Effective Date: 01 June 2025
Last Reviewed: 30 May 2025
Jurisdiction: United Arab Emirates (UAE)
Applies: All users, learners, and clients accessing or engaging with the OxfordMinds website, platform, and services.
1. Introduction:
OxfordMinds – is committed to protecting the privacy, confidentiality, and integrity of your personal data in accordance with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and applicable international best practices. This policy outlines how we collect, store, handle, and protect your personal and professional data.
2. Purpose:
- Safe and secure storage of user data;
- Responsible and lawful handling practices;
- Protection against unauthorized access, disclosure, or misuse;
- Compliance with applicable UAE data protection laws.
3. Types of Data Collected:
- Personal Identifiers: Full name, date of birth, nationality, ID/passport number
- Contact Information: Email address, phone number, mailing address;
- Professional Data: Qualifications, certifications, employer details;
- Course Activity Data: Enrollments, completions, assessment results;
- Financial Information: Payment confirmations and invoices (via secure third-party gateways);
- Technical Data: IP address, browser type, device information, and cookies.
4. Data Storage Practices:
- Location: All data is stored on secure servers with adequate data protection laws and standards.
- Cloud Services: We may use encrypted and compliant cloud storage solutions (such as AWS or Microsoft Azure) under strict data agreements.
- Backups: Regular encrypted backups are performed to ensure data integrity and recovery in case of system failure.
5. Data Handling & Access Control:
- Access Restriction: Only authorized staff and system administrators are allowed access to personal data based on their role and necessity.
- Encryption: Data in transit and at rest is encrypted using industry-standard protocols.
- Retention Period: Personal data is retained only as long as necessary to fulfill the purposes for which it was collected or to meet legal/regulatory requirements (typically 5 years unless required longer).
- Third-Party Processors: If we engage third-party service providers, they are contractually bound to comply with our data protection requirements.
6. User Rights:
- Request access to your data;
- Correct inaccurate or outdated data;
- Withdraw consent for data use (where applicable);
- Request deletion, restriction, or portability of your data;
- Lodge a complaint with the UAE Data Office if your rights are violated.
7. Data Security Measures:
- SSL encryption for all user sessions;
- Regular vulnerability assessments and audits;
- Role-based system access and password protection;
- Incident response and data breach notification procedures.
8. International Data Transfers:
Any cross-border data transfers (if applicable) will be conducted under the provisions of the UAE data protection regulations and only to countries that ensure an adequate level of data protection or with appropriate safeguards in place.
9. Policy Updates:
OxfordMinds reserves the right to amend this policy from time to time. Users will be notified of significant changes through email or website notice.
10. Contact Us:
- Email: Support@OxfordMinds.Com
- Web: www.OxfordMinds.Com
