Skip to main content
Logo

Privacy policy

Owen Mumford Limited (“us” or “we”) is committed to protecting and respecting the privacy of everyone we interact with, including visitors to our website, customers, suppliers, enquirers, and anyone else we engage with as part of our business.

This Policy explains how we use, store, and transfer personal data collected when you visit our website at www.owenmumford.com (the “Website”) or otherwise in the course of our business (unless we let you know that a different privacy policy applies).

We may also collect personal data and/or anonymized data through the use of “cookies.” The collection and use of cookies is governed by our cookie policy, which you can read by clicking here.

Please read the following details carefully to understand how we handle your personal data and use cookies. By using the Website, you accept the practices outlined in this Privacy Policy, our Cookie Policy, and our Website Terms and Conditions, and you agree to our Medical and Liability Disclaimer and Intellectual Property notice.

If you have not yet read our Website Terms and Conditions, you can do so by clicking here.

We are the data controller for the personal data described in this Policy. We are a company registered in England and Wales under company number 01257871, with our registered office at Primsdown Industrial Estate, Worcester Road, Chipping Norton, Oxfordshire, OX7 5XP, United Kingdom. Our VAT number is GB195 9293 07.

Summary
Personal data refers to any information about an individual that can be used to identify them. It does not include data that cannot identify you or is not connected with your personal data (anonymous data).

More details are provided in the relevant sections below, but here is a summary:

  • We usually receive your personal data directly from you, but sometimes we may get it from a third party who is connected to both you and us (for example, if one of our distributors refers you to us, or if you are a family member of an employee who lists you as a beneficiary for benefits purposes or as a designated driver for a company car);
  • We use your personal data to deliver our services, operate our business, keep accurate records, and meet our legal obligations;
  • We only share your personal data with third parties for our business needs or as permitted by law. We do not share your data with third-party advertisers;
  • We store personal data for defined retention periods;
  • You have legal rights regarding your personal data, which you can exercise upon request;
  • The Website uses cookies; and
  • You can contact us with questions about anything in this Policy.

Information We May Collect from You
Depending on our relationship with you, we may collect and process the following data:

  • Identity Data: this may include your name, date of birth, job title, and any other information you give us when you contact us;
  • Contact Data: includes address (home, mailing, or other physical address), email address, and phone numbers;
  • Transaction Data: includes details about payments to and from you and other information about services you have purchased from us, such as contracts, purchase orders, invoices, proposals, etc. This data is generally not collected through our website and mostly applies if you are one of our customers.
  • Financial Data: includes your payment account details and transaction information. We do not typically collect or process credit or debit card information; these details are collected by our chosen payment processing provider.
  • Visitor Data: information about any visit you make to our premises, such as your vehicle registration number, contact details, your role, the reason for your visit, and CCTV images or footage if you enter a secure area with CCTV monitoring.
  • Marketing and Communications Data: includes your preferences for receiving marketing from us and our partners and your communication preferences.
  • Usage Data: includes information about how you use our website, products, and services.

How we collect personal data
We use several methods to collect data from and about you, including:

  • Direct interactions: you may provide us with Identity, Contact, and Financial Data when you correspond with us by mail, phone, email, via our website, or otherwise, or when you enter into a contract with us for our services.
  • Transaction and Financial Data will be collected as part of any contracts you or your employer enter into with us.
  • Visitor Data will only be collected if you visit our facilities.
  • Marketing and Communications Data may be collected electronically or through other interactions with you.
  • Third parties or publicly available sources: Your personal data may be provided to us by someone else with whom both you and we are connected (for example, a distributor in your area, a collaborator, or your employer if we are doing business with them and need to communicate with you). We might also obtain this data through our market research if you have a public role at an organization we do or wish to do business with.

Automated technologies or interactions.
When you interact with our website, we may automatically collect Usage Data related to your device, browsing actions, and patterns. We gather this data using cookies and similar technologies. For example, we might collect information about your computer, including your IP address, operating system, and browser type, for system administration and statistical analysis. This data is statistical and does not identify you personally. We may also use cookies to learn how visitors use our site, following our cookie policy, which you can read by clicking here. Some Marketing and Communications Data may also be collected this way.

  • Employee data: If you are a family member or otherwise associated with one of our employees, that employee may provide us with your personal data (like your name and contact information) in connection with company benefits or our responsibilities as an employer. For example, you might be designated as a driver for a company car, as an emergency contact, as a beneficiary for death-in-service benefits, or as a co-parent in a paternity leave application.

We may also collect, use, and share special categories of personal data (for example, information about your physical or mental health), but only if you provide this information to us directly.

Where We Store Your Personal Information
All information you provide to us or that we collect from you is stored on our secure servers or on the servers of our hosting service providers, which may change from time to time. We may share your personal data with other Owen Mumford group companies or with our service providers as described below, and our or their servers could be located outside of the UK. This means your information may be transferred to, and stored in, a destination outside of the UK. It may also be processed by staff working outside the UK for us or for one of our group companies or suppliers (for example, the most appropriate group member may handle and respond to your inquiry).

Whenever we transfer your personal data outside the UK, we make sure that the same degree of protection applies as within the EEA by ensuring at least one of the following safeguards is in place:

  • Your personal data will be transferred to a country assessed by the ICO to provide adequate protection for personal data (this typically applies to transfers to the EEA).
  • If we use service providers, we will use specific contracts approved by the ICO that give personal data the same protection as in the UK.
  • If we use a service provider in the US, we may rely on the UK extension to the EU-US privacy bridge (similar to an adequacy decision). If this does not apply, we will use approved contractual safeguards to protect your data. Please contact us if you want more details about our safeguards for overseas transfers.

Uses Made of the Information
We (and, if relevant, our group companies) use information about you for the following purposes:

  • To make sure that content from the Website is displayed in the best way for you and your device;
  • To contact you and address any questions you have or otherwise in connection with our relationship with you;
  • To fulfill our obligations under any contracts made between you and us;
  • To make and receive payments;
  • To manage our business and operations, and our commercial relationships with other businesses;
  • To use data analytics to improve the Website, our products/services, marketing, customer relationships, and user experience; and
  • To provide you with information about our products or services that you request or that we think may be of interest to you, including, where required by law, after you have given consent to be contacted for these purposes;
  • To pursue or defend legal claims, as well as for recordkeeping, hosting, backup, and system restoration.

Unless otherwise described in this Policy or our Cookie Policy, we do not sell, trade, or rent your personal information to third parties and will not share your information with third-party advertisers.

If we use your data for marketing, we will: i) when required by law, notify you before we collect your information and request your consent or give you an opportunity to opt out; and ii) stop contacting you in this way if you request it. You can exercise your right to opt out by contacting us at info@owenmumford.com or by clicking “unsubscribe” in any marketing emails from us.

Disclosure of Your Information
We may share your personal information with any member of our group, meaning our subsidiaries, our ultimate holding company, and its subsidiaries, as defined by the UK Companies Act 2006, section 1159. For example, group companies might use shared hosted servers to store data. Similarly, personal data may be shared within the group to achieve organization-wide goals (like ensuring that the right group company can answer your inquiry).

We may also disclose your personal information to third-party providers, particularly those:

  • who serve as our advisers (like insurers, legal, or professional advisors) to seek advice or manage legal disputes;
  • who provide website hosting services;
  • who provide analytics services related to Website use;
  • who provide us with email, marketing, and customer relationship management services;
  • who work as consultants or freelancers for us, where their role requires access to personal information;
  • who offer logistics and fulfillment services;
  • who process payments for us;
  • who provide fraud protection, credit risk reduction, or debt recovery services; or
  • who are designated by you for reasons specified by you (for example, if you want us to introduce you to one of our distributors in your region).

We do not allow data processors we appoint to use your personal information for their own purposes. They can only process your personal data according to our instructions and applicable law, and only for the purposes we specify.

We may disclose your information if all or part of our business is acquired by another party; in such cases, customer data will be one of the transferred assets. We may also disclose your information if required to do so by law or if we need to enforce or apply our Website Terms of Service or other agreements.

As noted above, sometimes your personal data may be transferred outside the UK. When this happens, we will ensure transfers, whether by us or our appointed data processors, are made lawfully, as outlined above (that is, an adequacy decision applies, the UK extension to the privacy bridge with the US applies, or approved contractual clauses are used). You may contact us for more information about these safeguards.

Automated Decision-Making
Automated decision-making involves an electronic system using your personal information to make a decision without any human involvement.

  • where this is necessary for us to make decisions faster and boost efficiency, and proper safeguards are in place to protect your rights; and
  • in limited situations, with your explicit written consent and where appropriate safeguards are in place to protect your rights.

We may automatically route inquiries you send us to the most suitable team within our group companies, based on your IP address location. This process is automated and does not involve human intervention, helping us to handle and respond to your inquiry more efficiently. This does not affect your legal rights.

You will not be subject to decisions that have a significant impact on you made solely by automated means, unless we have a lawful basis and have notified you.

Purposes for Which We Process Your Data and the Legal Basis for Doing So
Below is a table describing all the ways we may use your personal data and the legal bases we rely on to do so. We also identify our legitimate interests, where applicable (these are the interests of our business in operating and managing our work so we can give you the best and most secure service possible).

We ensure we consider and balance any potential impact on you (both positive and negative) and your rights before we use your data for our legitimate interests. We do not use your personal data for activities where our interests would override yours, unless we have your consent or are otherwise required/permitted by law. Note that we may use your personal data for more than one lawful reason depending on how it is being used. Please contact us if you need more details about the specific legal basis for any processing listed in the table below.

We only use your personal data for the reasons we collected it unless we reasonably decide another reason is compatible with the original purpose. If you wish to know how another processing purpose is compatible with the original one, please contact us. If we need to use your personal data for a different unrelated purpose, we will notify you and explain the legal basis for doing so.

 

Purpose/ActivityType of DataLegal Basis for Processing, including Basis of Legitimate Interest
To ensure that content from the Website is presented in the most effective manner for you and for your computerInformation that you provide by filling in forms on the Website or otherwise by contacting us using the Contact form provided on the Website, and details of your visits to the Website including, but not limited to, traffic data, location data, files downloaded, weblogs and other communication data.(a) Necessary for our legitimate interests (to define types of customers for our products and services, to keep the Website updated and relevant, to develop our business, to inform our marketing strategy, for running our business, provision of administration and IT services, network security, to prevent fraud
and in the context of a business reorganisation or group restructuring exercise); and (b) Necessary to comply with a
legal obligation
To correspond with you and to address
any queries you may raise through our
Website or otherwise or otherwise
correspond in connection with any
actual or potential business relationship we may have with you		Contact information, including information that you provide by filling in forms on the Website or otherwise by contacting us, and copies of your correspondence with us. This information may include your name, address, date of birth, email address and any other information you provide to us when contacting us (including any special categories of personal data).(a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to address our customers’ concerns and queries); (d) Necessary for our legitimate interests, namely properly administering our
business and communications, and developing our relationships with interested parties.
To carry out our obligations arising
from any contracts entered into  between you and us		Contact information, including information that you provide by filling in forms on the Website or otherwise by contacting us, and copies of your correspondence with us. This information may include your name,  address, date of birth, email address and any other information you provide to us when contacting us (including any special categories of personal data). Documents featuring personal data, such as purchase orders, proposals, contracts and the like.Performance of a contract with you
To make and receive paymentsContact details, payment account details and transaction details, including  associated documents and correspondence.(a) Performance of a contract with you; or (b) Necessary for our legitimate interests (to make and receive payments)
To use data analytics to improve the
Website, products/services,
marketing, customer relationships and experiences		Information relating to your visits to the Website including, but not limited to, traffic data, location data, files downloaded, weblogs and other communication data.Necessary for our legitimate interests (to define types of customers for our products and services, to keep the Website updated and relevant, to develop our business and to inform our marketing strategy)
To provide you with information
regarding our products or services, news or updates that
you request from us or which we feel may interest you		Information that you provide by filling in forms on the Website, at trade shows or otherwise, or by contacting us, or information which we receive from third parties, and copies of your correspondence with us. This information may include your name, address, and email address.(a) Necessary for our legitimate interests (to develop our products/services and grow our business); or (b) your consent, where required by law.
Ensuring the security and safety of our staff and premises.Visitor data, such as vehicle registration number, contact details, role, the purpose of your visit, together with CCTV images or footage if you enter any secure area where CCTV is used.Necessary for our legitimate interests (ensuring the safety and security of our premises). Necessary to comply with legal obligations in relation to health and safety.
To carry out our duties as an employer, and to administer  benefits offered to our employeesEmployee data, i.e. information relating to our employees’ families, next-of-kin or nominated beneficiaries.Necessary for our legitimate interests (administering benefits packages). Necessary to comply with legal obligations.
Record-keeping and hosting, back-up and restoration of our systemsAny personal dataNecessary for our legitimate interests (ensuring the resilience of our IT systems and the integrity and recoverability of our data).
For the purposes of bringing and
defending legal claims		Any personal dataNecessary for our legitimate interests (being able to conduct and defend legal claims to preserve our rights and those of others).
For the purposes of legal compliance (e.g. maintaining tax
records, product sales records)		Any personal dataNecessary to comply with a legal obligation

If we have a legal basis to use your personal data without consent (as described above), this policy serves as our duty to process personal data fairly, lawfully, and in a manner you would expect given our relationship, by providing adequate notice and explanation of how your data will be used.

Where consent is required to use your personal data, by checking the relevant consent box or otherwise communicating your consent, you agree to our use of your data for the purposes covered by that specific consent. For example, in some cases we may have requested your consent to use your data for marketing.

Generally, we do not rely on consent as our legal basis for processing your personal data except for sending direct marketing from third parties to your email. You have the right to withdraw consent for marketing at any time by contacting us or using the “unsubscribe” (or similar) link in any marketing communication. If you opt out of these marketing messages, this does not affect data provided for product or service purchases, warranty registration, experience, or other transactions.

Marketing
As mentioned earlier, we may send or show you information about us, such as news, events, products, and services that we think may interest you.

We do not share your personal data with third parties so they can use it for marketing purposes, except where they do so on our behalf.

Security of Information
We are committed to protecting your personal data. We have put in place appropriate security measures to keep your personal data from being accidentally lost, used, or accessed without authorization, altered, or disclosed. We also restrict access to your data to employees, agents, contractors, and other third parties with a business need to know. They can only process your data on our instructions and must keep it confidential.

When we share personal data with third parties in line with this privacy policy, we ensure that appropriate safeguards are used to protect your data.

We have implemented procedures to handle any suspected data breach, and will notify you and any relevant regulator if required by law.
Sending data over the internet cannot be guaranteed to be 100% secure. Although we do our best to protect your information, transmission to our website is at your own risk. Once received, we use strict procedures and security features to try to prevent unauthorized access. We encourage you to protect your data when online.

Retaining Your Information
We only keep your personal data as long as necessary to fulfill the purposes we collected it for, including any legal, accounting, or reporting requirements. We may keep your data longer if there is a complaint or we believe litigation is possible regarding our relationship with you.

To determine how long we keep personal data, we consider the amount, nature, and sensitivity of the data, the risk from unauthorized use or disclosure, the reasons we process it, whether those reasons can be met in another way, and applicable legal obligations.

Your Rights
You have rights under data protection laws – they are complex and subject to exceptions. For more details, see the Information Commissioner’s Office (ICO) guidance at ico.org.uk. In summary:

  • Right to access: you can confirm whether we process your data and, if so, access it along with certain information;
  • Right to rectification: you can have your inaccurate or incomplete data corrected or updated;
  • Right to erasure: in some situations, you can have your data erased (for example, if it is no longer necessary or processed for direct marketing);
  • Right to restrict processing: you can ask us to restrict the use of your data. While restricted, we may continue to store it and comply with the restriction unless otherwise allowed by law;
  • Right to object to processing: you can object to us processing your data where we rely on legitimate interests (see above) or for direct marketing, and if so we will stop unless allowed by law. If you have given consent for things like team updates or marketing communications but change your mind, you can opt out anytime using the information below or in communications you receive.
  • Right to data portability: you can request your data if we’re processing it as part of a contract with you and it’s done automatically;
  • Withdraw consent at any time: if we’re relying on consent, you can withdraw it. This does not affect earlier processing done before withdrawal. You may lose access to certain products or services as a result, and we’ll inform you at that time. You can opt out of marketing at any time by clicking “unsubscribe” (or similar) in any message or contacting us directly. Opting out will not affect data given to us due to a purchase or other transaction; and
  • Right to complain to a supervisory authority: if you think our data processing is unlawful, you can file a complaint with the ICO (
    www.ico.org.uk). We’d appreciate the opportunity to resolve your concerns before you contact the ICO, so please reach out to us first.

Third Parties
The Website may contain links to and from the websites of our partners, advertisers, or others, including links to our social media pages hosted by third parties like LinkedIn, Facebook, Twitter, Google, and YouTube. If you follow a link to one of these sites, please note they are operated by third parties with their own privacy policies about any data you submit. We do not accept responsibility or liability for how your data is used by those third parties or under their privacy policies. Check those policies before providing data on those sites.

Changes to our Privacy Policy
Any updates we make to our Privacy Policy will be posted on this page, and where applicable, notified to you by email. Please review this page periodically.

Contact Us 
If you have concerns about any content on the Website, or questions or comments regarding this Policy, contact us at info@owenmumford.com, by recorded delivery to our mailing address at Brook Hill, Woodstock, Oxford, OX20 1TU, United Kingdom, or by using the “Contact” form on the Website at clicking here.

Last update April 2025.

Get in touch

* Field is required.