ISACA Kolkata Chapter Privacy Policy

Last Updated:  December 20, 2023

This Privacy Policy describes how the Kolkata Chapter of ISACA (“ISACA Chapter”, ”we” or “us”) collects, uses, shares, and retains personal information when you use this ISACA Chapter at (the “Site”), or when you interact with us in person.  Personal information is data that can be used to identify you directly or indirectly or to contact you including, but not limited to, your name, mailing address, email address, and telephone number. 

Please note that this Privacy Policy does not apply to information collected or used by the global ISACA web sites, or mobile applications, which is governed by the Privacy Notice located at Also, this Privacy Policy does not cover the practices of any of our Chapter’s business partners (such as vendors, sponsors, or advertisers), and does not apply to personal information that we collect from or about our employees, consultants, contractors, vendors, sponsors, or advertisers.     


1.     Modifications to this Policy

From time to time, we may need to update or modify this Privacy Policy, to address changes in the law, new issues or to reflect changes on our Site.  When we update this Privacy Policy, we will change the “Last Updated” date at the top of the Policy so you know it has been updated.  To the extent required by law, we will notify you of material changes to this Privacy Policy. 


2.     International Visitors

Our Site is for individuals located in India.  If you are not a resident of the India, your country’s data protection laws may differ from those in India, and may provide a greater protection.  ISACA has over two hundred local chapters throughout the world. To find your local chapter, you can conduct a search on ISACA’s Local Chapters page.    


3.     Collection of Personal Information You Directly Provide

We collect personal information from you when you interact with our Site and when you use our services.  We may collect information directly from you through, for example online and offline registration forms for events, exams or meetings.


Events. We may host events that include in-person and virtual conferences, training, knowledge sharing and webinars. If you register for an event, we may collect the following information from you: first name, last name, email address, phone number, payment information, business address, the type of business you work for or with, and your role in that business.  We use the information you give us to provide you with event services.  To the extent the information requested is not required for your participation in a given ISACA Chapter program, you will be told which information is optional.  Should you fail to provide optional information, certain ISACA Chapter programs or features may not be available to you.

Presenter. If you are a presenter at one of our events, we will collect information about you such as your name, professional details, employer, contact information and your photograph, and we may also collect information provided by event attendees who evaluated your performance as a presenter. 


Committee Member. We may also collect your personal information if you are a committee member, or when you assist with initiatives or projects, or when you serve as a Chapter Officer, or on the Chapter Board. 


Chapter Meetings.  We may also collect your personal information when you attend a Chapter Meeting.


Communications.  If you communicate or correspond with us by email, through postal mail, via telephone or through other forms of communication, we may collect the information you provide as part of those communications. For example, if you correspond with us through email, we may collect and store the email address you use to send the applicable correspondence and use it to respond to your inquiry; to notify you of other ISACA Chapter events; or to keep a record of your complaint, accommodation request, and similar purposes.


We may also maintain information about you that you do not directly provide, whether it is information received from third parties, such as business partners who provide exam administration services, or information we collect about your activities.  For example, we may keep track of which events you have attended, which exams you have taken, which boards and committees you have served on, and which offices you have held.



4.     Why We Collect Your Information

We will only use your information as described in this Policy or as disclosed to you prior to such processing taking place.  We may use your personal information:

·       To provide our services to you, such as registering you for event or training programs;

·       To respond to your requests;

·       To advise you with information about other events or services which we believe may be of interest to you;

·       To improve our services and to detect, prevent and address technical issues; and

·       To enforce compliance with our agreements, codes of conduct and this policy.


5.     Sharing Your Information

We may share your personal information with third parties for legitimate business purposes, including in the following circumstances:

  • To vendors or third-parties who deliver or provide services or otherwise act on our behalf or at our direction;
  • To our volunteers and board members to provide our services;
  • To ISACA and other ISACA chapters, the IT Governance Institute, and if you participate in our “Enterprise Participation Program,” your information will be shared with your organization’s program coordinator;
  • If you are an event attendee, speaker, or sponsor, certain of your information will be included in the event roster, which roster will be publicly disclosed, and may also be shared with third-party event sponsors and exhibitors;
  • To investigate potentially fraudulent or questionable activities; and

When we believe it is necessary to cooperate with law enforcement or in response to a government request, including if specifically requested or required, as otherwise permitted by law, and for other valid ISACA Chapter business purposes.


6.     Data Retention

We will retain the personal information for as long as is needed to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, legal, accounting or other purposes).  When we have no justifiable business need to process your personal information, we will either delete or anonymize it.


7.     Security 

We use reasonable measures to safeguard your personal information, and follow applicable laws regarding safeguarding such information under our control.  We cannot guarantee, however, that your information will remain 100% secure.  The Internet by its nature is a public forum, and we encourage you to use caution when disclosing information online.  Often, you are in the best situation to protect yourself online. You are responsible for protecting your username and password from third party access, and for selecting passwords that are secure.


8.     Your Choices

If you receive commercial electronic communications from us, you can unsubscribe from the receipt of future commercial electronic communications from us by clicking on the “unsubscribe link” provided in such communications.


To help us keep your personal information up to date, you can request access to and seek to correct the personal information we maintain about you, by contacting us at In your request, please make clear what information you would like to have changed. For your protection, we may need to verify your identity before implementing your request. We will try to implement your request as soon as reasonably practicable. We reserve the right to refuse to act on a request that is manifestly unfounded or excessive (for example because it is repetitive) and/or to charge a fee that takes into account the administrative costs for providing the information or taking the action requested.


9.     Links to Third-Party Sites

From time to time, we will provide links to third-party web sites, or advertisements will contain links to third-party sites.  For example, we may link to a third party who is assisting in or is providing online training services.  These links are provided as a service to you.  These third-party sites are operated by independent entities that have their own privacy policies.  This Privacy Policy does not apply to those third-party sites or to how those third-parties may collect or use your personal information.  We have no control over the content displayed on such third-party sites, nor over the measures, if any, that are taken by such sites to protect the privacy of your information. 


10.  Children

We do not knowingly collect personal information from persons under the age of 16. If you are a parent of a child under 16, and you believe that your child has provided us with information about him or herself, please contact us via the information in the Contact section below.


11.  Contact Information

If you have questions or concerns about this Privacy Policy or how we process your personal information, please email us at