This policy outlines the Springfield ISACA Chapter (the “Chapter) policies with respect to the treatment of the personally identifiable information (PII) (as described below) of the following individuals:
o Current and past website users and individuals who purchase materials;
o Members (both current and past);
o Event attendees, speakers, sponsors, survey respondents, and other participants in Chapter programs; and
o Non-member volunteers who participate on Chapter projects and/or volunteer groups.
This policy does not describe Chapter policies with respect to personally identifiable information of employees, consultants, contractors, vendors, licensees, sponsors, or advertisers.
This policy applies to handling of personally identifiable information stored in all forms (whether on paper, electronically – including on computer hard drives, CD ROMs, removable flash drives – or otherwise) by the Chapter. It does not describe the treatment of information by legally independent entities that may work with the Chapter, including ISACA International.
This policy is for internal use by Chapter volunteers, employees and by others (such as contractors, vendors, committee members, and the like) who have access in the course of their duties for the Chapter to PII (as defined below) maintained by or on behalf of the Chapter.
The Chapter’s Website Committee Director is responsible for maintaining the Chapter’s privacy program.
o When feasible (and/or legally required) the Chapter provides notice to individuals before their personally identifiable information is collected.
o The Chapter provides notice and obtains consent (as legally required) before information it maintains is used for a purpose that is either unrelated to the purpose for which the information was originally provided, or that is for a purpose that was not disclosed in the original notice to the individual.
o The Chapter provides external notice about its privacy practices on its website. The notice describes how personally identifiable information is collected, used, stored, and shared, and secured.
o The Chapter also provides notice in situations other than traditional online or offline information collection, such as when people are taking surveys or attending meetings, and instructs its employees about when notice must be provided.