Last Updated: 12 December 2025
Website: https://oxhar.com
Email: info@oxhar.com
Oxhar Business School is committed to ensuring the privacy, integrity, and lawful handling of all personal data collected, stored, and processed. This policy outlines how we comply with the Data Protection Act and all relevant UK, Indian, and international data protection standards applicable to our operations.
1. Policy Statement
Oxhar Business School is fully committed to:
- Protecting the rights of individuals
- Upholding the fairness and legality of data processing
- Ensuring transparency in the collection and use of personal data
- Maintaining secure systems to prevent unauthorized access, loss, or disclosure
We process personal data for legitimate educational, administrative, and operational purposes only.
2. Key Data Protection Principles
Oxhar Business School adheres to the following principles:
- Lawfulness, Fairness & Transparency
Data must be processed lawfully and openly. - Purpose Limitation
Data must be collected for specified, explicit, and legitimate purposes only. - Data Minimisation
Only the data necessary to fulfil operational needs should be collected. - Accuracy
Data must be kept accurate and up to date. - Storage Limitation
Personal data should not be retained longer than necessary. - Integrity & Confidentiality
Security measures must protect data from unauthorized access, loss, or damage. - Accountability
Oxhar Business School must demonstrate compliance at all times.
3. Rights of Individuals
Learners, staff, and stakeholders have the following rights:
- Right to access their personal data
- Right to request correction of inaccurate information
- Right to request deletion (“right to be forgotten”)
- Right to restrict processing
- Right to object to certain data uses
- Right to data portability where applicable
- Right to withdraw consent for optional processing (e.g., marketing)
Requests must be submitted to:
Oxhar will respond within applicable legal timeframes.
4. Data Security Responsibilities
Oxhar Business School ensures:
- Personal data is stored securely in physical or digital form
- Access is restricted to authorised personnel only
- Staff and contractors follow strict confidentiality agreements
- Data breaches are investigated immediately and reported where required
- Internal training is provided on data protection and good practice
5. Usage & Processing of Personal Data
Oxhar processes personal data for purposes including:
- Enrolment and student administration
- Learning delivery and assessment
- Certification and verification
- Marketing communications (where consent is given)
- Operational analytics and service improvement
- Legal and regulatory compliance
Data may be shared with approved third parties, such as:
- Regulatory bodies
- Awarding organisations
- Payment gateways
- CRM and learning management platforms
- Legal and compliance consultants
All partners must adhere to Oxhar’s data protection standards.
6. Data Collection & Storage
We collect personal information through:
- Registration forms
- Online learning platforms
- Communication channels
- Assessments and feedback forms
Data is stored in secure systems with appropriate technical and administrative safeguards.
7. Retention Policy
Personal data will be retained only for as long as required by:
- Educational and administrative needs
- Regulatory requirements
- Legal responsibilities
Once data is no longer required, it will be securely deleted or anonymised.
8. Breach Notification
In the event of a data breach:
- Oxhar will take immediate steps to contain and assess the incident
- Affected individuals will be notified where required
- Regulatory authorities will be informed if legally mandated