Privacy policy.

How we use your data

This privacy statement explains the personal data The Oxford Code Lab collects and processes, how we process it and for what purpose. Please read the details below which provide additional relevant information. This statement applies to the interactions The Oxford Code Lab has with you using the methods listed below, as well as other methods that display or link to this statement.

The information we collect depends on your relationship with us. You may be a client or potential client; a visitor to our website, or someone who emails us. We have listed the different information we collect in sections below.

Visitors to our website

We do not collect any personal information about visitors to our website (www.oxfordcodelab.com), either via cookies or by any other means. 

People who email us

We use a third-party provider, Google Workspaces, to manage and store our email communication. As with any service this comes with a level of risk. You can find out more about the security measures taken to protect this information in the Google Workspaces Security Whitepaper.

Our clients

When you sign a contract to work with us in any capacity, we collect some additional information about your company and our primary contact(s) at your company:

  • Your name


  • Company name and company details


  • Telephone number

  • Address


  • Email address


We use this information to fulfill our contractual obligations to you and your company, including:

  • sending you invoices, reminders and statements.


  • communicating with you about technical issues related to the project.


  • notifying you of changes to terms and conditions.

We will also use this information to notify you of changes to our service such as new team members or price changes. If a communication from us is not strictly necessary to us providing you with service, then we will always provide an option to not receive further similar messages.

Our work for you as a client will typically involve the development, deployment, and support of a data control system for your organization. The data in this system remains your data throughout. We will be a data processor for this data, and only process it under direct instruction from you. We make every effort to protect the data that is provided to us, and follow a stringent set of measures to ensure that your data remains secure. Details of the steps we take and the sub-processors we use to provide our service can be found in the Data Processing Agreement that we will sign as part of our relationship with you.

We do not share your information with a third party, except where we may work with a trusted partner to deliver a project and we will always ask you in advance if this is the case.

Your rights

GDPR outlines the following rights for the individual:

  • The right to be informed

  • The right to access a copy of their personal data

  • The right of rectification

  • The right of erasure

  • The right to restrict processing

  • The right to data portability

  • The right to object

  • Rights in relation to automated decision making and profiling

This privacy notice acts as our method for keeping you informed, along with updates delivered via email when required. You will also find information on how you can access, change or delete your information. You also have the right to access, edit and delete this information should you so choose. If you would like to request the information we hold about you is deleted, please contact us on dataprotectionofficer@oxfordcodelab.com

Access or changes to personal information

You have the right under GDPR to request a copy of your data which we hold, the rectification of that data and the erasure of that data. If you would like to request any of these actions please contact us on dataprotectionofficer@oxfordcodelab.com

Security breaches

In the event that we discover or suspect a data breach, we will notify you as soon as we are able to provide sufficient information as to the nature and extent of the breach. The notice will include, where available at the time of sending, the following:

  • The dates and times of the security event

  • The details of the event including:

    • A description of the data involved in the event

    • The facts of the event or details of the decision to investigate a suspected event

  • The steps we are taking or planning to take to remedy or mitigate the vulnerability.

Changes to this privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 22 June 2021.

How to contact us

If you have any questions or complaints about our privacy policy then please contact dataprotectionofficer@oxfordcodelab.com