Skip to main content
Register for exam

ISC2 Privacy Center

Your Rights. Your Choices.

This page is dedicated to individuals who are wishing to update their membership status, marketing preferences, and to make a data subject access request to ISC2. Here we explain the rights and choices you have with regards to the personal data that we hold about you, the information you choose to receive from us, and we give you the controls to adjust these settings.

For more information on how ISC2 collects and uses your personal information, please review the ISC2 Privacy Policy here.

How Long We Keep Your Personal Information

It varies according to the information we collect and what it’s used for. If you are an ISC2 Candidate, Associate, or Certified Member, there are legal requirements to keep data for as long as your membership is valid and for five years after the date of your termination for legal, security, and fraud purposes.

If you are not an ISC2 member and expressed interest to receive content from us, we’ll only have it for as long as is necessary for the purposes for which the data was collected or for which it is to be further processed. However, you may contact membersupport@isc2.org for your information be deleted.

Manage Your ISC2 Membership

If you are looking to update your personal information, or cancel or terminate your ISC2 membership, please visit your Member Dashboard.

Manage Your Marketing Choices

Whether you’re an ISC2 member or a professional, ISC2 provides a plethora of educational and personal development resources to grow your knowledge, sharpen your skills and get certified. We also connect you with fellow professionals from the CISO to the practitioner across the globe who are experiencing the same challenges as you are. We want to make this experience better for you by sending the relevant tools and resources you choose to receive. If you are looking to update your communication preferences, please click here. This link will allow you to update your subscription preferences and ensure we are only sending you relevant tools and resources you choose to receive. It will also allow you to unsubscribe from receiving marketing emails from us.

You may also unsubscribe to marketing emails based on the opt-out link at the bottom of our marketing emails.

You also have the right to ask us not to process your personal data for marketing purposes. Please note that this opt out will not impact official communications.

Subject Access Request

You have several rights associated with your personal data held by ISC2, including: the right to request certain information; the right to request erasure of your personal data; the right to restrict how ISC2 processes your data; the right to object to how ISC2 processes your data; and the right to lodge a complaint with a supervisory authority in the EU. If you notice any errors in the personal information ISC2 collects and stores concerning you, please revise the information in your profile, or contact us to rectify the error.

If you are a Candidate, Associate, Certified Member, customer, website visitor, or have otherwise interacted with ISC2 outside of an employment context, you may submit a Subject Access Request by e-mailing membersupport@isc2.org.

Employment-related requests, including those from current or former employees, job applicants, contractors, or others who have interacted with ISC2 in an employment capacity, should be directed to hr@isc2.org.

When ISC2 receives a request, we will ensure that we have enough information to be sure of your identity. Once validated, we will proceed to gather information responsive to your request and issue a response.

Exceptions to Right of Erasure

Please note, if you are requesting erasure of your data and you are a Candidate, Associate, or Certified Member, ISC2 will deactivate your account and terminate your membership, including unsubscribing you from future communications. However, your record as a member is kept for legal, security, and fraud prevention purposes for a period of 5 years after the date of your termination. This retention is based on ISC2’s legitimate interest in maintaining accurate historical records, preventing misuse of its membership programs, and responding to potential future inquiries or disputes.

Data Protection Officer

If you have any questions about your data that is not addressed here, please contact our Data Protection Officer, Graham Jackson at dpo@isc2.org.