Chapter Privacy Policy

ISACA New England Privacy Policy 

Version 2.1  -  December 31st2025 

Scope

This policy outlines Chapter policies with respect to the treatment of the personally identifiable information (PII) of the following individuals: 

  • Current and past website users and individuals who purchase materials; 

  • Members (both current and past); 

  • Event attendees, speakers, sponsors, survey respondents, and other participants in Chapter programs; and 

  • Non-member volunteers who participate on Chapter projects and/or volunteer groups. 

Responsibility and Accountability 

The Chapter Secretary, Elena Izotova, is responsible for the Chapter’s privacy program, which responsibilities include maintaining the Policy and responding to inquiries provided to the ISACA NE secretary.   

 

Notice 

Chapter provides notice about its policies and practices relating to personally identifiable information and identifies the purposes for which information is collected, used, stored, shared, and secured. Chapter’s notice program includes the following elements: 

  • When feasible (and/or legally required) Chapter provides notice to individuals before their personally identifiable information is collected. 

  • Chapter provides notice and obtains consent (as legally required) before information it maintains is used for a purpose that is either unrelated to the purpose for which the information was originally provided, or that is for a purpose that was not disclosed in the original notice to the individual. 

  • Chapter provides external notice about its privacy practices on its website.  The notice describes how personally identifiable information is collected, used, stored, and shared, and secured. 

  • Chapter provides notice in its various printed information collection forms about how personally identifiable information will be used.  

  • Chapter also provides notice in situations other than traditional online or offline information collection, such as when people are taking surveys or attending meetings, and instructs its employees about when notice must be provided. 

  • This Privacy Policy is used to inform Chapter personnel (and others, such as volunteers, contractors, etc., who will access personally identifiable information maintained by Chapter and who have a responsibility to adhere to this policy) about Chapter’s responsibilities with respect to use of personally identifiable information, and is distributed to personnel along with the external privacy notice. 

 

Collection of Personally Identifiable Information 

Chapter uses fair and lawful means to collect information, collects information using methods that have been reviewed and approved by the chapter designee responsible for the Chapter privacy program, and analyzes third-party sources of personally identifiable information to determine if those third parties are reliable data providers. 

It is Chapter’s policy not to develop or acquire additional information about those individuals whose personal information is covered by this policy, unless it has obtained consent from those individuals.  Certain exceptions apply, including to build behavioral profiles or to obtain information to verify applicants for courses or certification. 

Chapter currently collects the following types of personally identifiable information (for the purposes described in the “use” section of this policy): 

 

 Personal data type:

Source:

Your ISACA registration details including membership number, certifications with dates of exams passed and certified, membership payment status and certification status

ISACA International

(Restricted access to scoped database extracts)

Event registration details

(Members and Non-Members)

ISACA NE event registration platforms 

(Cvent, Zoom, Constant Contact, etc.) 

Membership survey details, including name, email, gender, work status

ISACA NE online surveys

 

Name, personal contact details, query Information

Queries from Members/Non-Members

 

 

Personal Data Shared with ISACA International

The personal information shared by ISACA International is used to meet ISACA NE objectives as an affiliate of ISACA International and provide membership services to ISACA NE members. We use your personal data to provide following services: 

  • Maintain your record of registration for attending the ISACA NE event and share it with event venue host/provider to print and issue attendee badges for security, health and safety; 

  • Keep you informed of future ISACA NE and partner educational events (including meetings, conferences, courses, etc.); 

  • Send you ISACA NE newsletters; 

  • Contact you to participate in appropriate surveys and research initiatives supported by ISACA NE; and 

  • Contact you to participate in the ISACA NE Annual General Meeting. 

 

Personal Data Collected by Event Platforms (Cvent, Zoom, Constant Contact, etc.) 

The registration information that you provide when you register for ISACA NE educational events is limited to name, email address, job title, company name, location and, in some cases, ISACA membership number. 

This event registration information is used by ISACA NE and its service provider and venue hosts to provide following services: 

 

  • Issue event ticket; 

  • Authenticate on arrival; 

  • Provide name badges; and 

  • Record evidence of entry and attendance to the event to ensure compliance with security, health and safety requirements. 

 

To the extent that information requested is not required for your participation in a given ISACA NE Chapter program, you will be told which information is optional.  Should you fail to provide optional information, certain ISACA Chapter programs or features may not be available to you. 

 

Passive Online Data Collection 

ISACA NE Chapter also collects certain information passively,collecting online, non-identifying information through the use of cookies technology and/or Internet Protocol (“IP”) address tracking. Non-personal identification information might include the browser used by you, the type of computer, the operating systems, the Internet service providers, and other similar information. The ISACA NE Chapter system also automatically gathers information about the areas you visit on the Site and about the links you may select from within the Site to other sites. Most browsers are set to accept cookies. You can set yours to refuse cookies, or to alert you when cookies are being sent; however, if you disable cookies, the full functionality of our sites may not be available to you.  

 

On the ISACA NE Chapter Site, there may be certain third-party advertisers whose advertisements contain cookies that collect data from you.  Some of those cookies may contain tracking mechanisms that observe your behavior across multiple Sites.  ISACA Chapter does not control the use of cookies by advertisers or third parties displaying data on the Site or on the sites you visit using links from the Site. 

 

Choice and Consent 

To the extent feasible – keeping in mind Chapter’s legal obligations, business goals and resources – Chapter gives individuals choice about how their information will be used.  This choice includes, for example, seeking consent and/or providing clear notice about use of personally identifiable information. 

 

Chapter informs individuals what choices they have about how information will be used, stored, or shared with third parties. 

 

Use of Personally Identifiable Information 

Chapter uses personally identifiable information it obtains for the following purposes: 

  • Those purposes described in Chapter’s external privacy policy, and as described at the time it collects information (for example in an online or offline form); 

  • To process individuals’ requests; 

  • For purposes that a reasonable individual would view as related to the purpose for which an individual provided information; and 

  • For other legitimate business purposes of Chapter that are permitted by applicable laws, rules and regulations, and/or that are in keeping with appropriate industry guidelines and practices. 

 

Sharing of Personally Identifiable Information 

Chapter shares personally identifiable information with third parties only for legitimate business purposes and as permitted by applicable law, rules and regulations. Instances when Chapter may share information include: 

  • To vendors, sponsors or third-party to deliver or provide goods and services, including, for example, exam testing agencies and training providers and partners, product-fulfillment companies, or third-party event hosts; 

  • To the ISACA Headquarters, and from time to time volunteers (such as ISACA board members) performing tasks on Chapter’s behalf; 

  • To those who wish to determine if an individual is certified provided that the requester of the information provides to Chapter the certification number and last name of the individual; 

  • To investigate potentially fraudulent or questionable activities; 

  • In anticipation of and in the course of an actual or potential sale, reorganization, consolidation, merger, or amalgamation of all or part of Chapter’s business or operations; and 

  • When Chapter believes it is necessary to cooperate with law enforcement or in response to a government request. 

Individuals are notified of Chapter’s practices with respect to the sharing of information with third parties in Chapter’s privacy policy, accessible on the Chapter website. 

When sharing information, Chapter limits the amount and type of information shared to that which the other party needs or that is relevant to the other party.  

If Chapter shares personally identifiable information with a vendor or other third party providing services on Chapter’s behalf, Chapter requires that the third party use the data as directed by Chapter and that it maintains the confidentiality and security of the data.  

Chapter will take appropriate remedial actions if it becomes aware of any situation in which a third party misuses personally identifiable information. 

 

Retention of Personally Identifiable Information 

ISACA NE Chapter retains personally identifiable information for as long as necessary for its legitimate business purposes, and as otherwise permitted by applicable law. 

 

Access 

Those who wish to access their information or have their information updated are directed in Chapter’s privacy policy to contact the Chapter by email.  Such requests will be answered and addressed under the direction and supervision of chapter designee responsible for the Chapter privacy program. 

 

Completeness and Accuracy 

Chapter relies on individuals to provide it with complete and accurate personally identifiable information, and in certain circumstances may require individuals to represent and warrant that the details they have provided are their own, are complete, and are accurate.  

 

How to Contact ISACA NE Chapter and Modify Your Information or Preferences 

Questions regarding this Privacy Policy should be directed to contact the ISACA NE secretary: secretary@isacane.org.  If you would like to modify the types of marketing email messages you receive from ISACA NE Chapter, you may do so by following the instructions within the body of any email message that you receive from us. Note that: 

  • CPEs for chapter events are sent via email 

  • If you unsubscribe from chapter emails, privacy regulations will prevent us from emailing you CPEs 

  • You will not be able to receive CPEs for chapter events. 

 

To help us keep your personal information up to date, or to request access to the personal information  ISACA NE Chapter maintains about you, you may contact us at secretary@isacane.org. 

 

Modifications to this Policy 

From time to time, ISACA NE Chapter may need to update or modify this Privacy Policy, including to address new issues or to reflect changes on our web sites.  To the extent required by law, ISACA NE Chapter will notify you of material changes to this Privacy Policy, including by posting the most recent version of the Privacy Policy and information about the changes from the previous version on ISACA NE Chapter website.  

Global message icon