Privacy Policy 

 

ISACA Privacy Policy – Your Privacy Rights

This Privacy Policy describes how ISACA South Africa (“ISACA”) collects, uses, shares, and retains personally identifiable information you provide. The Policy is effective as of August 15, 2003. The policy was last modified on 7 November 2014. This Privacy Policy does not cover the privacy practices of ISACA chapters, which are separate legal entities that – depending on where they are located, may be subject to different laws and requirements than those of ISACA (to understand how chapters use personal information, please contact them directly). This Privacy Policy also does not cover the practices of our licensees or business partners (such as vendors, sponsors, or advertisers), nor does it apply to personally identifiable information that we collect from or about our employees, consultants, contractors, vendors, licensees, sponsors, or advertisers.

Modifications to this Policy
From time to time, ISACA may need to update or modify this Privacy Policy, including to address new issues or to reflect changes on our web sites, including our main site located at www.isaca.org (“Sites”). To the extent required by law, ISACA will notify you of material changes to this Privacy Policy, including by posting the most recent version of the Privacy Policy and information about the changes from the previous version on ISACA web sites.

International Visitors
ISACA South Africa is located in the Republic of South Africa. If you are providing personally identifiable information and are not a resident of South Africa, your country’s laws governing data collection and use may differ from those in the South Africa, in particular, South Africa. may not provide the same level of protections as those in your own country. By providing information to ISACA, you are transferring your personal data to South Africa, and you consent to the transfer to, retention of and processing of your data in South Africa.

Collection of Personally Identifiable Information
ISACA collects and maintains a variety of personally identifiable information, including email addresses, phone numbers, credit card and other payment information, business and home addresses, as well as demographic information such as courses or areas of study in which you may be interested. ISACA collects information directly from you through, for example, online registration forms, as well as offline, through exam or event registration forms. Information is collected and maintained from members, exam candidates, those who have been certified by ISACA, applicants, event attendees, speakers, participants in ISACA programs, purchasers of ISACA products and services, current and past web site users, survey respondents, and others. To the extent that information requested is not required for your participation in a given ISACA program, you will be told which information is optional. Should you fail to provide optional information, certain ISACA programs or features may not be available to you.

ISACA may also maintain information about you that you do not directly provide, whether it is information received from third parties, such as business partners who provide exam administration services, or information ISACA collects about your activities. For example, ISACA keeps track of which events you have attended, which exams you have taken, which boards and committees you have served on, and which offices you have held.

Passive Online Data Collection
ISACA also collects certain information passively, such as collecting online, non-identifying information through the use of cookies technology or Internet Protocol (“IP”) address tracking. Non-personal identification information might include the browser used by you, the type of computer, the operating systems, the Internet service providers, and other similar information. The ISACA system also automatically gathers information about the areas you visit on the Site and about the links you may select from within the Site to other sites. Most browsers are set to accept cookies. You can set yours to refuse cookies, or to alert you when cookies are being sent; however, if you disable cookies, the full functionality of our sites may not be available to you.

On the ISACA Sites, there may be certain third-party advertisers whose advertisements contain cookies that collect data from you. Some of those cookies may contain tracking mechanisms that observe your behaviour across multiple Sites. ISACA does not control the use of cookies by advertisers or third parties displaying data on the Sites or on the sites you visit using links from the Sites. Some of our vendors may use DART cookies, a DoubleClick product, which you can opt out of by visiting
www.doubleclick.com/privacy/dart_adserving.aspx.

To learn how to manage how we – and our vendors – use cookies and other tracking tools, please click here .

Online Professional Networking Features – Public Display of Information
Online web site users should be aware that our professional networking features are public in nature, thus any contributions and postings you make to our Sites will be viewable by other web site users, and will be associated with the personally identifiable information in your public profile (which includes your name, user name, and other optional information you may choose to include). If you decide to participate in our professional networking features, keep in mind that your personally identifiable information (for example, your name and online name), along with any substantive information you disclose in the communication you decide to post, will be publicly accessible and viewable by others who visit that area. In addition, we may highlight certain users’ postings or contributions to other members of the professional networking features. For example, those who participate actively in our social networking features, like contributing materials and engaging in certain online activities, will be listed as “active members” in a roster that is viewable by all other registered users. It is possible that your posting may result in unsolicited messages from third parties. Such activities are beyond the control of ISACA, and ISACA makes no guaranties about the discoverability of your identity.

Use, Sharing and Retention of Personally Identifiable Information
ISACA uses personally identifiable information for the purposes described at the time of collection or as otherwise described to you, to process your requests, and to report to others about whether you are certified or not. ISACA also publishes the names, titles, country and business affiliations of officers, committee members and others who have assisted with initiatives or projects. ISACA also uses your information, as permitted by law, to provide you with information about ISACA, our products and services or other products and services in which we believe you may be interested, or for other legitimate ISACA business purposes, including order processing, processing of certification or membership applications, or registering you for event or training programs. We may also use your personally identifiable information to tailor your experience at our sites, to compile and display content and information that we think you might be interested in, and to provide you with content according to such preferences.

ISACA may share personally identifiable information with third parties for legitimate business purposes, including for the following reasons or in the following circumstances:

  • To vendors or third-parties who deliver or provide goods and services or otherwise act on behalf of or at the direction of ISACA, which third parties include, for example, exam testing agencies and training providers and partners, product-fulfilment companies, third-party event hosts, other third parties who may provide services on web sites that are accessible from links on one of our Sites, and credit card companies processing payment;
  • To ISACA volunteers and board members;
  • To ISACA chapters, the IT Governance Institute, and if you participate in our “Enterprise Participation Program,” your information will be shared with your organization’s program coordinator;
  • If you are an event attendee, speaker, or sponsor, certain of your information will be included in the event roster, which roster will be publicly disclosed, and may also be shared with third-party event sponsors and exhibitors;
  • If you use our Career Center services, your information may be accessible to potential employers or recruiters;
  • To those who wish to determine if you are certified, your certification status will be shared with those who inquire;
  • To investigate potentially fraudulent or questionable activities;
  • In anticipation of and in the course of an actual or potential sale, reorganization, consolidation, merger, or amalgamation of all or part of our business or operations; and
  • When we believe it is necessary to cooperate with law enforcement or in response to a government request, including if specifically requested or required, as otherwise permitted by law, and for other valid ISACA business purposes.

ISACA also may use your profile information on an aggregate basis – without personal identifiers – to provide third parties with information, such as to help us develop new features and content for the Sites, and to provide Sponsors and others with aggregate information about our users and the usage patterns of the Sites.

ISACA retains personally identifiable information for as long as necessary for its legitimate business purposes, and as otherwise permitted by applicable law.

Security 
ISACA uses reasonable measures to safeguard sensitive personally identifiable information, which measures are appropriate to the type of information maintained, and follows applicable laws regarding safeguarding any such information under our control. In addition, in some areas of our Sites, ISACA may use Secure Socket Layer (“SSL”) or Transport Layer Security (“TLS”) encryption technology to enhance data privacy and help prevent loss, misuse, or alteration of the information under ISACA control.

ISACA cannot guarantee, however, that your information will remain secure. The Internet by its nature is a public forum, and ISACA encourages you to use caution when disclosing information online. Often, you are in the best situation to protect yourself online. You are responsible for protecting your username and password from third party access, and for selecting passwords that are secure.

Links to Third-Party Sites 
From time to time, ISACA will provide links to third-party web sites, or advertisements will contain links to third-party sites. For example, ISACA may link to a third party who is assisting in or is providing online training services. These links are provided as a service to you. These sites are operated by independent entities that have their own privacy policies. ISACA’s Privacy Policy does not apply to such other sites or to the use that those entities make of your information. ISACA has no control over the content displayed on such sites, nor over the measures, if any, that are taken by such sites to protect the privacy of your information.

Our site may also serve third party ads or other content that contains their own cookies or tracking technologies. To learn more, click here . We do not control the use of those technologies.

Transfer of personal information outside South Africa

We may transmit or transfer personal information outside South Africa to a foreign country. Personal information may be stored on servers located outside South Africa in a foreign country whose laws protecting personal information may not be as stringent as the laws in South Africa. You consent to us processing your personal information in a foreign country whose laws regarding processing of personal information may be less stringent.

Your Privacy Rights Relating to Certain Information Disclosures
You are entitled to know if and what personal information about you we have in our possession. You can make a request to find out this information as outlined in in our Promotion of Access to Information Act (“PAIA”) Manual.

How to Contact ISACA and Modify Your Information or Preferences 
Questions regarding this Privacy Policy should be directed to ISACA’s Customer Support by email at admin @isaca.org.za. If you would like to modify the types of marketing email messages you receive from ISACA, you may do so by following the instructions within the body of any email message that you receive from us.
 
To help us keep your personal information up to date, or to request access to the personal information ISACA maintains about you, you may contact us at 43 Homestead Road, Rivonia, Gauteng, South Africa 2128 or by fax to +2786 684 2979. Or, if you are a registered user of one of our Sites, you may go online to your personal profile and update your information in that area.

Children
ISACA does not believe its Sites are appealing to children, nor are they directed to children under 13. ISACA does not knowingly collect personally identifiable data from persons under the age of 13. If you are a parent of a child under 18, and you believe that your child has provided us with information about him or herself, please contact us at 
privacy@isaca.org.