Welcome to our website (“Site”) operated by Oxford and Cambridge Society of New England, Inc. (“OxCamNE," "we," and "our"). This Privacy Statement (“Privacy Statement”), which is part of our Terms, explains how OxCamNE collects, uses, shares, and stores information we collect about you (“you” and “your”). By using our Site, you agree to this Privacy Statement. We may modify the Privacy Statement at any time by posting a revised version on our Site or, if we determine appropriate, by sending you an email or other notice. Please review this Privacy Statement from time to time because your continued use of our Site after a modified Privacy Statement has been posted indicates your consent to the Privacy Statement.
OxCamNE is an independent, volunteer-run, non-profit organization whose purpose is to promote and support the interests, welfare, and influence of the Universities of Oxford and Cambridge, U.K. (known together as “Oxbridge”), their alumni, and prospective students in the New England region. Each year the Society holds a variety of educational events with an Oxbridge connection for members and their guests.
Collection and Use of Your Personal Data
OxCamNE collects personally-identifiable information about you (“Personal Data”) on our Site when you voluntarily provide it to us such as filling in forms on our Site and communicating with us by telephone, email, or otherwise. Personal Data may include your name, physical address(es), email address(es), telephone number(s), college affiliation(s) and matriculation year(s), and any other data that you provide. This Privacy Statement applies to all Personal Data, whether we collect it online or offline.
We will use your Personal Data for the purposes for which you provide it, such as processing your membership, registering you for an event, and sending you information about events and other Society activities, surveys to improve the Society’s offerings, and, occasionally, other items of interest.
If you ever wish to stop receiving communications, you may opt out by following the “unsubscribe” instructions in email communications, or sending an email to email@example.com.
Sharing Your Personal Data
We do not share your Personal Data with third parties other than those we use to support our website and operations (e.g., which provide services such as website hosting, emails, and payment card processing). We may also share your information with the volunteers who serve as our officers, directors, and on our operating committees as necessary for them to perform their roles.
The transactional portions of our website (e.g. joining or renewing as a member, or registering for an event) require the use of a ‘session cookie’ which is used to authenticate who you are (by sending a one-time security code to your email address) and track context through the transaction. These cookies are discarded at the end of the browser session, or may optionally be kept in your browser for up to 3 months by ticking ‘remember me’ when you authenticate yourself.
Our Site is not currently configured to respond to “do not track” signals or similar mechanisms.
Data Subject Rights
Data subjects in the European Economic Area and other jurisdictions may have rights in relation to their Personal Data which include:
• Right to rectification: Data subjects may request that we rectify any inaccurate or incomplete Personal Data.
• Right to withdraw consent: Data subjects may at any time withdraw their consent to the processing of their Personal Data carried out by us on the basis of their previous consent. Such withdrawal will not affect the lawfulness of processing based on such previous consent.
• Right to make a subject access request (SAR): Data subjects may request in writing copies of their Personal Data. However, compliance with such requests is subject to certain limitations and exemptions and the rights of other individuals. Each request should make clear that a SAR is being made. You may also be required to submit a proof of your identity and any payment permitted by law, where applicable.
• Right to object to processing including automated processing and profiling: We do not make automated decisions about data subjects. However, we may rely on information provided by third parties such as credit reference agencies which may score data subjects on the basis of automated decisions. Profiling may be carried out for business administration purposes, such as monitoring trends in user visits of our website and in order to deliver relevant ads to users’ devices. We will comply with valid objection requests unless we have a compelling overriding legitimate ground for the continuation of our processing or we have another lawful reason to refuse such request. We will comply with each valid opt-out request in relation to marketing communications.
• Right to erasure: Data subjects may request that we erase their Personal Data. We will comply, unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping the Personal Data, such as our business record retention obligations with which we must comply.
• Restriction: Data subjects may request that we restrict our processing of their Personal Data in various circumstances. We will comply, unless there is a lawful reason for not doing so, such as, a legal obligation to continue processing your Personal Data in a certain way.
• Right to data portability: In certain circumstances, data subjects may request the controller to provide a copy of their Personal Data in a structured, commonly used, and machine-readable format and have it transferred to another provider of the same or similar services. We do not consider that this right applies to our services. However, to the extent it does, we will comply with such transfer request. Please note that a transfer to another provider does not imply erasure of the data subject’s Personal Data which may still be retained for legitimate and lawful purposes.
• Right to lodge a complaint with the supervisory authority: We suggest that data subjects contact us about any questions or complaints in relation to how we process their Personal Data. However, each data subject has the right to contact the relevant supervisory authority directly.
Legal Basis for Processing Personal Data
The legal basis for processing your Personal Data typically include: (i) our own or third parties’ legitimate business interests (e.g., in maintain and promoting our member services); (ii) performing a contract with you; (iii) your consent where appropriate; (iv) to protect your vital interests; or (v) to comply with our legal obligations.
Please contact us at firstname.lastname@example.org if you have any concerns or questions about this Privacy Statement or you wish to ask us not to process your Personal Data for particular purposes. Where you have specific requests relating to how we manage your data, we will endeavor to resolve these, but please note that there may be circumstances where we cannot comply with specific requests.
If you have any concerns about your Personal Data held by the University, your College, or other alumni organizations, you will need to contact them separately.
We will take reasonable measures (e.g., firewalls and authentication procedures) to protect your Personal Data from unauthorized access, loss, corruption, and alteration. Of course, even protected sites can be subject to hacking, technological glitches, user misconduct, and administrative errors, and we assume no liability for any of these actions or occurrences or their results.
You provide your Personal Data at your own risk.
Location of Servers
Our servers are located in the United States. If you are located outside the United States, be aware that the information you provide us will be transferred to the United States and that the law applicable to the protection of User Information in the United States may be different from the laws of your jurisdiction. By using our Site or providing Personal Data to us, you consent to this transfer and to the collection, storage, processing, and use of your information in the United States as described in this Privacy Statement.
We will retain your data indefinitely until you request us to do otherwise.
Children under Age Thirteen
Our site is not intended for use by children under age thirteen. We do not knowingly collect Personal Data from children under age thirteen. If we learn that we have inadvertently collected any Personal Data from a child under age thirteen, we will delete it. If you are a parent or guardian and you believe that your child under age thirteen may have provided Personal Data through our Site, please contact us at email@example.com.
If you have any questions about our Site or this Privacy Statement, please contact us by email at firstname.lastname@example.org.
Last Updated: September 8, 2021