Explore our resources
Support
About the company
Privacy Notice
This policy provides details on how OASIS Group protect data and personal information
01 — About This Notice
Aim of This Notice
This privacy notice explains how OASIS Group (OASIS) uses and protects any personal information that we receive or collect from you when you visit our website www.oasisgroup.com or contact us via telephone or email, when we promote or deliver our products and services to you, when you apply for a role with us via our website, or when we communicate or deal with you on any other matter. This includes personal information about you and your choices about what marketing information you would like us to share with you.
This notice also tells you about your privacy rights and how you are protected by the General Data Protection Regulation (GDPR) and all other relevant and applicable data privacy and data protection laws in the countries in which we operate.
02 — Scope
Scope of This Notice
This notice applies to all personal information that OASIS holds on its clients, prospective clients, prospective Team Members, suppliers, consultants and any other interested parties, either in physical or electronic format, including online.
It also includes other information that we collect about you that does not directly personally identify you, for example the pages you have visited on our website.
It does not relate to any information that we process on behalf of our clients when providing services to you which are outlined in your contract with us, such as collecting items and placing them into storage, scanning items into digital format or shredding items that you have asked us to destroy.
Team Member Privacy
This notice does not cover personal information relating to OASIS Group Team Members. This is covered in a separate Data Protection Privacy Notice (employment) which can be downloaded from our internal document management system.
Links to Third-Party Websites
The OASIS website contains links to other websites hosted by third parties. If you click on links to other websites, you should read their own privacy policies or notices. This privacy notice only applies to the OASIS website.
03 — Our Commitments
Our Privacy Promise
OASIS is committed to safeguarding your privacy and it is of utmost importance to us. If we ask you to provide certain personal information, you can be assured that it will only be used in accordance with this privacy notice.
We promise to:
- Keep your data safe and private
- Never share your information outside of the OASIS group, unless required to do so by law or to fulfil our contract with you
- Not sell your data
- Give you ways to manage and review your marketing choices at any time
Your privacy is also protected by applicable data privacy and data protection laws including the GDPR. For further details of how we protect and safeguard your information, please refer to our GDPR Statements of Compliance on our website.
Who We Are and How to Contact Us
The primary purpose of OASIS is to store information and records on behalf of its clients and ensure that their confidentiality, integrity and availability are protected and maintained at all times. The OASIS Group aims to be the trusted information management partner of choice by securely managing our clients’ information whilst providing a reliable and efficient service.
Head office: Unit 3 Swords Business Campus, Balheary Road, Swords, Co. Dublin, K67 TY09, Ireland.
If you have any queries about this privacy notice or the information we hold about you, please contact:
OASIS Group Compliance team:
compliance@oasisgroup.com
or GRCI Law:
eurep@itgovernance.eu
OASIS Group Compliance team:
compliance@oasisgroup.com
OASIS Group Data Protection Officer, GRCI Law:
dpoaas@grcilaw.com
Tel: +44 333 800 7000
The Information We Collect and How We Use It
The GDPR says that we are allowed to use personal information only if we have a proper reason to do so. We must have one or more of these reasons: your consent; to fulfil a contract with you; when it is our legal duty; when we are acting in the public interest; or when it is in our legitimate interest (meaning we have a business or commercial reason of our own to use your information).
The entries below show how we may use your personal information and the legal basis on which we rely. If we ever intend to use your information for different purposes or reasons, we will provide you with further information before we make those changes.
- Fulfilling contractual responsibilities to deliver products and services
- Communicating with you about products, services, billing and changes
- Communicating with you about partners’ products and services
- Responding to enquiries and providing client care or support
- Invoicing for services
- Responding to prospective client enquiries
- Managing job applications and recruitment processes
- Recording visitors for health, safety and information security purposes
- Making decisions about products, services and offers of interest
- Checking credentials before hiring as a supplier, contractor or consultant
- Placing orders for products or services
- Requesting feedback, for example through client surveys
- Your consent
- Legitimate interests
- Fulfilling contracts
- OASIS internal teams including Client Care, Commercial Marketing, Procurement, HR and Group Compliance
- Any relevant regional sites
- Telemarketing agencies
- Third parties or business partners providing services such as OASIS sales and marketing campaigns or other OASIS-approved products and services
- Identifying any risk of visitors or contractors carrying serious infections such as Covid-19
- Protecting the health and safety of Team Members, visitors and contractors
- Reducing the spread of infections at OASIS or in the wider community
- Consent
- Public interest
- Our regional sites
- OASIS Group Compliance and HR teams where there are health and safety risks or issues
- Protecting information held on behalf of clients
- Fulfilling clients’ contractual requirements
- Legitimate interests
- Fulfilling contracts
- OASIS Group Compliance team
- Senior management who manage the relationship with the supplier
- Fulfilling contractual responsibilities to deliver products and services
- Managing account invoicing
- Checking suppliers, consultants and contractors meet information security and other requirements
- Legitimate interests
- Fulfilling contracts
- OASIS Client Care teams
- Our regional sites
- Invoicing for products and services
- Managing fees and charges
- Sending account-related communications
- Making decisions about relevant products, services and offers
- Paying suppliers for products and services purchased
- Legitimate interests
- Fulfilling contracts
- OASIS Client Care teams
- OASIS Finance and Commercial teams
- Giving you access to our online services for products and services
- Legitimate interests
- Fulfilling contracts
- OASIS IT department
- OASIS Client Care teams
- To investigate and resolve complaints
- Legitimate interests
- OASIS Group Compliance, Complaints, Client Care, Operational or other relevant teams
- The individual the complaint is about
- Professional advisers
- To protect the security of our premises
- To protect the security of information held on our premises, infrastructure and/or systems
- Legitimate interests
- Our IT and Facilities Management teams
- Third party security monitoring providers
- Any other parties required for the investigation and detection of incidents
- Processing your job application and keeping you informed of progress
- Assessing your suitability for the role
- If successful, issuing a contract and setting you up in payroll systems
- Legitimate interests
- Fulfilling contracts
- OASIS HR
- Third party providers such as recruitment agencies and applicant management systems
- Protecting information held on behalf of clients
- Fulfilling clients’ contractual requirements
- Legitimate interests
- Fulfilling contracts
- Legal obligation
- Where permitted, third parties such as DBS, Disclosure Scotland and/or Access NI
- Where applicable, third-party service provider managing the checking process
- OASIS Group Compliance team
- OASIS HR team
- Hiring manager
- Carrying out immigration and right to work checks
- Legal obligation
- Fulfilling contracts
- Immigration authorities
- OASIS Group Compliance and HR teams
- To comply with equal opportunities monitoring obligations
- Legal obligations
- OASIS HR and OASIS Group Compliance teams
- To ensure that our website functions correctly
- To improve your experience of using our website
- Legitimate interests
- Our Marketing department
- To allow us to contact you about our products and services
- Consent
- Our Marketing department
When someone visits www.oasisgroup.com we use Google Analytics to collect standard internet log information and details of visitor behaviour patterns. This information is only processed in a way which does not identify anyone. We also use third-party providers to deliver our e-newsletters and gather statistics around email opening and clicks to help us monitor and improve our e-newsletter.
- Legitimate interests
- Our IT and Marketing departments
- Data centres
- To fix bugs and troubleshoot product functionality
- To support clients with queries or investigations
- To create new services, features, content or make recommendations
- To track behaviour at the aggregate/anonymous level to identify trends
- To ensure that all actions carried out by users are auditable, including who made changes, what changes were made and when
- Legitimate interests
- Our IT department
The information is collected from you, other Team Members and any third parties who may be involved in the administration and/or support of matters raised through our whistleblowing policy and process.
- Legitimate interests
- Relevant managers, HR personnel and professional advisors or consultants
- The third-party provider of the Speak-Up Portal (temporary access only)
04 — Data Sources
Where We Collect Information From
Your personal information is collected from any of these sources:
- From the data you give us, as described above
- From business partners in order for us to fulfil our contractual obligations
- From vendors whose businesses we purchase
- From event logs on user activity within our applications
- From previous employers and recruitment agencies
- From government departments and agencies
- From outside organisations such as companies who introduce you to us through marketing lists, if you have given your permission to those organisations to share your information with us
- We gather statistics around email opening and click-through rates via Pardot. You can unsubscribe at any time. For more information please see Pardot’s privacy notice.
05 — Sharing
Sharing Information
We will only share your personal information in the ways set out in this privacy notice and in the following circumstances:
- To entities or individuals within the OASIS Group of companies who have a legitimate interest in the information
- To third parties who use your personal information to provide certain services such as OASIS sales and marketing campaigns, OASIS approved products and services or recruitment agencies during recruitment activities
- To business partners in order to fulfil our contractual responsibilities to deliver products and services, such as fulfilling your orders or providing OASIS approved products and services
- To any buyer in the event that we sell any part of our business or its assets
- To any regulatory, statutory or legal enforcement body when we are required to meet any applicable law, regulation, legal process or enforceable government request
We enter into confidentiality and data processing terms with any third parties or business partners to ensure that they comply with high levels of confidentiality and best practice in privacy and security standards. All third parties and business partners will only use personal information for the purpose specified and as outlined in this privacy notice.
We will not sell or trade your personal information.
06 — International Transfers
Do We Make Any International Data Transfers?
Information we collect from you will usually be processed in the UK or the EU.
In certain circumstances, we may need to transfer the data to countries outside of the UK or the European Economic Area to fulfil our contract with you or for a compelling legitimate interest of OASIS in a manner that does not outweigh the data subjects’ rights and freedoms. If we do share any personal information outside of the UK or the EEA, we will ensure that the recipient offers an adequate level of protection and security through an appropriate legal mechanism, such as a data processing agreement, standard contractual clause agreements or any other relevant standards, agreements or safeguards in line with Art. 46 of the GDPR or other applicable regulations.
OASIS also minimises the risk to your rights and freedoms by not collecting, storing or transferring more information than is absolutely necessary to provide your requested service.
07 — Retention
How Long We Keep Your Personal Information
We will only keep your personal information for the following time periods:
- For as long as you have given your consent (where consent is the lawful basis on which we are using your information)
- For as long as is necessary for the performance of the contract or service, and in accordance with our own retention notice
- For up to one year after you stop being a client in order to respond to a question or complaint. We may also keep your data for longer than one year if we are required to do so for legal or regulatory reasons or to adhere to our own retention notice.
Information That We Hold on Behalf of Our Clients
If you have an account with OASIS, we do not delete or destroy any information that we hold on your behalf unless we receive a written instruction from you. You are responsible for setting and managing your own time periods for the retention of information which OASIS might store, hold or process on your behalf.
08 — Your Rights
Your Rights
You have certain legal rights relating to the personal information we hold on you.
Access the personal information we hold on you
Request that we restrict how we use your personal information
Withdraw your consent or object to how we process your personal information
Request that your information is corrected, updated, amended or deleted
Request that your information is transferred to another location
To exercise any of your rights, please contact our Group Compliance team or Data Protection Officer using the contact details in section 3.2 above. We will respond within one month of receiving your request.
Keeping Your Information Accurate and Up to Date
We want to ensure that your personal information is accurate and up to date. Please inform us if any of your personal information is inaccurate or needs updating.
Marketing
We would like to send you information about our products and services which might be of interest. If you have consented to receive marketing information from us, you may opt out at any time by contacting our Group Compliance team or Data Protection Officer. You also have the opportunity to opt out via the link included in every marketing email you receive from us. From time to time, we may engage with third parties or service partners to contact you about OASIS products and services. We will inform you of this in advance and you may opt out of such communications at any time.
Complaints
OASIS meets the highest standards when collecting and using personal information. If you are dissatisfied with how we have handled any aspect of your privacy or personal information, please contact our Group Compliance team in the first instance. We also welcome any suggestions for improvement.
You may also contact the relevant regulator in the country in which you reside:
Information Commissioner’s Office (ICO)
www.ico.org.uk
Data Protection Commission (DPC)
www.dataprotection.ie
Data Protection Authority (DPA)
www.privacycommission.be
Autoriteit Persoonsgegevens
autoriteitpersoonsgegevens.nl
Office of the President for Personal Data Protection
kancelaria@uodo.gov.pl
If You Choose Not to Give Us Your Personal Information
If we are requesting your personal information because it is necessary and relevant to the product or service we are delivering, and you withhold this information, it is likely that we will not be able to deliver the product or service, or there will be a delay in doing so.
We sometimes ask for information that is useful, but not required by law or a contract. We will make this clear when we ask for it. You do not have to give us these extra details and it will not affect the products or services you have with us.
We will always ask for your consent before we send you marketing information, and you can refuse this or opt out at any time.
09 — Cookies
Cookies
What Are Cookies?
Cookies are small text files which are placed on the device you are using to browse our website. Cookies do lots of different jobs, like letting you navigate between pages efficiently, storing your preferences, and generally improving your experience of a website. They make the interaction between you and the website faster and easier.
Most websites you visit will use cookies in order to improve your user experience by enabling that website to ‘remember’ you, either for the duration of your visit (using a ‘session cookie’) or for repeat visits (using a ‘persistent cookie’).
How Do We Use Cookies?
To find out more about which cookies are used by the OASIS website and how they are used, please view our separate Cookie Notice on the OASIS website (www.oasisgroup.com).
Cookie Settings
Most web browsers allow some control of most cookies through the browser settings. You can manage the settings of cookies including blocking or deleting them, through your browser settings. However, in a few cases some of our website features might not function as a result. If you need help and support to manage cookies, visit www.aboutcookies.org.
10 — Updates
Changes to Our Privacy Notice
This notice is reviewed at least annually for appropriateness and effectiveness, or whenever significant changes occur. Any necessary changes or improvements identified through these reviews will be implemented and we will inform you whenever we make any changes to this notice.
This notice is regularly audited by a UKAS accredited certification body and the Group Compliance team. It is also subject to regular management reviews.