The Chartered Association of Business Schools is committed to safeguarding and respecting your privacy.
We may review and change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our websites (charteredabs.org and smallbusinesscharter.org), you are agreeing to the terms of this Policy.
Chartered Association of Business Schools is a registered company (company number: RC000880) and a registered charity in England and Wales (charity number: 1162854). Our address is: 3rd Floor, 40 Queen Street, London, EC4R 1DD.
Why do we process your personal data and what is our legal basis for processing it?
Our mission is “the advancement of education for the public benefit”, specifically in relation to business and management education. You can read our list of objectives in our Royal Charter here.
All of the work we undertake we do to meet our objectives, to serve our members and other persons and organisations interested in our work and our mission. We only collect personal information for the purposes of our mission and objectives. If we process your personal data, including storing your data or contacting you, we do so because we believe your profession or interests relate to our mission and is therefore of benefit to you as well as the wider public.
Therefore our legal basis for processing your personal data is ‘legitimate interest’ and is processed in accordance with the General Data Protection Regulations (GDPR), Privacy and Electronic Communications Regulations (PECR) and UK data protection law.
In all of our communications we give you the opportunity to opt-out or change your preferences. If you would like us to stop or change how we process your data, we are happy to oblige. You have an absolute right to opt-out, update your information, or request access to your information. Please refer to the steps in this policy to do so.
How do we collect personal data about you?
The Chartered ABS may collect data about you in the following ways:
- Information acquired through our websites (charteredabs.org or smallbusinesscharter.org). This includes information provided at the time of registering to use the websites, registering for an event or development programme, subscribing to our newsletter, updating your details through the websites, participating in discussion boards or other social media functions, posting material or making enquiries.
- If you contact us, we may keep a record of that correspondence. If you send us personal information which identifies you via email, letter or phone, we may keep your contact details.
- We may ask you to complete surveys for research purposes.
- Your institution may have provided us with your data as part of their membership with us.
- Your data is publicly available and we would like to contact you about our services in relation to your profession.
- A partner has provided us with your details in relation to a project or product you have registered for in order for us to fulfil delivery of that project or product.
- If you or a recruitment agency has provided us with your CV and personal data when applying for vacancies.
What personal data do we collect from you?
The personal information we collect might include your name, job title, employer, employer address, email address, phone numbers, responses given to surveys, and information regarding your interactions with our email communications, and attendance at our events.
We may also collect details of your visits to the websites including, but not limited to, traffic data, location data, browser data, IP address, weblogs, platform used, and other communication data.
We also collect details of transactions you carry out through the websites. However, if you make a payment through our websites or by phone, your card information is not held by us, it is collected by our third party payment processors, who specialise in the secure online capture and processing of credit/debit card transactions.
We may collect some ‘special category data’ about you for the purposes of our objectives and/or to provide you services. ‘Special category data’ is more sensitive personal data under GDPR and we will ask for your explicit consent so that we can process that data. Examples of ‘special category data’ we process would include your dietary requirements or accessibility requirements when you register for an event. We gather that data so that we can fulfil your requirements when attending that event.
What do we use your personal data for?
We use data to:
- Maintain e-mail, telephone and offline contact with you, preferably at your place of business or in relation to your profession or studies.
- Provide services to you which you have registered for or which may relate to the contract which an institution holds with us as part of their membership of the Chartered ABS.
- To compile information relating to your professional interests and use of our products and services so that we can contact you with relevant information and to ensure the content on our website is relevant to you and our other website users. This use of data is often known as ‘profiling’.
- To produce anonymised sector analysis to support our mission.
How can you change your preferences, opt-out or update the data we hold on you?
If you would like to change your preferences about the information we send you or opt-out altogether from receiving communications about the work we do to support business schools, you can. If your details have changed you can ask us to update the records we hold. To do so please contact us by emailing email@example.com or call +44 020 7236 7678, or click ‘unsubscribe’ or ‘opt out’ on the marketing emails we send you.
How can you access the personal data we hold about you?
You have a right to access the personal data we hold about you. If you would like to make a Subject Access Request please write to us at firstname.lastname@example.org, and put ‘Subject Access Request’ in the subject field.
Where do we process your personal data and how do we keep it secure?
We process data in accordance with the General Data Protection Regulations (GDPR) and UK data protection law.
We process data at our registered offices: 3rd Floor, 40 Queen Street, London, EC4R 1DD. Data processors (staff) working remotely and third parties appointed by us, do so under contract.
We will take all steps necessary to ensure that your data is processed and stored in a secure environment, in accordance with our legal obligations. The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (‘EEA'). All suppliers and contractors we use to process data are bound by contract to keep it secure in accordance with GDPR.
Any payment transactions are encrypted using SSL technology.
What are our principles for retaining personal data?
In accordance with GDPR we retain personal data for no longer than is necessary for the purposes for which it is being processed. Depending on the type and purpose of personal data, we have time limits in place which determine how long data is stored and processes for deleting the records when that limit is reached. For example, dietary and accessibility data collected from you when registering for an event will be deleted once the event has been delivered. Applications made for job vacancies will be deleted after 6 months.
There are some circumstances where personal data may be stored for longer periods or permanently. Such data would be stored for historical research purposes or to allow longitudinal analysis in relation to our mission and services. For example, survey results will be archived to allow us to carry out longitudinal comparative analysis. Individuals’ attendance at our events will also be stored indefinitely.
Individuals’ contact data, processed for the purposes of marketing and communications, will be stored for as long as necessary i.e. until that individual changes their profession, they retire, or they request erasure.
Do we share your personal data with third parties?
We will not sell your information to third parties. We will not share your information with third parties for marketing purposes.
We may pass your information to third parties for the purposes of completing tasks and delivering services to you on our behalf. Circumstances when this may happen could include: when working with a partner to deliver an event; when contracting a mailing house to send out a mailing; when briefing the facilitator or speaker ahead of an event or development programme; when producing a publication with a partner; or when providing details of attendees to a venue.
When we use or work with third party service providers, agents, subcontractors and other associated organisations we disclose only the personal data that is necessary to deliver the service. We will have a contract in place that requires them to comply with GDPR when processing your personal data.
Our websites (charteredabs.org and smallbusinesscharter.org) may occasionally use persistent cookies (the small text files stored on your computer) to record your preferences or activity between visits. These cookies do not store personal information about you or your computer and you can clear them at any point by deleting your browser history. For more information about cookies you can visit: http://www.aboutcookies.org/
The Chartered Association of Business Schools does not share cookies data with third parties.
What can you do if you don’t want cookies to be set?
If you don’t want our websites to store information on your computer or mobile device for the purposes described above, it is possible to block some or all cookies, or even to delete cookies that have already been set; but you need to be aware that you might lose some functions on this website. For information on how to control cookies being stored on your computer see: https://www.aboutcookies.org/how-to-control-cookies/
I agreed for this site to store cookies but have changed my mind. What can I do?
If you previously agreed to allow charteredabs.org or smallbusinesscharter.org to store cookies on your computer but have subsequently changed your mind then you can delete the cookie. See https://www.aboutcookies.org/how-to-delete-cookies/ to learn how to control and remove cookies stored on your computer.
Links to other websites
Our websites contain links to other websites run by other organisations. Those organisations are responsible for the privacy policies and data processing practices of their own websites even if you access them using links from our websites. We encourage you to read the privacy statements on the other websites you visit.
How to contact us or to make a complaint?
If you have any questions about this policy or our work or if you would like to make a complaint please contact us by emailing email@example.com or call +44 020 7236 7678.
If you would like to make a complaint to the UK’s supervisory authority you can do so by contacting the Information Commissioner’s Office https://ico.org.uk