Privacy Notice

Privacy Notice

This policy explains:

  • what personal data will be collected when you visit the OxReach website;

  • what personal data will be collected in other ways for use in connection with the OxReach website; and

  • how this information will be used.

Please note that this policy applies only to OxReach (i.e. and not to other websites operated by the University of Oxford or Oxford University Innovation Limited or personal data collected for other purposes.

All colleges, divisions, faculties, departments, schools, centres, academic services, libraries, museums and collections of the University run and maintain their own websites on the domain (these will be identified as or These sites may carry their own privacy policy or provide additional information relating to their activities, which will supersede or supplement this Privacy Policy.

Who we are

OxReach is operated by the Chancellor Masters and Scholars of the University of Oxford (the University) and Oxford University Innovation Limited (Oxford University Innovation).

The University is an exempt charity. Its main offices are at the University Offices, Oxford
OX1 2JD, United Kingdom. Its VAT number is GB 125 5067 30.

Oxford University Innovation Limited is the technology transfer office of and a wholly owned subsidiary of the University and is a company registered in England and Wales under company number 2199542, whose registered office is at the University Offices, Oxford OX1 2JD, United Kingdom. Its VAT number is GB 490 7988 85.

This policy explains how the University and Oxford University Innovation (individually and collectively referred to as we or us) use personal data.

Consent to our use of your personal data


Links to other websites

The OxReach website contains links to websites operated by other people. These other websites may collect and use personal data in a way which is different from the way in which we collect and use personal data.

When you visit a website operated by someone else, you should read its privacy policy. We are not responsible for the way in which the operators of other websites collect and use personal data.

Personal data collected

We collect personal data from you when you:

  • register on the OxReach website;

  • make a pledge on the OxReach website;

  • submit a proposed project for which you want to solicit donations;

  • provide information about any such project,

  • participate in discussions on the OxReach website;

  • use the OxReach website’s social media functions;

  • report and issue or problem on the OxReach website;

That personal data may include:

  • your name, address, phone number, e-mail address;

  • social media information;

  • pledge information

  • your personal profile, photgraph or avatar;

  • your Gift Aid choices.

If you are providing information about a project or proposed project it will include whatever personal data you choose to provide in support of that project.

We also collect and keep:

  • records of any communication which you send to us and of our response to you;

  • details of any donations made by you via the OxReach website;

  • information about you from the University’s Development and Alumni Relations System;

  • information about you from social media websites;

  • information about you from credit reference and fraud prevention agencies and anti-money laundering and identity checking services;

  • information about you from payment service providers, advertising networks, analytics providers and search information providers;

  • details of your visits to the OxReach website (including, but not limited to, the full Uniform Resource Locators (URL), clickstream to, through and from the OxReach website (including date and time) traffic data, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page;

  • any phone number used to call our user service number;

  • location data, weblogs and other communication data and the resources which you access when you visit the OxReach website;

  • information about your computer, including (where available) your IP address - a string of numbers unique to your computer which is recorded by the web server when you request any page or component on the OxReach website, your login information operating system, platform and browser type and version, for system administration and to report aggregate information to our webmasters. This is statistical data about users' browsing actions and patterns which does not identify any individual and allows us to ensure that content from our site is presented in the most effective manner for you and for your computer; and

  • your university card number.

Your financial information

We do not collect or process your credit or debit card details. These are collected and processed by our payment processing service provider, Stripe Payments (Europe) Ltd (“Stripe”). For more information about how Stripe processes your information, please see

How the information collected is used

We use personal data we hold about you in the following ways:

  • to make information about your project available on the OxReach Website;

  • to process and administer pledges and donations made on the OxReach Website (and claiming Gift Aid, if applicable);

  • to acknowledge pledges and donations you have made [unless you have elected to remain anonymous];

  • with the sponsor’s consent, to allow project owners to contact sponsors with more details about projects and to provide rewards;

  • to pass on thank you messages;

  • to manage your account and registration;

  • to inform you about changes and improvements to the OxReach website;

  • to provide you with information about other funding opportunities (but you may opt out of this);

  • to solicit other donations (but you may opt out of this);

  • if you agree, to contact you by email or SMS about other funding opportunities and to solicit donations;

  • to administer the OxReach website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

  • to improve the OxReach website to ensure that content is presented in the most effective manner;

  • to allow you to participate in the interactive features of the OxReach website, including (but not limited to) sending messages to other users of the OxReach website, sponsoring projects, and using social media tools, when you choose to do so;

  • as part of our efforts to keep the OxReach website safe and secure; and

  • to combine this personal data with personal data you give to us and other data we collect about you. We may use this combined information for the purposes set out above (depending on the type of information we receive).

To whom might we disclose personal data

  • We may provide your personal data to our third party service providers, strictly to the extent necessary for them to provide the relevant services to us. In particular, our service providers include:

  • Sponsorcraft Limited (“Hubbub”), who provide and host the crowdfunding platform on which OxReach is based. Hubbub may publish details of projects on their own website and solicit pledges and donations for those projects. Please refer to their privacy policy at to see how they may use your personal data; and

  • Stripe, in connection with processing the payment of donations.

Each of these service providers may further provide your personal data to their own service providers who provide necessary support functions (for instance, third parties who host their servers). However, such disclosure will again only be for the purpose of providing the relevant services to us. Our service providers, and their service providers, may be located outside the European Economic Area.

  • As mentioned above, we will not receive your credit or debit card information, but Stripe will. Stripe may disclose your personal data in accordance with its own privacy policy (see the link above).

  • We may send your personal data to credit reference agencies, fraud prevention agencies and the providers of anti-money laundering and identity checking services.

  • The University and Oxford University Innovation may pass your personal data between them.

  • We may disclose your personal data if we are obliged to do so or allowed to do so by law.

  • We may also provide your personal data to anyone who buys our business or business assets.

  • When we use third parties to process your personal data, we will require them to comply with our instructions when processing your personal data.

Transfers outside the EEA

Your personal data may be sent electronically to servers anywhere in the world and may be used, stored and processed anywhere in the world, including countries outside the European Economic Area. (Bear in mind that many countries outside the EEA do not adequately protect your rights as a data subject.)

Fund Raising

We will not contact you to inform you of funding opportunities or to solicit donations unless you specifically agree to be contacted for these purposes.


When we collect, process or use your personal data, we take steps to ensure that it is treated securely and in accordance with this privacy policy.

Unfortunately, no data transmission over the internet or any other network can be guaranteed as 100% secure, but we take appropriate steps to try to protect the security of your personal data.

How we use "cookies"

Most of our web pages use "cookies". A cookie is a small file of letters and numbers that we place on your computer or mobile device if you agree. These cookies allow us to distinguish you from other users of our website, which helps us to provide you with a good experience when you browse our website and also allow us to improve our website. For more detailed information on the cookies used on the OxReach website, please see the Cookie Policy at

Access to information

The Data Protection Act 1998 gives you the right to access information held about you. For further information about this right and how to exercise it, please see the University’s Policy on Data Protection.

Changes to this Privacy Policy

We keep this privacy policy under review and may change it at any time. Any updates will appear on this webpage. Please check it each time you visit the OxReach website or provide us with any personal data.

We last updated this privacy policy on 1st August 2016.


Any queries or concerns about this policy or the privacy of your personal data in connection with the OxReach website should be sent by email to or addressed to the Data Protection Office, University of Oxford, University Offices, Wellington Square, Oxford, OX1 2JD.