- Full Privacy Policy
Full privacy policy
Privacy and cookies on the Oxfam GB website
Introduction and general terms
Oxfam Great Britain (OGB) promises to take great care with your personal data. We commit to protecting any personal information we obtain about you, whether you are a financial supporter, shopper, volunteer, partner or campaigner.
This Privacy Policy sets out how and why we obtain, use and protect personal information if you interact with us in one of these roles.
In the event that you work with us in another way - for instance, enrol in a specific event, program, apply for a job, or are a member of staff, there may be a separate Privacy Policy which describes how we use that data.
Who we are
Oxfam is a registered charity in England and Wales (charity number 202918) and in Scotland (charity number SC039042). We are also a company limited by guarantee (company number 612172), and have a wholly-owned trading subsidiary (Oxfam Activities Limited, company number 00830341).
This Privacy Policy applies to all the above entities.
Oxfam's registered address is Oxfam House, John Smith Drive, Cowley, Oxford, OX4 2JY.
This Privacy Policy relates to information which is obtained by OGB and for which OGB is the Data Controller. That is to say, data for which OGB sets the purpose of the use as well as the how this data will be used.
Oxfam’s Purpose
Oxfam's purpose and overall mission is to end the injustice of poverty. We provide humanitarian aid in times of crisis, fund long term community development programmes and conduct research and campaign for long term solutions to poverty.
Our supporters help us to achieve this in a variety of ways, primarily by:
- Fundraising, donating money and donating or purchasing goods for sale in Oxfam shops in order to support our programme of work.
- Campaigning for change, through signing petitions, writing letters and taking part in other campaigning actions.
- Volunteering, including in Oxfam shops, at events and in our offices.
We take active steps to make sure that our supporters are aware of the ways in which they can help us achieve our overall purpose.
Why we hold and process supporters’ personal data
We hold and process supporters' personal data for a number of reasons:
- To keep a record of donations made and actions taken by our supporters and our communications with them.
- To send our supporters marketing information about our projects, fundraising activities and appeals where we have their consent or are otherwise allowed to.
- To support volunteers, whether in shops, at festivals or participating in fundraising events.
- To record campaigning actions by supporters.
- To support community based fundraising and campaigning.
- To claim gift aid on donations.
- To fulfil contractual obligations entered into with supporters e.g. online purchases.
- To keep people safe, whether they are visitors to our shops, staff or participants in events.
- To comply with legal obligations.
- To manage our organisation.
- To ensure we do not send unwanted information to supporters or members of the public who have informed us they do not wish to be contacted.
These reasons are underpinned by a "legal basis" under GDPR. We outline in the next section what these are for our main activities.
Explaining the legal bases we rely on
The law on data protection sets out a number of different reasons for organisations to collect and process your personal data: When collecting your personal data, we will always make clear to you which data is necessary for a particular purpose. It's important to note that all legal bases are considered equal under GDPR.
Oxfam relies on the following legal bases in our marketing activities:
Consent
Where we are relying on your consent, we will ensure that we provide a clear statement of the types of marketing you will receive and allow you to select only those channels that you wish to hear from us by.
For example, if you donate online to one of our emergency appeals, you will be asked whether you would like us to keep in touch about our projects, fundraising activities and appeals. You will also be asked which channel(s) of communication you would like us to use (with a choice of email, SMS, post and telephone being offered).
Legitimate interest
Where we are relying on Legitimate Interest we prioritise a transparent and balanced approach. Legitimate Interest enables us to process your personal data where we have concluded an assessment that it is in our Charitable interests to do so, and the processing does not materially impact on your rights and freedoms.
For example, for sending direct marketing information by post and telephone. We will only apply legitimate interest where we have reason to believe you would be interested to hear about our projects, fundraising activities and appeals. We will always provide a clear way to opt out of such marketing if you do not wish to receive it. Oxfam's use of legitimate interest includes the following:
- Sending direct marketing information by post, to keep our supporters updated on Oxfam's projects, fundraising activities and appeals. We will only do this where we have reason to believe that this information will be of interest. We make it easy for you to opt out, see How to control what we send you or request we update your personal information.
- Making direct marketing telephone calls to existing financial supporters (whose telephone numbers are not registered with the Telephone Preference Service) who we believe would wish to hear more about our work and ways in which they might further support our cause. Information on how to opt out of marketing calls is here.
- Where you have bought items from the Oxfam Online Shop we may email you to tell you about other relevant offers. All such emails will include a simple opt out mechanism.
- If you are receiving marketing material from Oxfam via other channels, we may use your details to link to your account on Facebook or other social media sites in order to serve you Oxfam content. Please see the section on Social Media for more information on this.
- We analyse your previous support of Oxfam in order to offer relevant ways of supporting Oxfam in the future.
- To help identify businesses who may wish to support Oxfam, we send emails to individuals where relevant to their job, for instance people working in Corporate Social Responsibility.
For activities other than marketing, we may rely on different legal bases:
Legal compliance
If the law requires us to, we may need to collect and process your data.
For example, where you sign up to the Gift Aid scheme, we will process your data for the purposes of submitting a Gift Aid claim to HMRC.
Public Interest
In limited situations we may use data in the public interest. It is likely to be in the public interest to collect data to prevent crime or dishonesty, ensure that we are fair in our practices by carrying out equality and diversity monitoring, or safeguard the wellbeing of people with whom we work.
When and why we will send you personalised marketing communications
Oxfam will only contact you for marketing purposes - for example keep you up to date on our work, or let you know of ways in which you can support that work - where we have your consent or we are otherwise allowed to do so (see Other circumstances in which you may receive marketing information from Oxfam).
We will make it easy for you to tell us if you would like to receive marketing communications from us and hear more about our work and the ways in which you would like to receive this information (post, email, SMS and phone). We will ask you to reconfirm your consent if we have evidence that suggests you may no longer wish to hear from us. We will never send you marketing material if you have told us that you do not wish to receive it. There are a variety of ways you can do this, see How to control what we send you or request we update your personal information.
Other circumstances in which you may receive marketing information from Oxfam
"Legitimate Interest"
We may occasionally contact you for marketing purposes by direct mail or telephone. We will not use "legitimate interest" if you have opted out of direct mail or telephone calls whether direct to Oxfam or by registering with the Mailing Preference Service (MPS), Telephone Preference Service (TPS) or the Fundraising Preference Service (FPS).
"Soft opt in"
This allows organisations to send marketing communications by email and SMS to individuals who have previously purchased similar goods and services, provided they were given the opportunity to opt out at the time of purchase. In Oxfam's case, this allows us to send marketing emails and SMS to previous customers of the Oxfam online shop. We apply a 24-month time limit, and only communicate on this basis where you have made a purchase within this period. We will not use the "soft opt in" option if you have opted out of receiving email and/or SMS, whether direct to Oxfam or via the Fundraising Preference Service.
When we collect information about you
Oxfam may collect your personal data in the following circumstances:
1. When you give it to us DIRECTLY
You may give us your personal data directly when you make a donation, sign up for one of our events, take part in a campaigning action, volunteer at one of our shops, purchase products from the Oxfam Online Shop, or when you communicate with us.
2. When you give it to us INDIRECTLY
You may give us your information indirectly when you sign up to events such as the London Marathon, contribute to Oxfam via fundraising sites like JustGiving or Virgin Money Giving, or participate in a campaigning action with a partner. These independent third parties will pass your data to Oxfam where you have indicated that you wish to support Oxfam and have given your consent or it is a necessary part of completing a contract with you.
Sometimes your personal data is collected by an organisation working on our behalf (for example a professional fundraising agency) but as they are acting on our behalf we are the "data controller" and responsible for the security and proper processing of that data.
3. When you access Oxfam's Social Media
We might also obtain your personal data through your use of social media such as Facebook, WhatsApp, Twitter or LinkedIn, depending on your settings or the privacy policies of these social media and messaging services. To change your settings on these services, please refer to their privacy notices, which will tell you how to do this.
https://www.facebook.com/policy.php
https://twitter.com/en/privacy
https://www.whatsapp.com/legal/#privacy-policy
https://www.linkedin.com/legal/privacy-policy
4. When the information is publicly available
We might also obtain personal data about individuals who may be interested in giving major gifts to charities or organisations like Oxfam. In this scenario, Oxfam may seek to find out more about these individuals, their interests and motivations for giving through publicly available information. This information may include newspaper or other media coverage, open postings on social media sites such as LinkedIn, and data from Companies House. Oxfam will not retain publicly available data relating to major donors without their consent, which will be sought at the earliest practical opportunity. Where we decide not to make contact, we will delete all personal data obtained, other than basic contact details, to which we will apply a suppression flag to ensure we do not make contact in the future.
We may also gather information if your activities relate to our work - for instance, if you are a public figure such as a Member of Parliament or you represent an organisation which we work with or which is related to one of our campaigns we may gather information about you in order to inform our campaigning and make decisions - for instance, whether we engage with you to seek your support for our work, ask your constituents to write to you, or choose to work you in another way.
5. When we use cookies
Cookies are a useful way for us to understand how supporters use our website and/or use an Oxfam app. When you visit our web site or use an Oxfam app we will collect data from your computer or other device such as a smart phone or tablet through the use of "cookies". Cookies are created by your web browser when you visit our website. Every time you go back to the Oxfam website, your browser will send the cookie file back to the website's server. They improve your experience of using our website, for example, by remembering your preference settings so that you are presented with information likely to be most relevant to you, and by measuring your use of the website to enable us to continuously improve our website to ensure that it meets your needs. Cookies can also be used to show you relevant Oxfam content on social media services such as Facebook - these are known as "retargeting'" or "advertising" cookies. We also work with our trusted partner, Epsilon, who will use cookies to show you relevant Oxfam content while you are online. For information on the types of cookies we use, how we use them and how you can control your cookie preferences, see Oxfam's cookie policy.
If you visit our website as an anonymous visitor (e.g. you switch off cookies), Oxfam may still collect certain information from your browser, such as the IP address (an IP address is a number that can uniquely identify a computer or other internet device).
The Oxfam website contains hyperlinks to websites owned and operated by other organisations. These include other media organisations (such as the BBC), research organisations and think tanks (such as the Overseas Development Institute), our festival partners (such as Glastonbury), other related charities (such as Save the Children), and Oxfam affiliates in other countries. These third party websites have their own privacy policies, including policies on their use of cookies, and we urge you to review them. They will govern the use of personal information you submit or which is collected by cookies whilst visiting these websites. We cannot accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.
What information might Oxfam collect about you?
We only collect personal data relevant to the type of transactions or interaction you have with Oxfam.
Whatever your interaction with us this information will be minimal and linked to the purpose for which we need it.
For example, when you contact Oxfam to make a donation, purchase an item online, support our Gift Aid Scheme, take a campaign action, or sign up to any of Oxfam's activities or online content (such as newsletters, competitions, or message boards) or you telephone, email, write to or text Oxfam, or engage with Oxfam via social media channels, we may receive and retain personal information.
In these cases we are likely to process details such as your name, email address, postal address, telephone or mobile number, bank account details to process donations and whether or not you are a tax payer so that we can claim Gift Aid.
If you visit one of our shops or sites we may capture you on CCTV, or you may give information to our staff via a feedback process or through our Retail Gift-Aid Scheme.
If you participate in an event we may (with your permission) take your photograph or video, or interview you.
If you participate in market research, we may ask you questions regarding your experience with us, or other survey questions relating to your experience.
If you are a campaigner or work with our campaigns team, we may collect information such as correspondence with you regarding campaigning, details of your background and activities with us or relating to the issue, the events you attend, or how we would like to work with you.
Where we gather information about you which is publicly available - for instance as a major donor or your views on our campaigning activity – this may include your name, contact details, views and positions you have expressed, and details regarding your circumstances- for instance which political roles you hold or what your background is.
Sensitive Personal Data
We only collect "sensitive personal data" about our supporters, e.g. health status, where there is a clear and specific reason for doing so, such as participation in a marathon or volunteering at a music event or an Oxfam shop.
We collect this data where we need it to ensure that we provide appropriate facilities or support to enable you to participate in the event or carry out your role. Clear notices will be provided on application forms so that it is clear what information we need and why we need it. In certain circumstances, such as when we recruit volunteer festival stewards, we need to obtain information about criminal convictions (where these are unspent) in order to check that it is appropriate for you to undertake the role.
If you apply for a role with us, we may collect this data for equality monitoring. Further details regarding this are outlined in our recruitment privacy policy.
Rarely, we may collect this data for the prevention of crime or dishonesty, to safeguard those with whom we work, or for another reason which is in the public interest. Where we do this we will do it carefully and in accordance with applicable laws.
Should you support Oxfam in a substantial way, we may provide an account manager to help you tailor your relationship to suit your interests. If this is the case we may collect sensitive personal data where relevant to our relationship, such as your political or religious views. Should you disclose information to us about your health or your family, this may also be recorded, so that we can communicate with you in a considerate and appropriate manner.
All sensitive personal data is stored on a secure database, to which only a limited number of relevant staff have access. It is deleted when no longer relevant, is never shared with third parties, and is available to you at any point should you wish to see it.
How will Oxfam use your personal data?
Oxfam will use your personal information for the following purposes:
- For administrative reasons, including:
- "service administration", which means that Oxfam may contact you for reasons related to administering any donations you have made, your tax status with regard to Gift Aid if claimed, the completion of commercial or other transactions you have entered into with Oxfam or the activity or online content you have signed up for;
- to confirm receipt of donations (unless you have asked us not to do this), and to say thank you and provide details of how your donation might be used. for example if you donate via text you will receive a "bounce back" text message;
- in relation to correspondence you have entered into with us whether by letter, email, text, social media, message board or any other means, and to contact you about any content you provide;
- for internal record keeping so as to keep a record of your relationship with us;
- to fulfil sales contracts you have entered into with Oxfam, such as our Retail Gift Aid Scheme, under which we are required to notify you of the proceeds from sale of items you have donated to Oxfam shops;
- to provide logistical and fundraising information to people who are taking part in a fundraising event in aid of Oxfam, such as the London Marathon;
- to communicate with Oxfam volunteers – to support you in your designated role or administer that role and our organisation;
- to keep your data up to date – for instance we use the Royal Mail's data on postal address changes to ensure that we can maintain contact with you where we believe you are happy to be contacted by post, we also use services which notify us of the recently deceased to avoid any distress that continued communications would cause;
- to implement any instructions you give us to with regard to withdrawing consent to send marketing information or informing us through the Fundraising Preference Service that you do not wish to receive any marketing information;
- to use IP addresses to identify the location of users, to block disruptive use and to establish the number of visits from different countries;
- to protect our staff and those with whom we work, or to prevent crime and dishonesty. This will involve frequent fraud and anti-terrorism screening of employees and partners using the World-Check database (Refinitiv – Thomson Reuters), and the use of eDiscovery features on our Microsoft tools to support investigations.
2. For marketing and fundraising reasons (see When and why we will send you personalised marketing communications).
3. For market research
- to invite you to participate in surveys or research about Oxfam or our work (participation is always voluntary);
- to analyse and improve the activities and content offered by the Oxfam website to provide you with the most user-friendly navigation experience. We may also use and disclose information in aggregate (so that no individuals are identified) for marketing and strategic development purposes.
Will Oxfam share your personal information with anyone else?
We will only use your information within Oxfam for the purposes for which it was obtained. Oxfam will not, under any circumstances, share or sell your personal data with any third party for their own marketing purposes, and you will not receive marketing from any other companies, charities or other organisations as a result of giving your details to us.
Oxfam's suppliers
We may need to share your information with service providers who help us to deliver our projects, fundraising activities and appeals, for instance through handling responses to our emergency appeals. These "data processors" will only act under our instruction and are subject to pre-contract scrutiny and contractual obligations containing strict data protection clauses. We do not allow these organisations to use your data for their own purposes or disclose it to other third parties without our consent and we will take all reasonable care to ensure that they keep your data secure.
Current and former Oxfam employees
When you leave Oxfam, Oxfam may process your data to respond to requests for employment references. In addition, OGB participates in the Inter-Agency Scheme for the Disclosure of Safeguarding-related Misconduct in Recruitment Process within the Humanitarian and Development Sector ('Scheme'). Where you apply for employment with another member of the Scheme, they will request a statement from Oxfam disclosing whether you have been found to have committed misconduct (in the form of sexual exploitation, sexual abuse or sexual harassment) while employed at Oxfam. Oxfam will respond to these requests in line with the rules of the scheme.
More details about the Scheme are available on the Steering Committee for Humanitarian Response website.
Find out more about Oxfam's assessment of the privacy impacts of participation in the scheme.
Where legally required
We will also comply with legal requests where disclosure is required or permitted by law (for example to government bodies, statutory bodies, or law enforcement agencies for tax purposes, where it is in the public interest, or the prevention and detection of crime, subject to appropriate protection in law).
Oxfam may transfer your personal data outside the EEA. If it does so, this may occur under the protections of the European Commission's standard contractual clauses, but will otherwise only take place where appropriate standards and safeguards are in place.
Social media
Oxfam uses social media to promote our work. We have accounts on Facebook, X (Twitter), TikTok, LinkedIn, Instagram and Pinterest. We collect donations through Facebook Fundraisers and Facebook Donate and other channels. Where members of the public engage with our posts or publish content relevant to our work, we may like the posts, follow them, reply or write to them. We conduct research on what people say on public social media platforms to better understand how people feel about our sector and to improve our work. This research may be done by staff or companies we work with.
If you are a social media user, we will user social media tools as part of our relationship with you. These tools include the following:
- Facebook Custom and Lookalike audiences
- TikTok
Through using these tools, we may provide your email address and/or phone number to the social media platform to allow them to identify your social media profile. You will then be shown advertising relating to Oxfam which we think you will be interested in seeing. We will only share your data with social media platforms where you are already receiving marketing material from Oxfam via post, email or phone call. The legal basis we apply to this activity is legitimate interest.
The social media platform will also use your profile to identify those with similar characteristics to you who we think may also be interested in finding out more about the work we do. These individuals will then be shown advertising about Oxfam.
To prevent individual social media platforms from showing you advertising on this basis, please refer to the guidance they provide in their own privacy policies. The following links show how to do this for certain platforms:
Facebook: https://www.facebook.com/help/568137493302217
LinkedIn: https://www.linkedin.com/help/linkedin/answer/62931
X (Twitter): https://business.twitter.com/en/help/troubleshooting/how-twitter-ads-work.html
Google: https://policies.google.com/privacy?hl=en-US
Instagram: https://help.instagram.com/155833707900388
Tik Tok: https://www.tiktok.com/legal/page/eea/privacy-policy/en
Pinterest: https://policy.pinterest.com/en-gb/privacy-policy
To prevent Oxfam sharing your personal data with all social media platforms, please contact us at heretohelp@oxfam.org.uk to request this. Please note that while we will ensure that your data is not shared with social media platforms, this does not guarantee that you will not see Oxfam advertising on those platforms. Some of the advertising is shared with broad categories of people, for instance based on age, location or interest groups. It will also not reduce the amount of advertising you will see in your social media feed.
How long will Oxfam keep your personal information?
We will hold your personal information on our systems for as long as is necessary for the relevant activity, for example we will keep a record of donations subject to gift aid for at least seven years to comply with HMRC rules.
If you request that we stop sending you marketing materials we will keep a record of your contact details and appropriate information to enable us to comply with your request not to be contacted by us.
Legacy income is vital to the running of the charity. We may keep data you provide to us indefinitely, to carry out legacy administration and communicate effectively with the families of people leaving us legacies. This also enables us to identify and analyse the source of legacy income we receive.
Where you contribute material to us, e.g. user generated content or in response to a particular campaign, we will only keep your content for as long as is reasonably required for the purpose(s) for which it was submitted unless otherwise stated at the point of generation.
How to control what we send you or request we update your personal information
The accuracy of your information is really important to us. We want to ensure that we are able to communicate with you in ways that you are happy with, and to provide you with information that is of interest.
If you wish to change how we communicate with you, or update the information we hold, then please contact us:
- amend your preferences on our website here: https://www.oxfamapps.org.uk/gdpr/
- email us at changes@oxfam.org.uk
- write to us at: Freepost Oxfam GB
- call us on 0300 200 1300 (Mon-Fri 9am-5pm)
Additionally you can opt out of email and SMS separately:
- Email - You can opt out of marketing emails at any time by clicking the unsubscribe link in any marketing email from Oxfam.
- SMS - You can also opt out of SMS messages by texting NOINFO to 70066, this is charged at your standard text rate.
How long will it take for these changes to be effective?
We endeavour to meet the following service levels where supporters request we do not send them marketing information:
- Email - 24 hours from receipt of email
- SMS - 24 hours from receipt of SMS
- Telephone - 24 hours from receipt of request to opt out
- Mail - 28 days from receipt of 'do not mail' request. This period is longer than for other channels due to the production times for mailing campaigns, and in most cases we would expect the change to be effective much more quickly.
Should you request we stop marketing to you by completing our preferences web page, it may take up to 10 days to complete your request due to the manual nature of this process.
How Oxfam keeps your data safe
We ensure that there are appropriate technical controls in place to protect your personal details. For example our online forms are always encrypted and our network is protected and routinely monitored.
We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff, volunteers and contractors.
We use external companies to collect or process personal data on our behalf. We do comprehensive checks on these companies before we work with them, and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they collect on our behalf, or have access to. We have a robust partner monitoring framework to ensure these contractual obligations are met.
These organisations - referred to as "Data Processors" also have legal liability for the way in which your data is used, providing you with additional protection.
Oxfam’s use of cookies
For information on the types of cookies we use, how we use them and how you can control your cookie preferences, see Oxfam's cookie policy.
Oxfam's use of analysis tools
Google Analytics Tool
Our use of Google Analytics Tool
We use Google Analytics 4 ("GA4") to collect data about how people use our website so we can improve its design and functionality. We also use the data to get the most out of our marketing campaigns.
GA4 collects a variety of data, including:
- The pages you visit on our website.
- The length of time you spend on each page.
- The links you click on.
- Your IP address.
- Your device information.
We use this data to create anonymous reports about website traffic and user behaviour. We do not share this data with Google or any other third parties. Google Analytics will transfer your data to the United States. Data will be retained in line with Google's product retention policy. In line with this policy, we have set the retention to the default product standard. This is to balance the benefits described above with not overusing user data. For further details on these retention dates, and further explanation for what each data teams means, please see the Google Data Retention Policy as following:
- Data type: User-level data
Retention period: 2 months - Data type: Event-level data
Retention period: 14 months - Data type: Event-level data
Retention period: 14 months - Data type: Google-signals data
Retention period: 26 months - Data type: Google signed-in data
Retention period: 26 months
You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on, or by updating your cookie preference for our page. Please see our cookie policy
Google's ability to use and share information collected by Google Analytics about your visits to this Site is restricted by the Google Analytics Terms of Service and the Google Privacy Policy. For further information around Google Analytics and Google Signals please see product pages.
Your rights over your personal data
You have a variety of rights in respect of your data, including the rights to see, update, restrict, object to the use of or withdraw use of your data. In particular, depending upon why we hold your data, you may have the right to request:
- Access to the personal data we hold about you, including how we first obtained your details, free of charge in most cases (this is known as a 'Subject Access Request').
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop using your personal data for direct marketing (either through specific channels, or all channels).
- That we remove your personal data from our systems (this is known as the "Right to be Forgotten").
- That we no longer process your data automatically to decide whether particular marketing activities are likely to be of interest, or suggest an appropriate donation level based on your previous donation history. This is known as profiling, and helps us to ensure that our marketing is relevant and appropriate.
You can contact us to request to exercise these rights at any time, see How to control what we send you or request we update your personal information for details of how to get in touch.
Opting out of Direct marketing
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We will always comply with your request.
Where we are sending you direct marketing on the basis of our legitimate interest, you can also ask us to stop. In the case of postal marketing sent on this basis, we will always comply with your request to opt out. Similarly, where we send email marketing on a soft opt in basis (see How and when we collect information about you), we will also comply with all requests to opt out.
Right to be Forgotten
Upon request we will remove your personal data from our systems, to the extent that we are permitted to by law or regulatory guidelines. For instance under HMRC rules we are required to retain financial data for 7 years for audit purposes, and so will not be able to delete donation details until this time period has elapsed.
Opting out of profiling
Upon request we will cease using your personal data to decide whether you would be interested in particular updates and other marketing. Such requests may lead to you not hearing from us in future.
Subject Access Requests
You have the right to request a copy of the personal information we hold about you. We will provide this as soon as possible, and within a month unless there are specific reasons why this would not be possible. We will always let you know if this is likely to be the case.
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.
If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
How to find out more, or make a complaint about Oxfam’s approach to data protection
If you would like more information, to update your details or have any questions about this policy, please contact our supporter relations team by email at changes@oxfam.org.uk or write to us at: Supporter Relations, Oxfam GB, Oxfam House, John Smith Drive, Oxford, OX4 2JY, or call us on 0300 200 1300 (Mon-Fri 9am-5pm).
To make a formal complaint about Oxfam's approach to data protection or raise privacy concerns directly with our data protection team, please contact:
The Data Protection Officer
Oxfam GB
Oxfam House
Oxford
OX4 2JY
Email: privacy@oxfam.org.uk
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner's Office.
You can contact them by calling 0303 123 1113.
Or go online to www.ico.org.uk/concerns (opens in a new window; please note we can't be responsible for the content of external websites).
Changes to Oxfam's Privacy Policy
This Privacy Policy may be updated from time to time so you may wish to check it each time you submit personal information to Oxfam. The date of the most recent revisions will appear on this page. If you do not agree to these changes, please do not continue to use the Oxfam website to submit personal information to Oxfam. If material changes are made to the Privacy Policy we will notify you by placing a prominent notice on the website.
Privacy FAQs
Q. Does Oxfam obtain data from other organisations?
A. Oxfam receives data from a limited number of Third Parties, including:
- CACI Ltd - who provide summarised data at postcode level (this is typically 16 houses). This includes data such as age, income, house type, and the ages of children in the household. We use this information to decide who to target for our marketing campaigns, so as to improve the effectiveness of our fundraising, and to ensure we do not send out marketing information which is unlikely to be of relevance.
- Sagacity - who provide data on house movers and the deceased so that we can keep our records up to date and make sure we only send marketing materials where appropriate. This data is only obtained where it is consistent with current data protection laws and Oxfam's Fundraising Policy, and where you have given permission for it to be shared for this purpose.
- Publicly available sources such as Twitter, Facebook, LinkedIn, parliamentary records, or statements which you make publicly, depending upon our relationship with you - in particular we are likely to collect these in connection with our campaigning activities
- From the following suppression services;
- The Mail Preference Service (MPS), which ensures we do not send unsolicited mail to those who have indicated they do not wish to receive it.
- The Telephone Preference Service (TPS), which ensures we do not telephone people who do not wish to receive unsolicited phone calls.
- The Fundraising Preference Service (FPS), which ensures we do not send unsolicited marketing material to people who have indicated that they do not wish to hear from Oxfam.
Q. Does Oxfam use profiling as part of its marketing campaigns?
A. How we target our marketing campaigns (profiling)
Profiling is a common technique used in direct marketing and involves analysing data to improve the targeting of communications. Oxfam uses profiling techniques to help ensure our communications are relevant. Profiling allows us to target our resources effectively, which donors consistently tell us is a key priority for them. It enables us to raise more funds, sooner, and more cost-effectively, than we otherwise would. The data may have been provided to Oxfam by our supporters when responding to our marketing campaigns, or when using our website, or social media sites such as Facebook. It may also have been provided by external organisations as described below.
When building a profile we may analyse geographic, demographic and other information relating to you, as well as your previous responses to our marketing campaigns. We do this in order to determine whether we believe a particular marketing campaign might be of interest. Some of the data is provided by external organisations and may be provided at an aggregate level (e.g. by postcode). Where it relates to you as an individual we check that you have provided your express consent to the relevant third party for this use of your data. This helps to maximise the effectiveness of our campaigns and to minimise the wastage that would result from sending marketing information where it is not of interest. You have the right to request we cease this profiling, for details see Your rights over your personal data.
Other relevant policies you might want to view can be found here:
- Oxfam's vulnerable people policy
- Oxfam's complaints policy
- Oxfam's cookies policy
Updated: 24 July 2024