The Oxford BioChronometrics website provide information about our company, Rose Hill Acquisition Company LTD and its products. (the Company). The company also provides an online user dashboard for clients to view their information and from time to time email marketing lists may be created from clients or those requesting information about our services.
If you wish to amend any of the personal information that we hold about you, or update your marketing preferences, you can do so at any time by contacting email@example.com.
If you have any queries about how we use your personal information, please contact our Data Protection Officer at firstname.lastname@example.org.
Information we collect
This section details the information we may collect about you. We explain why, and how, we use it in later sections.
If you decide to create an account or enquire about one of our products or services, we may ask you to provide us with some specific information, for example:
Basic personal details – such as name, title and date of birth;
Personal contact details – such as home address, delivery address, home phone number, mobile phone number, and email address;
Work details – such as job title, department, company name, company address, work email address and office phone number;
Log in details – such as username and password;
Payment details – such as your bank account and payment card information.
On occasion, we will ask you to voluntarily provide additional information, for example:
Your opinion of our products and services;
Information we obtain from partners and public sources
In some circumstances, we collect information about you from our partners or from publicly available websites to help us better understand our audience and enhance the relevance of our content.
Information we obtain through cookies and similar tools such as IP addresses.
Your device – we use certain technologies to understand what type of device you are using to show you the best version of the site.
Lawful basis for processing
We only process personal information where we have a lawful basis for doing so, such as the following:
User consent – This is where you have given us explicit permission to process personal information for a given purpose. For example, if you complete one of our general enquiry forms, we would ask for your consent if we wanted to use your personal information for any other purpose. You have the right to withdraw this consent at any time. You can manage your preferences within your account or by contacting customer services.
Legitimate business purposes – This is where we have a legitimate interest, as a business, to process personal information. For example, where we are aware of copyright infringements on our Site, it is in our legitimate interests as a business to identify those responsible. We take due care to balance our interests against your right to privacy.
Contractual necessity – This is where we have to process personal information to meet our contractual obligations. For example, if you are a SecureAd client, we would need to process your delivery address to fulfil your terms of service.
Legal obligation – This is where we have to process personal information in order to comply with the law. For example, we process and retain customer invoice information to comply with financial regulations.
How we use your personal information
We collect personal information for six main reasons:
To provide our service – We require some of your basic personal information so our services work as you would expect, for example, providing access to our digital content, notifying you of changes to our services and dealing with customer services queries.
To improve and maintain performance – In order to provide you with the best possible user experience, we need to make sure that our products and services work as they should. Using personal information helps us understand how our users use our Sites so we can make improvements. This includes testing proposed developments on our Sites and reaching out to our customers with market research surveys.
To bill our customers – We, along with our authorized payments processors, securely process your payment information to take payments, give refunds and to detect and prevent fraudulent activity. We will also update your payment information in the event that a payment is unsuccessful. You can manage your payment information at any time by contacting customer services.
To monitor compliance with our policies and terms – We monitor for breaches of our terms and conditions. We also monitor activity on our Sites to detect and prevent invalid or fraudulent traffic.
To personalize our products and services – We improve your experience of our products and services by personalizing parts of our Sites and apps with the information you give us. This includes showing your name on the dashboard welcome screen. Where our Sites have such functionality, you can manage elements of personalization in your account.
To communicate product changes and offers – We want you to get the most out of our products and services. You are able to change your preferences at any time through your account or by contacting customer services.
Who we share your personal information with
We disclose personal information to facilitate the running of our business or to provide specific services you have requested. Commonly, we will disclose information to:
Social media providers
Other users – Our Sites are publicly accessible and anyone around the world who accesses our Sites will be able to see anything you post, such as comments about an article. We encourage you to use a pseudonym when commenting on our Sites if you do not wish to be identifiable to other readers.
How long we retain your personal information
We retain the majority of your personal information for as long as your account is active and therefore open; this allows you to continue accessing our content, products and services.
If you become inactive and are not a client, we may delete elements of the information associated with your account. We will normally warn you if your access is going to be withdrawn and give you the opportunity to retain your account.
Where we don’t need to keep all of your information in full, we will obfuscate or aggregate it, for example, web activity logs and survey responses. This is to ensure that we do not retain your information for any longer than is necessary.
A summary of how long your personal information is retained can be found below:
Category of Data Example Retention Period Justification for Retention
Billing information Masked details of most recently used payment method 7 years For regulatory reasons we are required to retain accounting records for 7 years.
Business intelligence Web activity on the Sites 36 months (then aggregated + non-personally identifiable) To improve and maintain performance, personalize our services and to provide our product.
Market research Responses to a survey 13 month (then aggregated + non-personally identifiable) To administer market research incentives, avoid duplicating research requests and to understand research responses against usage of our Sites.
Site features SecureAd Dashboard Lifetime of the account To improve your experience of our products and services and to enable you to continue accessing site features.
It is sometimes necessary for us to keep your personal information for longer periods of time, for example:
If there is a statutory requirement to retain it;
If we require the information for legal reasons or there is a legitimate business need for us to retain it;
To ensure we do not contact you if you have asked us not to.
How we keep your personal information secure
We have appropriate technical and administrative security measures in place to help ensure that our users’ information is protected against unauthorized or accidental access, use, alteration, or loss.
We operate a global business, so your personal information may be processed and stored outside the European Economic Area (EEA). For example, our global customer services team need to access information about you in order to respond to your queries.
Under data protection laws, you have rights as an individual in relation to the personal data we hold about you. These rights include:
The right to object to direct marketing
The right to access the personal data that we process about you;
The right to request the deletion of your personal data;
The right to request the rectification of your personal data
You can exercise these rights through your account or by contacting customer services.
You also have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO).
Personal information is collected by Rose Hill Acquisition Company ltd dba Oxford BioChronometrics.
Our Sites are not intended for children under 18 years of age. We do not intentionally collect or use any information from children.
If you have a query in regard to the processing of your personal information, please contact our Data Protection Officer directly at email@example.com.
Rose Hill Acquisition Company ltd.
Registered Office: 71-75 Shelton St WC2H 9JQ London
Registered Number: 11000661
This policy is effective from 25/05/2018.