This privacy notice explains the types of personal data we may collect about you when you interact with us, why we collect this data, how we use it, and how we keep it safe.
Oxford Nanopore is committed to protecting and respecting your privacy and personal data. If you have any questions, please get in touch with us. We have appointed a Data Protection Officer who is responsible for all matters concerning data privacy and protection, including this privacy notice.
2. Who we are and how to contact us
Oxford Nanopore Technologies Ltd (“Oxford Nanopore”, “we”) is a private limited company headquartered in Oxford (UK). Our company number is 05386273 and our registered address is Gosling Building, Edmund Halley Road, Oxford Science Park, Oxford, United Kingdom, OX4 4DQ.
You can contact our Data Protection Officer by email to firstname.lastname@example.org or by post to
Data Protection Officer, Oxford Nanopore, Gosling Building, Edmund Halley Road, Oxford Science Park, Oxford, United Kingdom, OX4 4DQ.
3. When and how we collect personal data
Personal data means any information about an individual from which that person can be identified. We collect personal data in the following circumstances:
- When you visit any of our websites;
- When you subscribe to receive news and information from Oxford Nanopore;
- When you create an Oxford Nanopore Community account with us;
- When you make an online purchase;
- When you use an Oxford Nanopore service;
- When you attend an Oxford Nanopore event;
- When you engage with us on social media;
- When you download or install one of our apps;
- When you contact us by any means, including using the chat facility on our websites.
We collect data in the following ways:
- Directly from you when you complete forms on our website or correspond with us by email, post, telephone, live chat, or other means;
- From third parties or publicly available sources, including:
- Analytics data from Google and HubSpot;
- Usage data from social media platforms when you engage with us on these.
4. What types of personal data we collect
We collect and use the following types of personal data:
- Contact details such as name, address, email address and telephone number;
- Transaction data such as details about products and services you have bought from us;
- Profile data such as your interests and preferences;
- Usage data such as information about how you use our website, products and services;
- Marketing data such as your preferences in receiving marketing messages from us.
We may also use financial details, such as payment card details, via our third-party payment services provider when you make an online purchase from us, but neither we nor our payment services provider store this information.
We also collect, use and share aggregated data such as statistical data on the proportion of website visitors using the various parts and features of the site.
We do not collect any sensitive personal data about you (details such as race, ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, genetic or biometric data, or information relating to your health).
5. How we use personal data
We may use the personal data we collect for one or more of the following purposes:
- To ensure that content from our website is presented in the most effective manner for you and for your computer;
- To provide you with information, products or services that you request from us, or which we feel may interest you;
- To carry out our obligations arising from any contracts entered into between you and us;
- To allow you to participate in interactive features of our services, when you choose to do so;
- To notify you about changes to our services.
6. The lawful bases on which we collect and use personal data
We only collect and use personal data on one or more of the following lawful bases:
- You have freely given your explicit consent for us to collect and use the data for one or more specific purposes that we have clearly explained to you (such as sending you information about our products and services);
- We need the information in order to be able to enter into or fulfil a contact with you (such as supplying the product you have ordered);
- We have a legitimate interest in using the data in a way which might reasonably be expected as part of running our business, and which does not materially impact your rights or interests (such as using data to personalise your experience of our website).
7. How we protect personal data
The security of your personal data is important to us and we take steps reasonably necessary to safeguard your personal data from unauthorised access, use or disclosure.
We have technical security measures in place including measures to:
- Prevent unauthorised persons from gaining access to data processing systems in which personal data are processed;
- Prevent persons entitled to use a data processing system from accessing personal data beyond their needs and authorisations;
- Ensure that personal data in electronic transit cannot be read, copied, modified or removed without authorisation;
- Ensure that access logs are in place to establish whether, and by whom, the personal data was entered into, modified on or removed from a data processing system;
- Ensure that in the case where processing is carried out by a data processor, the data can be processed only in accordance with our instructions;
- Ensure that personal data is protected against unintentional destruction or loss.
We also have organisational security measures in place, including measures to ensure that all employees, agents, contractors, or other parties working on our behalf:
- Are appropriately trained, and are fully aware of their responsibilities for data privacy;
- Are granted access to personal data only to the extent strictly required to carry out their assigned duties.
8. How long we keep personal data for
We only keep personal data for as long as is necessary for the purpose for which it was collected, and to meet any applicable legal requirements.
At the end of that period, personal data is either securely deleted, or is anonymised and/or aggregated so that it can be used in a non-identifiable way for statistical analysis and business planning.
We may continue to keep your information beyond this if we are legally required to for example to prevent abuse, fraud, or to resolve disputes.
9. Who we share personal data with
We may share your personal data with other companies within our group, including subsidiaries and our holding company and its subsidiaries.
In the event that we choose to sell, transfer, or merge part our business, your personal data may be shared with potential counterparties provided that they are subject to confidentiality obligations. In the event of a sale of all or part of the business, your personal data will, where relevant, be transferred to the new owner or controlling party, under the terms of this Privacy Notice.
We will only share your personal data with law enforcement, regulatory or other Government bodies when required to do so, or to comply with a valid legal request such as a court order.
We may share your personal data with third party service providers working on our behalf to collect, store, process, and safeguard your personal data, including:
- IT companies who support our website and other business systems;
- Operational companies such as distributors, resellers and delivery couriers;
- Marketing companies who help us manage our electronic communications with you.
When we use third party service providers:
- We only share with them the information they need to perform their specific services;
- They may only use your data for the exact purposes we specify in our contract with them;
- We work closely with them to ensure that your privacy is respected and protected at all times;
- If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
10. Where we store and process personal data
The personal data we hold is stored and used within the member countries of the EU or the EEA (the EU plus Iceland, Liechtenstein and Norway).
We may sometime share personal data that we collect from you to third-party data processors in countries that are outside the EEA, for example, if required in order to fulfil your order, or provide support services. If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed inside the EEA. For example, our contracts with third parties stipulate the standards they must follow at all times.
Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this privacy notice.
11. Your rights
You have the right:
- To be informed about the collection and use of your personal data by us, including the purposes we use the data for, and the lawfulness of those purposes. This privacy notice aims to give you this information, and you can contact us at any time.
- To request a copy of any personal data we hold about you.
- To ask us to correct the personal data we hold about you if it is incorrect, out of date or incomplete.
- To instruct us to stop using your personal data for direct marketing, either through specific channels, or all channels.
- To withdraw your consent for any processing that you have previously given consent to.
To exercise any of these rights, please contact our Data Protection Officer by email to email@example.com or by post at Data Protection Officer, Oxford Nanopore, Gosling Building, Edmund Halley Road, Oxford Science Park, Oxford, United Kingdom, OX4 4DQ.
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this privacy notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
12. Contacting the Regulator
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. Details are available on the website of the Information Commissioner’s Office at www.ico.org.uk/concerns. The telephone number of the Information Commissioner’s Office is 0303 123 1113.
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.
13. If you have any questions
If you have any questions, please contact our Data Protection Officer by email at firstname.lastname@example.org or by post to Data Protection Officer, Oxford Nanopore, Gosling Building, Edmund Halley Road, Oxford Science Park, Oxford, United Kingdom, OX4 4DQ.