This Privacy Policy explains how Oxford Academy of English LTD (“we”, “us”, “our”) collects, uses, stores, and protects personal data.
We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Oxford Academy of English LTD is the data controller for personal data collected through our websites and digital platform.
Contact: contacts@oaoe.co.uk
Identity data: name, email address, role, institution.
Technical data: IP address, device information, browser type, usage logs.
Platform activity data: AI interactions, writing submissions, assessments.
Account data: login information, user settings.
Payment data (B2C only): processed securely via third-party payment providers.
To provide access to our AI-assisted
educational platform.
To deliver courses, training programmes,
and institutional services.
To process payments, subscriptions, and
account management.
To improve AI accuracy, platform
performance, and user experience.
To ensure security, detect misuse, and
prevent unlawful activity.
To communicate service updates and support messages.Contract: providing the services you have
purchased or accessed.
Legitimate interests: improving system
performance, safeguarding users, and analysing usage patterns.
Consent: for optional marketing
communications and cookies where required.
Legal obligations: compliance with
accounting, tax, and regulatory requirements.
We process student data under authorisation
from educational institutions.
Institutional clients remain data
controllers for student accounts they create.
Student data is processed solely for
educational and safeguarding purposes.
We do not sell personal data.
We may share data with trusted service
providers such as hosting, analytics, and authentication providers.
All third parties are bound by UK GDPR-compliant Data Processing Agreements
When data is transferred outside the UK,
appropriate safeguards such as adequacy regulations or Standard Contractual
Clauses (SCCs) are applied.
Personal data is retained only as long as
necessary for the purposes collected.
B2C users: account data is deleted within
12 months of account closure.
Institutional users: retention is
governed by agreements with the institution.
Some records may be retained longer where
legally required.
Right to access your personal data.
Right to rectification of inaccurate or
incomplete data.
Right to erasure (‘right to be
forgotten’).
Right to restrict or object to
processing.
Right to data portability.
Right to withdraw consent at any time.
Request these by contacting: contacts@oaoe.co.uk.
We use encryption, access controls,
monitoring, and secure hosting environments to protect data.
While we take appropriate measures, no
system is completely secure.
Our websites and platform use cookies for
authentication, analytics, and service optimisation.
Please review our separate Cookie Policy for more details.We may update this Privacy Policy occasionally.
Continued use of our services constitutes acceptance of any changes.
For privacy enquiries, contact: contacs@oaoe.co.uk.
Address: 1&3 Kings Meadow, Oxford, United Kingdom, OX2 0DP.
