Legal

Privacy policy

Last updated: 16 July 2026

This policy explains how we collect, use, share and protect personal data when you visit onlineoceans.com, contact us, or do business with us, and the rights you have under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Online Oceans Robotics Limited (trading as Online Oceans) is the data controller responsible for your personal data. We are a company registered in England and Wales under company number 15290665, with our registered office at 7 Bell Yard, London, WC2A 2JR.

We do not have a statutory data protection officer. For anything relating to this policy or your personal data, contact us at hello@onlineoceans.com or by post to the registered office above, marked for the attention of the directors.

2. Personal data we collect

We collect personal data in the following ways:

Our website and services are aimed at organisations. The personal data we process is almost entirely business contact data relating to people acting in their professional capacity.

3. Purposes and legal bases

UK GDPR requires us to have a lawful basis for each use of personal data. The table below sets out what we do, the data involved and the basis we rely on.

Purpose Personal data Lawful basis
Responding to enquiries submitted through our contact form or by email Name, email address, organisation, message content Legitimate interests (responding to business enquiries about our products and services); where the enquiry leads towards a contract, steps taken at your request before entering a contract
Managing customer and prospect relationships in our CRM, including follow-up about our products Business contact details, correspondence history Legitimate interests (business development and marketing to business contacts); consent where the law requires it for electronic marketing
Identifying the organisations that visit our website (Snitcher) IP address, pages visited, inferred organisation Consent, given through our cookie banner and withdrawable at any time
Understanding how visitors use our website (Microsoft Clarity) Usage and interaction data, device information, IP address Consent, given through our cookie banner and withdrawable at any time
Operating, securing and debugging the website IP address and request data in hosting and content delivery logs Legitimate interests (running a secure, reliable website)
Managing supplier and partner relationships Business contact details, contract correspondence Performance of a contract; legitimate interests (administering our business)
Complying with legal and regulatory obligations, including accounting, tax and export control Records we are required to keep by law Legal obligation

Where we rely on legitimate interests, we have considered the balance between those interests and your rights, and we do not use your data where our interests are overridden by yours. You can object to any processing based on legitimate interests (see section 8).

4. Who we share personal data with

We do not sell personal data. We share it only with service providers who process it on our instructions under contracts meeting the requirements of Article 28 UK GDPR, and with others where the law requires. Our providers are:

5. International transfers

Some of the providers listed above process personal data outside the UK, including in the European Economic Area and the United States. Where personal data leaves the UK, we rely on one of the safeguards recognised by UK GDPR:

You can ask us for details of the safeguard applying to a particular transfer, and where applicable a copy of the relevant agreement, by contacting hello@onlineoceans.com.

6. How long we keep personal data

We keep personal data only for as long as we need it for the purposes above, and then delete or anonymise it. Our standard periods are:

7. Security

We apply technical and organisational measures appropriate to the risk, including access controls, encryption in transit and reputable cloud providers. No transmission over the internet is completely secure, but we work to protect personal data against loss, misuse and unauthorised access, and we have a documented procedure for responding to any personal data breach.

8. Your rights

Under UK GDPR you have the right to:

To exercise any of these rights, email hello@onlineoceans.com. We will respond within one month. We may need to verify your identity before acting on a request. These rights are not absolute and exemptions may apply in some cases; if we rely on one, we will tell you why.

9. Complaints

If you are unhappy with how we have handled your personal data, please contact us first at hello@onlineoceans.com and we will try to resolve it.

You also have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner's Office: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; telephone 0303 123 1113; ico.org.uk/make-a-complaint.

10. Cookies

We use a small number of cookies and similar technologies. Non-essential cookies are set only with your consent, which you can give, refuse or withdraw at any time through the cookie banner or the cookie settings link in the footer. Full details of every cookie, its purpose and how long it lasts are in our cookie policy.

11. Children

Our website and services are aimed at organisations and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

12. Automated decision-making

We do not make any decisions about you based solely on automated processing that produce legal or similarly significant effects.

13. Changes to this policy

We will update this policy when our processing or the law changes, and the date at the top shows when it was last revised. Significant changes will be highlighted on this page.