Last updated 2013
Policy applies only to information collected by the ISACA Chapter (‘we” or “us”) at www.isacatt.org (the “Site”). It does not apply to information collected or used by ISACA International
Modifications to this Policy
Collection of Personally Identifiable Information
The ISACA Chapter collects and maintains a variety of personally identifiable information, including email addresses, phone numbers, payment information, business and home addresses, as well as demographic information such as courses or areas of study in which you may be interested. ISACA Chapter collects information directly from you through, for example registration forms, as well as through exam or event registration forms. Information is collected and maintained from members, exam candidates, those who have been certified by ISACA, applicants, event attendees, speakers, participants in ISACA Chapter programs, purchasers of ISACA Chapter products and services, current and past web site users, survey respondents, and others. To the extent that information requested is not required for your participation in a given the ISACA Chapter program, you will be told which information is optional. Should you fail to provide optional information, certain ISACA Chapter programs or features may not be available to you.
The ISACA Chapter may also maintain information about you that you do not directly provide, whether it is information received from third parties, such as business partners who provide exam administration services, or information the ISACA Chapter collects about your activities. For example, the ISACA Chapter keeps track of which events you have attended, which exams you have taken, which boards and committees you have served on, and which offices you have held.
Passive Online Data Collection
Use, Sharing and Retention of Personally Identifiable Information
The ISACA Chapter uses personally identifiable information for the purposes described at the time of collection or as otherwise described to you; to process your requests; to report to others about whether you are certified or not; as permitted by law to provide you with information about the ISACA Chapter, our products and services or other products and services in which we believe you may be interested; or for other legitimate ISACA Chapter business purposes, including order processing, processing of certification or membership applications, or registering you for event or training programs. We may also use your personally identifiable information to tailor your experience at our sites, to compile and display content and information that we think you might be interested in, and to provide you with content according to such preferences. The ISACA Chapter also publishes the names, titles, country and business affiliations of officers, committee members and others who have assisted with initiatives or projects.
The ISACA Chapter may share personally identifiable information with third parties for legitimatebusiness purposes, including for the following reasons or in the following circumstances:
- To vendors or third-parties who deliver or provide goods and services or otherwise act on behalf of or at the direction of the ISACA Chapter, which third parties include, forexample, exam testing agencies and training providers and partners, product-fulfillment companies, third-party event hosts, other third parties who may provide services on websites that are accessible from links on one of our Site, and credit card companies processing payment;
- To ISACA Chapter volunteers and board members;
- To ISACA, other ISACA chapters, the IT Governance Institute;
- If you are an event attendee, speaker, or sponsor, certain of your information will be included in the event roster, which roster will be publicly disclosed, and may also be shared with third-party event sponsors and exhibitors;
- To investigate potentially fraudulent or questionable activities;
- In anticipation of and in the course of an actual or potential sale, reorganization, consolidation, merger, or amalgamation of all or part of our business or operations; and
- When we believe it is necessary to cooperate with law enforcement or in response to a government request, including if specifically requested or required, as otherwise permitted by law, and for other valid ISACA Chapter business purposes.
The ISACA Chapter also may use your profile information on an aggregate basis – without personal identifiers – to provide third parties with information, such as to help us develop new
features and content for the Site, and to provide sponsors and others with aggregate information about our users and the usage patterns of the Site.
The ISACA Chapter retains personally identifiable information for as long as necessary for its legitimate business purposes, and as otherwise permitted by applicable law.
The ISACA Chapter uses reasonable measures to safeguard sensitive personally identifiable information, which measures are appropriate to the type of information maintained, and follows applicable laws regarding safeguarding any such information under our control. In addition, in some areas of our Site, the ISACA Chapter may use Secure Socket Layer (“SSL”) or Transport Layer Security (“TLS”) encryption technology to enhance data privacy and help prevent loss, misuse, or alteration of the information under the ISACA Chapter control.
The ISACA Chapter cannot guarantee, however, that your information will remain secure. The Internet by its nature is a public forum, and the ISACA Chapter encourages you to use caution when disclosing information online. Often, you are in the best situation to protect yourself online. You are responsible for protecting your username and password from third party access, and for selecting passwords that are secure.
Links to Third-Party Sites
From time to time, the ISACA Chapter will provide links to third-party web sites, or advertisements will contain links to third-party sites. For example, the ISACA Chapter may link to a third party who is assisting in or is providing online training services. These links are provided as a service to you. These sites are operated by independent entities that have their own privacy policies.
Your Privacy Rights Relating to Certain Information Disclosures
If you have an established business relationship with us you may request from us a list of the categories of personal information we have disclosed to third parties for those third parties’
marketing purposes, and a list of all third parties to whom we have shared that information. We will include in that list the names and addresses of the third parties who received the information and used it (or who we believe may have used it) for their own marketing purposes.
To exercise your rights, you may make one request each year by emailing us at firstname.lastname@example.org. Responses to requests sent to this email address will be provided within 30 days.
How to Contact the ISACA Chapter and Modify Your Information or Preferences
To help us keep your personal information up to date, or to request access to the personal information that the ISACA Chapter maintains about you, you may contact us at email@example.com. Or, if you are a registered user of our Site, you may go online to your personal profile and
update your information in that area.
The ISACA Chapter does not believe its Site is appealing to children, nor is it directed to children under the age of 13. The ISACA Chapter does not knowingly collect personally identifiable data from persons under the age of 13, and strives to comply with all laws and regulations relating to the protection of children. If you are a parent of a child under 13, and you believe that your child has provided us with information about him or herself, please contact us at firstname.lastname@example.org.