons, we will not hold any personal data for more than three years from the date you, or your organization, last contacted us.

Last modified: April 4, 2024