OCSA Privacy Policy

Privacy Policy

The Online Competition Standards Authority Ltd (OCSA) is committed to protecting personal data and handling it responsibly.

What data we collect

We may collect personal information when you:

• contact us by email or online form

• submit an application for certification

• report a concern

• request information

This may include names, contact details, company information, and information relevant to certification or compliance matters.

How we use your data

Personal data is used only for:

• processing applications

• responding to enquiries

• handling complaints or concerns

• maintaining certification records

• compliance and oversight purposes

We do not sell personal data or use it for marketing unrelated to OCSA’s activities.

Legal basis

Data is processed in accordance with:

• UK GDPR

• Data Protection Act 2018

Data sharing

Information may be shared only where necessary:

• to verify information

• to meet legal obligations

• to protect the integrity of OCSA certification

Data retention

We retain data only for as long as necessary for regulatory, legal, or operational purposes.

Your rights

You have the right to:

• request access to your data

• request correction of inaccurate data

• request deletion where appropriate

Requests can be made to: info@ocsa.org.uk

This policy will be reviewed and updated as OCSA develops. This version updated December 2025