1. Introduction
Hyderabad chapter of ISACA (hereinafter referred to as “the Chapter”, “we”, “our”, or “us”) respects your privacy and is committed to protecting an individual’s (hereinafter referred to as ‘you’, ‘your’, ‘data subject’) personal data.
This Privacy Notice explains how ISACA collects, uses, stores, processes, and protects personal data and sets forth your privacy rights when you visit our website, register for and/or attend our events, become a member, or interact with our services.
We understand that privacy is an on-going responsibility, so we will from time to time update this Privacy Notice as we undertake new personal data privacy practices or adopt new privacy policies.
This notice is designed to align with applicable data privacy Laws and Regulations such as but not limited to:
• India’s Digital Personal Data Protection Act, 2023 (DPDP Act) including DPDP Rules 2025
• EU General Data Protection Regulation (GDPR) principles where applicable
• Reasonable security practices under the Information Technology Act, 2000 and related rules in 2011, and 2026
By using our website or submitting your personal data to the Chapter, you agree to the collection and use of information in accordance with this Privacy Notice.
2. Data Controller and/or Data Fiduciary
Hyderabad chapter of ISACA acts as the Data Fiduciary (under India DPDPA) and Data Controller (under EU GDPR) for the personal data collected through the Chapter’s website, membership registrations, non-membership registrations for live events, newsletters, media groups, event registrations, and communications.
3. Personal Data We Collect
We collect your personal data only when you voluntarily provide it to us for purposes listed above and/or when necessary to deliver services which you have or will avail from us from time to time.
Categories of such personal data may include:
• Name
• Email address
• Phone number
• Professional details (organization, designation)
• Membership details
• Event registration details
• Payment information (processed via secure third-party payment gateways)
• IP address and technical browsing information
• Communication preferences
• Other personal data required for purposes listed below
We may also collect limited technical information automatically through cookies and analytics tools.
4. Purpose of Processing:
We process your personal data only for legitimate and lawful purposes of:
• Managing memberships and chapter registrations
• Processing event registrations and certifications
• Trainings and webinars/ seminars in collaboration with third parties
• Sending chapter communications, newsletters, and updates
• Managing volunteer programs and community activities
• Conducting web and digital analytics to improve website, user experience and services
• Ensuring security of personal data and/or prevent fraud
• Complying with legal or regulatory obligations
5. Legal Basis for Processing:
Where GDPR principles apply, we process personal data based on:
• Voluntary Consent of the data subject (you)
• Performance of a contract (e.g., event registration)
• Legitimate interests of the Chapter
• Legal or regulatory obligations
Under India’s DPDP Act, processing occurs primarily based on your voluntary consent or legitimate uses as permitted by law.
6. Sharing of Personal Data:
Hyderabad chapter of ISACA does not sell personal data. However, We may share some of your personal data with:
• ISACA Global where relevant to membership administration (The relationship between the ISACA Global organization and the Hyderabad chapter of ISACA is a parent–local chapter structure)
• Event management or registration platforms
• Secure payment processors
• our sponsored with adequate approvals of Board members
• Technology service providers supporting the website
• Legal or regulatory authorities where required by law
All service providers are expected to maintain appropriate security and confidentiality safeguards.
7. International Data Transfers:
Transfer of personal data outside India will occur only to jurisdictions permitted under applicable law or where adequate data protection safeguards exist. Personal Data shall not be transferred to any country or territory restricted by the Government of India under the Digital Personal Data Protection Act, 2023. Any permitted cross-border transfer shall comply with applicable legal requirements and ensure adequate safeguards for protection of Personal Data.
8. Data Retention:
Personal data is retained only for as long as necessary to fulfill the purposes described in this notice, including:
• Membership lifecycle
• Event participation history
• Legal, tax, or regulatory compliance requirements
When data is no longer required, it will be securely deleted or anonymized where and as feasible.
9. Data Security:
The Chapter implements reasonable data safeguards and security practices including:
• SSL/TLS encryption
• Secure hosting environments
• Access control and least privilege principles
• Anonymization or masking where applicable
• Periodic security reviews
While we take appropriate safeguards, no internet transmission system can be guaranteed to be completely secure.
10. Cookies and Tracking:
The ISACA website may use cookies and similar technologies to improve user experience, website analytics and traffic analysis.
Cookies may collect non-personal data such as:
• Browser type
• Device type
• Operating system
• IP address
• Pages visited
Users of the website can disable cookies in browser settings by exercising their preference for cookies, though some site functionality may be affected.
11. Your Privacy Rights:
Depending on applicable law, users may have the right to:
• Access their personal data
• Request correction, rectification, or updating of data
• Request deletion of personal data
• Withdraw consent where processing is consent-based
• Restrict or object to certain processing activities
Requests may be submitted using the contact details below.
12. Third-Party Links:
The Chapter website may contain links to third-party websites including sponsors or partner organizations.
We are not responsible for the privacy practices or content of those external websites.
13. Children’s Privacy:
The website and chapter services are not directed at individuals under the age of 18.
We do not knowingly collect personal data from minors or children below 18 years of age. If you are a minor and/or child below 18 years, do not submit your details through our website or register for any of the above listed services with us.
14. Notice Updates:
This Privacy Notice may be updated periodically to reflect regulatory changes, technology updates, or operational changes.
Updates will be posted on the website with the revised effective date.
1Contact and Grievance Officer:
Hyderabad chapter of ISACA has appointed an internal privacy officer for you to contact if you have any questions or concerns about the ISACA’s personal data policies or practices.
For privacy-related questions, requests, or grievances, please contact:
Hyderabad chapter of ISACA
#103, Surekha Chambers
HNO: 7-1-58/SC/103, Ameerpet
City: Hyderabad-5000016, Telangana
Telephone: 040 23739230
Email: chapteroffice@isacahyderabad.org or contact@isacahyderabad.org
Under the India DPDP Act, users may also contact the designated grievance officer using the details above.