Groundsure Privacy Policy

At Groundsure we are committed to protecting and respecting your privacy. We hold, as with most businesses, personal information about our customers and people who may be interested in our products and services.

About Us

Groundsure Limited, company number 3421028 (England and Wales) collects or receives your data under this privacy policy as a data controller for the purposes of EU Data Protection Legislation.

Groundsure is an Ascential Group Limited company.

This global privacy policy explains how Ascential Group Limited  and/or its affiliates (“Ascential” referred to as “we”, “us” or “our”) handle your personal data, including the types of personal data we collect about you, how your personal data may be used and when it may be disclosed, how we protect your personal data and the rights you have in relation to the processing of your personal data. Ascential respects your privacy and we are committed to protecting your personal data in accordance with applicable data privacy laws and our internal policies.

Please see the Definitions section for definitions of terminology used in this Privacy Policy.

This global privacy policy explains how Ascential Group Limited  and/or its affiliates (“Ascential” referred to as “we”, “us” or “our”) handle your personal data, including the types of personal data we collect about you, how your personal data may be used and when it may be disclosed, how we protect your personal data and the rights you have in relation to the processing of your personal data. Ascential respects your privacy and we are committed to protecting your personal data in accordance with applicable data privacy laws and our internal policies.

In the event of conflict between a translated version of this global privacy policy and the English version, the English version shall prevail.

 

  1. Who is the controller of my personal data?

Unless we notify you otherwise, Ascential Group Limited is the controller of your personal data as it is the entity who alone or jointly determines how or why your personal data is being processed. Our affiliates may be the controller of your personal data in certain circumstances depending on our relationship, and the services we are providing to you.  A list of our group of affiliates can be found here.

  1. How do we collect your personal data?

We use different methods to collect personal data from and about you, including: -

Collection directly from you

Most of the personal data we process about you comes directly from you.  You may give us your name and contact details when filling in forms or corresponding with us by email, phone, mail, in person or otherwise including when you: -

 

  • subscribe to our services, products or email alerts; and
  • buy or express an interest in our products and services (including attending an event).

Automatic collection

We automatically collect technical information when you use our websites, for example: - IP address, log-in data, browser type, time zone setting and location and plug-in types when you interact with our websites.  We also collect data through cookies. Please see our cookies policy below for further information and details.

Collection from other sources

We may collect information about you from third parties and public sources (such as public databases and social media websites). This is to ensure we have accurate, up to date or necessary information for us to communicate with you or to provide the best possible service. The types of information we may collect includes personal details (including name, age, gender and other demographic data) and contact information (including postal address and telephone numbers).

 

  1. For which purposes and on which legal basis do we process your personal data?

 

We have set out below a description of all the ways we plan to use your personal data and which legal basis we rely on to do so. We have also identified what our legitimate interests are, where appropriate.

 

Legal basisPurpose
Necessary for the compliance with a legal obligation to which we are subject.Complying with legal requirements.
Necessary for the performance of a contract to which you are a party.Managing our contractual relationship with you.
Justified on the basis of our legitimate interest in ensuring the proper functioning of our business operations.Operating and managing our business operations and/or improving our products, service and event experience.
Justified on the basis of our legitimate interest in ensuring that we can conduct and increase our business.Marketing or communicating information to you related to our products and services, unless you have objected to such processing, as further described in the section 3 “How do we use personal data for direct marketing purposes?”  We may also share personal data with our affiliates for this purpose, as further described at section 6 below.
Justified on the basis of our legitimate interest in ensuring we can conduct and increase our business and those of our business partners.Sharing personal data with selected partners (including sponsors), as further described in section 6 below.
Justified on the basis of our legitimate interest in ensuring network and information security.Monitoring your use of our systems (including using technical tools to automatically monitor the use of our website and any apps and tools you use).
Justified on the basis of our legitimate interest in ensuring that you receive an excellent user experience.Improving the security and functioning of our website, networks and information.
Justified on the basis of our legitimate interest in ensuring the proper functioning of our business operations.Undertaking data analytics, i.e. applying analytics to business operations and data to describe, predict and improve business performance within Ascential and/or to provide a better user experience. (more details on how we run analytics on our website can be found in our cookie policy.

 

  1. How do we use personal data for direct marketing purposes?

 

We may send you marketing communications to keep you up to date with our products and services, including those we think may be of interest to you.

 

Do we send targeted e-mails?

 

We send targeted electronic direct marketing to business contacts at our clients or other companies with whom we want to develop or maintain a business relationship in accordance with applicable marketing laws. Our electronic direct marketing typically includes web beacons, cookies, and similar technologies that allow us to know whether you open, read, or delete the message, and links you may click. When you click a link in an electronic direct marketing message, we will also use a cookie to log what pages you view and what content you download from our websites, even if you are not registered at or signed into our site. Please see our cookies policy for further details.

 

Do we maintain Customer Relationship Management (CRM) databases?

 

Like most companies, Ascential uses customer relationship management (CRM) database technology to manage and track our marketing efforts. Our CRM databases include personal data belonging to business contacts at our clients and other companies with whom we already have a business relationship or want to develop one. The personal data used for these purposes includes relevant business information such as: contact data, publicly available information (e.g. board membership, published articles, press releases, your public posts on social media sites if relevant for business purpose), your responses to targeted electronic direct marketing (including web activity following links from our e-mails), website activity of registered users of our website and other business information included by Ascential professionals based on their personal interactions with you.

 

Do we combine and analyse personal data?

 

We may combine data from publicly available sources, and from our different e-mail, website, and personal interactions with you (this includes information collected across our different websites such as our careers and corporate sites and information collected when you sign-up or log on to our sites or connect to our sites using your social media credentials). We combine this data to better assess your experience with Ascential and to perform the other activities described throughout this privacy policy.

 

What are your rights regarding marketing communications?

 

You can elect to not receive marketing communications from us by, or by utilising opt-out mechanisms in e-mails we send to you.  You can also object to receiving marketing communications or request that your personal data be removed from our CRM databases by contacting us at www.ascential.com/data.

 

  1. What about sensitive data?

We do not generally seek to collect sensitive data (also known as special categories of personal data) from individuals and we request that you please do not submit sensitive data to us. In the limited cases where we do seek to collect such data, we will do this in accordance with data privacy law requirements and/or ask for your consent.

 

The term "sensitive data" refers to the various categories of personal data including racial or ethnic origin, political opinions, religious, philosophical or other similar beliefs, membership of a trade union, physical or mental health, biometric or genetic data, sexual life or orientation, or criminal convictions and offences (including information about suspected criminal activities).

 

  1. What about persons 18 or under?

We are concerned to protect the privacy of children. We do not knowingly contact or collect information from persons under the age of 18. The website is not intended to solicit information of any kind from persons under the age of 18.

If you believe that we have received information pertaining to or from persons under the age of 18 please contact us at   contacting us at www.ascential.com/data ; or dpo@ascential.com. If we become aware that a person under the age of 18 has provided us with personal information, we will take steps to delete such information.

  1. Will we share your personal data with third parties?

We may share personal data with the following categories of recipients:

  • Our affiliates, so they can send you communications about their products and services (as further described in section 3 above)
  • Our third-party service providers, including IT service providers, marketing automation, solutions and analytics providers, marketing agencies, professional advisors, and
  • Our selected partners, representatives and sponsors, for example we may share attendee lists with event sponsors so that they can better plan their sponsorship to enhance attendee experience and, where applicable, to choose invitees to private briefings, meetings or dinners, or we may make available contact details to create marketing opportunities in certain industries and markets.

We may also share your personal data with public and governmental authorities if we are required to do so, or with third parties in connection with potential corporate or commercial transaction.

Before we share your personal data with any third parties, we take the necessary steps to ensure that your personal data will be given adequate protection in accordance with relevant data privacy laws and Ascential’s internal policies.

  1. How long will your personal data be retained by us?

We retain your information for no longer than necessary for the purpose for which it was collected. We maintain specific records management and retention policies and procedures, so that in determining how long your information will be stored, we will consider:

  • the purpose(s) and use of your information both now and in the future;
  • our global legal and contractual obligations; and
  •  what information we need to manage your relationship with us and to develop and deliver our products and services.
  1. Do we transfer your data internationally?

As we are a global organisation with a presence in a number of jurisdictions and countries, we may transfer your personal data to our affiliates internationally. If you are located in the EEA, this may involve transferring your data outside the EEA. To ensure that such transfers are in accordance with applicable law and carefully managed to protect your privacy rights, any inter-company transfers of personal data are covered by agreement(s) which contractually oblige(s) us to ensure adequate and consistent levels of protection wherever personal data is transferred within our group of companies.

We may also share your personal data with third parties (see section 6), some of which are based outside the EEA. Whenever we transfer your personal data outside the EEA, we ensure a similar degree of protection is afforded it by ensuring appropriate safeguards are implemented, for example we may use specific contracts approved by the European Commission.

Please contact us (see our details at section 10 below) if you would like further information on the mechanism used by us when transferring your personal data outside the EEA.

 

  1. Data security.

We maintain organizational, physical and technical security arrangements for all the personal data we hold. We have protocols, controls and relevant policies, procedures and guidance to maintain these arrangements taking into account the risks associated with the categories of personal data and the processing we undertake, including as appropriate: -

  • The pseudonymisation and encryption of personal data;

 

  • The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;

 

  • The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and

 

  • A process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of personal data.

 

  1. Which rights do you have with respect to the processing of your personal data?

If you are based within the EEA, you may be entitled under certain circumstances to: -

  • Request access to the personal data we process about you: this right entitles you to know whether we hold personal data about you and, if we do, to obtain information on and a copy of that personal data.
  • Request a rectification of your personal data: this right entitles you to have your personal data corrected if it is inaccurate or incomplete.
  • Object to the processing of your personal data: this right entitles you to request that Ascential no longer processes your personal data.

 

  • Request the erasure of your personal data: this right entitles you to request the erasure of your personal data, including where such personal data would no longer be necessary to achieve the purposes.

 

  • Request the restriction of the processing of your personal data: this right entitles you to request that Ascential only processes your personal data in limited circumstances, including with your consent.

 

  • Request portability of your personal data: this right entitles you to receive a copy (in a structured, commonly used and machine-readable format) of personal data that you have provided to Ascential, or request Ascential to transmit such personal data to another data controller.

 

  • Request not to be subject to any decision that significantly affects you being taken by automated processing, including profiling.

 

If you are based in CALIFORNIA you have many of the rights set out at section 11 and you are entitled under certain circumstances to:-

 

 

Request access to certain information about the personal data we have shared with third parties for direct marketing purposes.

Please contact us at www.ascential.com/data to exercise any of these rights. We will process any request in line with any local laws and our policies and procedures. We may ask you for additional information to confirm your identity and for security purposes, before disclosing information requested to you.

  1. What if you have questions or want further information?

 

Any questions regarding this notice and our privacy practices should be sent using www.ascential.com/data or by writing to Director of Compliance and DPO, Ascential Group Limited, The Prow, 1 Wilder Walk, London, United Kingdom, W1B 5AP, or by email at dpo@ascential.com.

 

If you wish to make a complaint about how we use your information, please contact us using  www.ascential.com/data  and we will do our best to help. If you are located in the EEA, you have the right to lodge a complaint with the appropriate data protection supervisory authority in your country. We would, however, appreciate the chance to deal with your concerns before you approach your local supervisory authority so please contact us in the first instance.

 

Cookies

When you visit a Groundsure website(s), Groundsure uses “cookie” technology try to make that experience simple, personalised and meaningful. Cookies are small pieces of information which are issued to your computer or any similar device you use to access the internet e.g. smart phone, tablet or other mobile device when you visit a website and which store and sometimes track information about your use of the website. A number of cookies Groundsure use last only for the duration of your web session and expire when you close your browser. Other cookies are used to remember you when you return to the website and will last for longer.

Groundsure use cookies to:

  • create a specific log-in session for a visitor to a Groundsure website in order that page requests by that visitor are delivered in an effective, secure and consistent manner;
  • recognise when a visitor to a Groundsure website has visited before; this means we can identify the number of unique visitors we receive to the website and allows us to make sure we have enough capacity for the number of users that we get;
  • customise elements of the promotional layout and/or content of the pages of the website;
  • store your product selections to the shopping basket;
  • collect statistical information about how our visitors use the website(s) so that we can improve the website(s) and learn which parts are most popular to visitors; and
  • Gather information through our advertising partners, about the pages on the Groundsure website(s) that you visit, and also other information about other websites that you visit, so as to place you in an “interest segment”. [This information is collected, in an anonymous form but may include information such as about the county and city you are in, together with the name of your internet service provider]. This information is then used to serve interest-based advertisements which it is believed will be targeted to your interests. For more information about this type of interest based advertising, and about how to turn this feature off please visit www.youronlinechoices.co.uk or follow the link to the website of our advertising partners shown below. Without these cookies, advertisements you encounter will be less relevant to you and to your interests.

Some of the cookies used by Groundsure websites are set by us, and some are set by third parties who are delivering services on our behalf. Most web browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browser. Please note however, that by blocking or deleting cookies used on a Groundsure website(s) you may not be able to take full advantage of the website(s) if you do so.

a) Our cookies

We have described the main cookies we use and what we use these for below

Cookies NamePurposeMore information
PRUserUsed to remember the user the next time they come to the site so that the user does not need to enter their login details again.
ARPT (ArrowPoint)Used by the load balanced servers to maintain user sessions between the servers in the event of system failure. persists as long as the user session lasts, this will never be longer than 24 hoursCisco Cookie
ASP.NET_SessionIdUsed to maintain an active user session on the site. persists as long as the user session lasts, this will never be longer than 24 hoursMicrosoft ASP.NET Cookie
.ASPXAUTHUsed to determine if a user is authenticated persists as long as the user session lasts, this will never be longer than 24 hoursMicrosoft ASP.NET Cookie
__utma__utmc

__utmb

__utmz

__utmv

These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.Google Analytics Cookie
AtlasSessionThis cookie creates a unique session that is required for tracking Ordnance Survey map usage
BrowserSessionThis cookie monitors when you close a browser to keep track of when to create new session for the Ordnance Survey map usage
OAuthTokenIf you use social login this token allows us to authenticate your login
Local StorageHTML5 web pages can store data locally within the user’s browser.However, Web Storage is more secure and faster. The data is not included with every server request, but used ONLY when asked for. It is also possible to store large amounts of data, without affecting the website’s performance.

The data is stored in key/value pairs, and a web page can only access data stored by itself.

b) Third party cookies

Certain cookies are either set by third parties on the Website or these are set by us using the third parties cookie code. More information about cookies placed by third parties and how to restrict or block their cookies can be accessed by following the link to their website.

In addition to cookies, tracking gifs may be set by us or third parties in respect of your use of the Site. Tracking gifs are small image files within the content of our site or the body of our newsletters so we or third parties can understand which parts of the website are visited or whether particular content is of interest.

Data Retention

We retain your information for no longer than necessary for the purpose for which it was collected. In determining how long your information will be stored, we will consider:

  • the purpose(s) and use of your information both now and in the future;
  • what information we need to:
    • best provide you with products and services;
    • manage your relationship with us;
    • meet our statutory obligations;
    • develop our products and services; and
    • meet our customers’ and previous customers reasonable expectations.

Geographic Data Transfers

Groundsure may need to transfer your personal data outside the EEA to provide the best service possible to our customers and in the most efficient manner.  In all instances, we take steps to ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangements are in place to protect your privacy rights. To this end:

  • where we transfer your personal information outside the Ascential Plc group or to third parties who help provide our products and services, we obtain contractual commitments from them to protect your personal information. Some of these assurances are well recognized certification schemes like the EU – US Privacy Shield for the protection of personal information transferred from within the EU to the United States; or
  • where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information are disclosed.

Data Subjects’ Rights within the EEA

In the EEA, data subjects have the following rights:

  • to request access to your information and information related to our use and processing of your information;
  • to request the correction of your information (we may seek to verify the accuracy of the personal information before rectifying it);
  • in certain situations to ask us to erase, block or restrict the personal information we hold about you, or object to particular ways in which we are using your personal information; and
  • in certain situations, you can also ask us to send the personal information you have given us to a third party.
  • to ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside of the EEA.
  • to withdraw your consent to our use of your information at any time where we rely on your consent to use or process that This will not affect the lawfulness of our processing of your data prior to your withdrawal;
  • to object to the processing of your information for certain purposes, namely:
    • in certain circumstances to us using or processing your information where we use or process it in order to carry out a task in the public interest or for our legitimate interests;
    • to object to us using or processing your information for direct marketing purposes. You may also exercise your right to object to us using or processing your information for direct marketing purposes by clicking the unsubscribe link contained at the bottom of any marketing email we send to you and updating your preferences, or as a subscriber by visiting the preference centre on our website and changing your preferences.

For more information on how to object to our use of information collected from cookies and similar technologies, please see the ‘Cookies’section above.

You can exercise your rights by writing to us at Head of Legal, Groundsure Limited, C/O Ascential Group Limited, The Prow, 1 Wilder Walk, London, United Kingdom, W1B 5AP or contacting us via www.ascential.com/data.

You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal information. We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.

Do not Track

Some browsers offer a “do not track” (“DNT”) option. For information about Do Not Track, please visit www.allaboutdnt.org.

At this time we do not respond to DNT signals. For information on how to block and opt out from tracking technologies used on our website, please see the ‘Cookies’ section above.

Third Party Websites

Please be aware that Groundsure does not control and is not responsible for websites that are referred to or linked from its own websites and that use of your personal information on these websites is not subject to this Privacy Policy.

Persons 18 or under

We are concerned to protect the privacy of children. We do not knowingly contact or collect information from persons under the age of 18. The website is not intended to solicit information of any kind from persons under the age of 18.

If you believe that we have received information pertaining to or from persons under the age of 18 please contact us via www.ascential.com/data. If we become aware that a person under the age of 18 has provided us with personal information, we will take steps to delete such information.

Definitions

Compliance with a legal obligation – processing is necessary to ensure we comply with our legal and regulatory obligations.

Consent – you have given specific consent to the processing of your personal data.

Data Controller – the entity that determines the purposes and means of processing personal data.

EEA – the European Economic Area which comprises countries that are members of the European Union and Norway, Iceland and Liechtenstein.

Identifiable natural person – a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person

Legitimate Interests – processing is necessary for our or a third party’s legitimate interests in carrying on, managing and administering our respective businesses effectively and properly (except where our or the third party’s interests are overridden by your own interests, rights and freedoms).

Performance of a Contract – processing is necessary to carry out our contractual duties, exercise our contractual rights or otherwise perform our Contract with you, or to take steps at your request to enter a Contract.

Personal Data – any data relating to an identified or Identifiable Natural Person.

Processing – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction any

Special categories of personal data – personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic or biometric data processed for the purpose of uniquely identifying a natural person, data concerning Vital Interests – processing necessary protect an interest which is essential for the life of the data subject or that of another natural person.


[1] Where Legitimate Interest is the processing Ground, the legitimate interest is provided in the Purpose column.