(ISC)² Privacy Center
Your Trust is Our Top Priority
We want to provide you with clear and transparent information about how we collect, use and protect your personal data, the circumstances where we may share your personal data and your rights in relation to your personal data.
We want you to be confident that your personal data is safe and secure with us, and to understand how we use it to offer you a better and more personalised experience.
Your Data Journey
Why We Collect Data
(ISC)² is an international, nonprofit membership association for information security leaders like you. We're committed to helping our members and professionals learn, grow and thrive. More than 130,000 certified members strong, we empower professionals who touch every aspect of information security. We achieve this by connecting professionals together to share insights, experiences and make an impact.
What Information We Collect About You
Whether you are creating an account on (ISC)² website, downloading a content piece, registering for an (ISC)² event or webinar, or signing up to our online educational resources or (ISC)² Community, we may collect a variety of information.
Your Data Journey as an (ISC)² Member
Your data journey evolves when you become certified and (ISC)² member. You get your membership pack and certification, as well as access to additional resources and member benefits. We collect a variety of data including First Name, Last Name, Telephone Number, Email Address, Mailing Address, Job Title, Company name, and we create a member ID number for you.
How We Use the Information We Collect
- Your data is always protected and never shared without your permission.
- When we collect data, we will use it to benefit you and to make your experiences better. We provide additional resources and content you have subscribed to receive. You can change your subscription preferences at any time by clicking here.
- (ISC)² members receive their membership packs via mailing. From time to time, we may use (ISC)² personal information to send important notices such as Official Member Communications – you cannot opt-out to these notices.
- On very rare occasions (once, twice per year), we will send opted-in members and professionals an (ISC)² resource by direct mail or give you a call to check how we can improve your experience at (ISC)²
- If you have opted-in for your information to be shared with sponsors, your data will be passed on to the relevant party on a one-time basis per event or webinar.
How Long We Keep Your Personal Information
It varies according to the information we collect and what it’s used for. If you are an (ISC)² member, there are legal requirements to keep data for as long as your membership is valid.
If you are not an (ISC)² member and expressed interest to receive content from us, we’ll only have it for as long as is necessary for the purposes for which the data was collected or for which it is to be further processed. However, you may contact us at any time to ask for your information to be deleted.
Your Rights. Your Choices.
We use your data to provide you with a more personalised experience. Here we explain the rights and choices you have with regards to the personal data that we hold about you, the information you choose to receive from us, and we give you the controls to adjust these settings.
Managing your marketing choices
Whether you’re an (ISC)² member or a professional, (ISC)² provides a plethora of educational and personal development resources to grow your knowledge, sharpen your skills and get certified. We also connect you with fellow professionals from the CISO to the practitioner across the globe who are experiencing the same challenges as you are. We want to make this experience better for you by sending the relevant tools and resources you choose to receive. You also have the right to ask us not to process your personal data for marketing purposes.
So please take a moment to update your subscription preferences here.
Keeping your personal data up to date
We want to make sure that the personal data we hold about you is accurate. You have a right to find out what personal data we hold about you.
If any of your details are incorrect you can update them here or please feel free to submit a Subject Access Request below.
Privacy and Security
We employ a number of measures to protect your personal information; here are some of the things that we do:
- Your personal information is stored in a secure database
- We provide a secure account sign-in to members and professionals registered on our website
- Credit card details are encrypted, stored securely, and deleted immediately when no longer needed
- Remote accesses are secured for all employees across all regions
If you have any questions about your data that is not addressed here, please contact our Data Protection Officer, Graham Jackson at firstname.lastname@example.org.
You have the right to be informed of data (ISC)² has about you. You also have the right to request that we delete any or all of your personal data. Please use this form to Request Information or Request an Erasure. If you only want to be removed from ALL marketing material, please make your selection here.*
*An erasure of information cannot be performed for current (ISC)² members. A separate request for Certification surrender, and membership termination must first be completed. Certain other scenarios, e.g., a previous ethics violation, also will preclude an erasure from being performed.