Our policies

Privacy Policy

The Ashridge (Bonar Law Memorial) Trust, the Ashridge Strategic Management Centre and Ashridge Executive and Organisation Development Ltd are committed to protecting your privacy when you visit our websites, so we want you to know what information we collect when you visit one of our sites, how we use that information and how you can update it. Ashridge reserves the right to append or otherwise modify this Privacy Statement at any time, so please re-visit this page occasionally to check for updates.

What this policy covers

This policy covers Ashridge's treatment of personally identifiable information that Ashridge collects when you are on the Ashridge site and when you use Ashridge's services. This policy also covers Ashridge's treatment of personally identifiable information that Ashridge shares with other parts of the organisation.

Information we collect

We collect various types of information from our visitors so we can adjust our site to meet visitors' needs and expectations. Some of this information is collected automatically through cookies, and other information is collected when you register for any of our services or subscribe to Ashridge E-Newsletters.

When you register as a user we may collect the information necessary to provide the services required. Such information would at the very least include your name and an email address. We will also collect information from you if you complete any other forms on our site, register to leave feedback or interact with the website or if you contact us with comments or specific requests.

Ashridge may monitor, record, store and use any telephone, email or other communication with you in order to check any instructions given to us, for training purposes, for crime prevention and to improve the quality of our customer service.

CCTV Policy & Procedures

Purpose

Ashridge uses CCTV to provide a safe and secure environment for its staff and visitors and to protect Ashridge’s property.  The purposes for which the CCTV Systems are used are solely to protect the premises by prevention, detection and investigation of criminal activity.

Responsibility

The person who has been appointed to oversee the system and procedures is Debbie Gronert who holds the position of Facilities Manager at Ashridge Executive Education. She is responsible for making sure that the data is only accessed by those with a genuine need to do so.

Ashridge will notify visitors to the site of the use of CCTV by appropriate signage provided at the entrance of each car park.

Quality Control

The images that are filmed will be held in a secure location and will only be accessed by those who are authorised to do so.

The medium onto which we record images is a hard drive which updates every 31 days by clearing data stored and starting again.

A regular maintenance programme is in place and will be carried out in accordance with the agreed schedule by MJ Security Systems Ltd (tel no. 01582 665022).  Cameras will be checked every six months and a service report provided.

Destruction

Unless required for evidential purposes, the retention period of any images recorded by our CCTV footage is 31 days and any footage that is over this period is set up on the system to be deleted automatically.

Access

The location that is used for viewing of any images is the Venue Services office in the Main House.  Only the manager and team leaders are authorised to access the images collected.

Debbie Gronert, Facilities Manager, or her nominated deputy in his absence, is the only person who can authorise disclosure of information to third parties.

Should any images be required by the Police, or any other authorised enforcement agencies, we will adhere to the following protocol: 

  1. All requests will be documented, giving the date, time and purpose of the request and the identity of the body and individual making the request.
  2.  The request must specify the date and time (as far as possible) of the image.
  3. Proof of ID from the requesting officer will be required on collection of the data.
  4. We will aim to provide a response to a request within 24-48 hours.
  5. If the decision is taken not to release the images, then the image in question will be held and not destroyed until all legal avenues have been exhausted.

The Data Protection Act 1998 gives individuals the right to access personal information about themselves, including CCTV images.  All requests for access to images by individuals should be made to the Facilities Manager who will assess the request and, if appropriate, release the image to the individual within 40 days of the request.  Ashridge may make a small charge for the image, not exceeding £10.

The CCTV system operates 24 hours a day, 365 days a year and will continue to be maintained by MJ Security Systems Ltd and monitored by our nominated staff.

Adherence to this policy will be monitored and the policy reviewed at least annually. 

This policy is a public document and is available online at www.ashridge.org.uk or by contacting us on 01442 841174.

What are "Cookies"?

Cookies are small text files that are placed on your computer by the websites that you visit. Cookies make the interaction between users and websites faster and easier. Without cookies, it would be very difficult for a website to allow a visitor to fill up a shopping cart or to remember the user's preferences or registration details for a future visit.

When you visit the Ashridge websites, cookies enable us to measure which pages you view and how your computer views them. By measuring general use of our websites we aim to improve the user experience and make the websites more useful to you.

Information collected automatically

The types of information your browser or internet session automatically sends us each time you visit one of our sites, include:

- Your browser, for example, Internet Explorer, Firefox; Safari; Opera

- Your Internet Service Provider, for example, TalkTalk, BT, AOL, NTL, Virgin, Bulldog

- Your computer's operating system, for example, Windows, Macintosh, UNIX, Linux

- Your navigation path, that is, the URL of where you came to our site from, which of our pages you visited, and your IP address. 

Our website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”).  Google Analytics uses cookies, which are text files placed on your computer, to help the website analyse how users use the site. For more information please refer to Google's Privacy Policy.

This information lets us see how users are finding our sites and it tells us which pages are visited the most often so we can make our websites more useful. This information in no way enables us to identify you personally.

Information you provide to us

In addition to the information automatically collected by your browser, we also collect information that you provide to us when you register on the Ashridge website, when you book an event, order books or merchandise from us or request information regarding one of our programmes.

Registering with Ashridge

The Ashridge website includes various areas that require registration, such as Virtual Ashridge, Online AIMS, My Ashridge and the Ashridge Blog. The amount of information required for registration depends on the particular area, but will include at least your first name, surname and email address; and may include your business and/or home address, job title, organisation, area of interest, phone numbers and so on. Unique identifiers are used to verify the user's identity prior to granting visitor access to some of the services available online.

Ashridge web authentication and log-in

Ashridge's online services requiring a log-in (such as Virtual Ashridge, AIMS, e-Sharing, Alumni), operate a single sign-on policy. This allows an individual to re-use the same log-in details across a variety of authenticated online services provided by Ashridge. In many cases these log-in details are created by Ashridge with random passwords. However, there are instances when users are allowed to self-register and hence provide a password of their choice. Though our self-registration service enforces users to register high strength passwords, it is strongly recommended that you provide us with a separate password and NOT the ones used with your banking or other highly sensitive personal online accounts elsewhere.

Contact information submitted on the Ashridge website

If a user completes an Enquiry Form on the Ashridge website or subscribes to receive print or online publications, such as 360º, the Ashridge Journal, Ashridge News or the Corporate Brochure, the contact information will be added to a secure Ashridge database. That information is then used to send further updates of the publications in question. By requesting information you will not automatically be subscribed to receive Ashridge publications (beyond the particular publication requested). All electronic communications sent have an Unsubscribe option at the bottom of the email or E-Newsletter. All print publications are sent with a contact form which can be used to update your contact information or to unsubscribe from that publication. If you would like to update any details or unsubscribe from Ashridge publications, please contact us by email at: contact@ashridge.org.uk.

Communicating with you

Ashridge guarantees that all the information you provide either electronically or physically will not be passed to any third parties other than those that are working for or with Ashridge in the delivery of programmes, consulting and research. Ashridge does not sell or otherwise distribute mailing lists to third parties. Mailing companies will sometimes be employed by Ashridge to physically send print publications to the Ashridge mailing list. However, Ashridge has assurances from those companies that the data is only used to send the Ashridge publications and is destroyed afterwards.

Transferring information overseas

The Data Protection Act 1998 prohibits us from sending your personal details to a country outside the European Economic Area (EEA) without your informed consent. Ashridge works in partnership with some organisations and individuals that operate outside the EEA. We may consider it to be of benefit to individuals, based in the same geographical location, if their details are passed on to an appropriate Ashridge contact in their area for marketing purposes. At present, the European Commission does not consider certain countries outside the EEA to provide adequate levels of protection for the rights and freedoms of data subjects in relation to the processing of Personal Data, for the purposes of satisfying the eighth Data Protection principle. Nevertheless, Ashridge hereby declares that it is satisfied that the appropriate technological and organisational safeguards are in place in the overseas establishments that we work with and that these are equal to or greater than those required under the Data Protection Act 1998. If you are based outside the European Economic Area please use the opt-in box on the registration form to indicate your consent to the transfer of your personal data to an appropriate Ashridge contact in your area.

Third party websites, content and resources

Please be aware that when you are using the Ashridge websites including Virtual Ashridge, you may be directed via links or other means to third party websites, content and resources. These third party websites, content and resources may send their own cookies to visitors, collect data, or solicit and use your personal information in ways that are different to those contained in this Privacy Policy and the terms of their privacy policies may be very different to this Privacy Policy. We are not responsible for the privacy practices of the providers of these other websites, content and resources and cannot guarantee the security of any of your Personal Information collected, used or shared there.

Your rights, our obligations

Ashridge does not sell or rent any personal data submitted by visitors to our website to any third parties. Ashridge respects the privacy of users visiting our organisation's sites and will abide by all applicable laws concerning the release of personal information. On occasion we may use certain directory information that we have collected to send you information about products and services, or updates and other information we think may be of interest to you. Occasionally we may share this information with our educational partners to bring similar information to your attention. If you tell us that you do not wish to have this information used as a basis for further contact with you, we will respect your wishes. Please contact Ashridge to request your name and address be removed from our lists. If you do not want to receive our e-mail marketing, please submit a request to have your e-mail address removed by sending an email to: contact@ashridge.org.uk and put 'UNSUBSCRIBE' in the subject line of the email.

Other than directory information, data you provide to us as you use the Ashridge website will be held in strict confidence by the organisation and will be used for purposes stated. Ashridge may share aggregated information about our users with advertisers, business partners, sponsors and other third parties. However, the individual information you provide us within the Ashridge website will be known only to you and the organisation. We will not share your personal data with anyone else, except as may be required by law.

How to update your information

Our site provides you with the option of changing and modifying information you have previously provided to us. You may contact Ashridge direct to have your information changed by emailing contact@ashridge.org.uk.