GLOBAL PRIVACY NOTICE
Last Updated: 1 October 2024
This ISACA® 《澳门赌场官方下载》描述了信息系统审计与控制协会的个人资料类型, Inc., and its respective subsidiaries and affiliated companies (“ISACA”, “we” or “us”) collect, how we use it, how and when it may be shared, and the rights and choices you have with respect to your data. 我们提供本隐私声明是为了帮助您了解我们如何处理您的数据,这是我们维护您信任的承诺的一部分. Thank you for taking the time to read and understand our data and privacy related practices.
Please note, our privacy practices are subject to the applicable laws of the places in which we operate. 您将看到仅适用于位于这些地理区域的客户的其他特定于区域的条款, or as required by applicable laws.
你可按下列连结直接进入本私隐声明的相应部分.
TABLE OF CONTENTS
1. WHAT OUR PRIVACY NOTICE COVERS
2. CHANGES TO THIS NOTICE
3. PERSONAL DATA WE COLLECT AND HOW WE USE IT
4. WHY WE COLLECT YOUR PERSONAL DATA
5. HOW WE DISCLOSE YOUR PERSONAL DATA
6. HOW WE PROTECT YOUR PERSONAL DATA
7. DATA RETENTION
8. YOUR CHOICES
9. YOUR RIGHTS
10. INTERNATIONAL TRANSFERS
11. ADDITIONAL NOTICE FOR INDIVIDUALS LOCATED IN THE EEA, UNITED KINGDOM AND SWITZERLAND
12. ADDITIONAL NOTICE TO INDIVIDUALS IN CANADA
13. ADDITIONAL NOTICE TO INDIVIDUALS IN AUSTRALIA
14. ADDITIONAL NOTICE TO INDIVIDUAL IN BRAZIL
15. CHILDREN’S PRIVACY
16. CONTACT INFORMATION
1. WHAT OUR PRIVACY NOTICE COVERS
本隐私声明适用于我们在您进行以下任何一项(统称为“服务”)时收集的有关您的所有个人资料:
- use the ISACA websites located at gregory-mairet.com, cmmiinstitute.com, ISACA拥有或控制的其他网站或链接到本隐私声明的相关移动应用程序(统称为“网站”);
- use ISACA products or services and complete related forms, participate in ISACA events, or communicate with one of our customer service representatives; or
- interact with CMMI or other ISACA affiliated companies.
This Privacy Notice does not cover the privacy practices of local ISACA chapters, which are separate legal entities. 您应直接与他们联系或查看其网站上的隐私声明,以了解他们如何处理您的个人数据.
Our Sites may contain links to third-party websites. 这些第三方网站和服务与我们无关,可能有单独的隐私政策和数据收集做法. 我们对这些网站或其隐私惯例不承担任何责任,并鼓励您阅读您访问的所有网站的隐私政策.
By accessing and using our Services, subject to applicable law, you acknowledge you understand the terms of this Privacy Notice and agree to our Terms of Use. If you are not comfortable with any aspect of this Privacy Notice or our Terms of Use, you should immediately discontinue access to and use of our Services.
2. CHANGES TO THIS NOTICE
我们可能需要不时更新本隐私声明,以反映我们商业惯例的变化, data collection practices or changes in the applicable law. If we make a change that we believe materially affects how we process your personal data, we will provide notice of such change on this Site or via email, at the email address we have on file for you. After such notice, your continued use of our Services will be subject to the then-current Privacy Notice. 我们鼓励您通过查看位于新隐私声明顶部的“最后更新”日期来查找本隐私声明的更新和更改.
3. PERSONAL DATA WE COLLECT AND HOW WE USE IT
We collect personal data when you interact with our Services. Personal data is typically data that can be used to identify you directly or indirectly. 个人数据的定义取决于基于您实际所在位置的适用法律. 根据本隐私声明,只有适用于您实际位置的定义才适用于您. This Notice does not apply to anonymized information as it cannot be used to identify you.
The types of personal data that we may collect about you include, but are not limited to, information you provide to us, information from third parties, and information collected automatically about your use of our Services.
A. Data You Directly and Voluntarily Provide to Us
- Membership or Registered User
If you sign up to become a registered user or an ISACA Member, you will be required to provide certain personal data as part of the registration process. 这些信息可能包括你的姓和名、电子邮件地址、公司地址或家庭地址. We use this information to communicate with you, to design content and activities that we believe would be of interest to you, and to ensure that we will not violate any applicable U.S. sanctions in providing you access to our Services.
We rely on fulfillment of contract as the lawful basis for processing your personal data.
We may also request that you voluntarily provide other information, such as your phone number, date of birth, demographic information, educational background, work experience, information about your non-ISACA certifications, 您可能感兴趣的课程或学习领域,以及与我们的服务和您的澳门赌场官方软件资格相关的贵公司信息.
我们依靠我们的合法利益作为以这种方式处理您的个人数据的合法依据. - Events and Conferences
We may host events that include in-person and virtual conferences, training, knowledge sharing and webinars.- Registrants. If you register for an event, and you already have an account, 我们将访问您帐户中的个人数据,以便为您提供与活动相关的信息和服务. We may also ask for additional demographic information during the registration process. 我们也可能收集您自愿提供的饮食限制和残疾信息,以确保在活动和会议期间提供适当的住宿.
If you register for one of our events and you do not have an account or are not a member, we will collect certain personal data such as your first and last name, email address, business or home address, information about the type of business you work for or with, and your role in that business. We use this personal data to provide event attendees with event services, including badge printing, tracking your Continuing Professional Education (CPE) credits, 根据观众情况定制会议,并确定可能需要最大房间的会议, and related purposes connected with the event. 我们将履行合同作为处理与活动和会议有关的您的个人数据的合法依据. - Presenters. If you are a presenter at one of our events, we will collect information about you such as your name, employer, contact information and photograph, 我们也可能收集活动参与者提供的评价您作为演讲者表现的信息. We may also make and store a recording of your voice and likeness in certain instances, subject to applicable law. We rely on a legitimate interest as the lawful basis for collecting, storing and processing your personal data in this way.
- Registrants. If you register for an event, and you already have an account, 我们将访问您帐户中的个人数据,以便为您提供与活动相关的信息和服务. We may also ask for additional demographic information during the registration process. 我们也可能收集您自愿提供的饮食限制和残疾信息,以确保在活动和会议期间提供适当的住宿.
- Publications
We offer various publications and materials through our Sites. Some of these publications and materials are publicly accessible, and others require that you be a member, or that you create an account and subscribe to receive these publications and materials. If you are not a member and you create an account for this purpose, you will be required to provide certain information as part of your account registration, which may include your first and last name, email address, business or home address and professional information. 我们依靠与您签订的合同作为处理您的个人数据的合法依据,以满足您接收我们的出版物的要求. - Exams and Certification
When you register to take an ISACA exam, we will collect certain personal data such as your first and last name, email address, phone number, business address, home address, demographic information and professional and education history. 我们还可能收集和存储您提供给我们的有关您可能要求的特殊住宿的信息. 只有获得授权的ISACA员工才能访问您的考试成绩和与您可能要求的任何特殊住宿有关的个人数据. ISACA will collect your exam results and, in conjunction with maintaining your certification(s), if applicable, your record of participation in continuing professional education. 我们在履行合同的基础上处理与提供认证服务相关的个人数据. - Certification Status
If you hold an ISACA certification, 我们只会在事先得到您同意的情况下,与第三方分享您的认证状态, 或在某种程度上,您已向第三方提供必要的信息以访问您在我们网站上的认证状态. We rely on your consent as the legal basis for processing your personal data in this way. - Communications
If you communicate or correspond with us by email, through postal mail, via telephone or through other forms of communication, including our customer service center, we may collect the personal data you provide as part of those communications. For example, if you correspond with us through email, we may collect and store the email address you use to send the applicable correspondence and use it to respond to your inquiry; to notify you of ISACA conferences, publications, or other services; or to keep a record of your complaint, accommodation request, and similar purposes. 我们在处理那些自愿与我们联系寻求我们服务的人的个人数据方面具有合法权益. - CMMI Services
If you contact CMMI about its services, 我们可能会收集您提供的个人资料,以便就我们的服务与您沟通. If you retain CMMI to provide you with their services, 我们将处理与我们签订合同和提供服务的员工的某些个人数据, including their first and last name, email address, business address and telephone number. 在这种情况下,我们依靠履行合同作为处理您的个人数据的合法依据.
B. Information We Automatically Collect
As you navigate through and interact with our Sites, 我们可能会使用自动数据收集技术来收集有关您的设备(计算机)的某些信息, tablet, smart phone) and your activities, including:
- If you access the Services through a computer, we will automatically collect certain information such as your browser type and version, computer and connection information, IP address, mobile device advertising identifier, Media Access Control (MAC) address pages you have visited, type of device, operating system name and version, device manufacturer, browser information (type, version), screen resolution, Internet service provider or mobile carrier’s name, connection speed and connection type, date stamp, URL of the last webpage visited before visiting our Platform, and URL of the first page visited after leaving our Platform, pages viewed, time spent on a page, click through, clickstream data, queries made, search results selected, comments made, search history, type of service requested, purchases made, and information collected through cookies, pixel tags, and other technologies. For more information on the tracking technology we use, please see our Cookie Notice, 其中描述了我们网站上使用的cookie,并提供了您如何控制处理的个人数据的信息.
- If you access the Services through a mobile device, we may also be able to identify the location of your mobile device. 我们使用您的位置信息(如果共享)来识别访问我们内容的地理位置,以便我们更好地了解哪些内容主题在该地区可能最相关, and to our members generally, and to develop resources around those content topics. 您可以通过调整移动设备的位置服务设置,选择不与我们分享您的位置详细信息. For instructions on changing the relevant settings, please contact your service provider or device manufacturer.
To the extent our Sites use non-essential tracking technology, 我们将同意作为处理欧洲经济区个人数据的法律依据, the United Kingdom and Switzerland.
C. Information from Third Parties
We may receive personal data about individuals from third parties. This may happen if your employer pays and registers you for training, certification, or membership, however, 只有在您事先同意的情况下,我们才会与您的雇主分享您的信息. 当您报名参加培训时,我们的第三方培训合作伙伴也可能会与我们分享您的个人数据, certification or membership through the applicable training partner.
我们还可能从由ISACA控制或共同控制的公司收到有关您的个人数据. When you interact with our Services on a social media platform, 我们可能会收集您或该平台在该页面或帐户上提供给我们的个人数据, 包括您的社交媒体账户ID和/或与该社交媒体服务相关的用户名, your profile picture, email address, 朋友列表或有关您所连接的人和团体以及您如何与他们互动的信息, and any information you have made public in connection with that social media service. The information we obtain depends on your privacy settings on the applicable social media service; we will comply with the privacy policies of the social media platform and we will only collect and store such personal data that we are permitted to collect by those social media platforms. 当您通过社交媒体渠道访问我们的网站或当您将网站连接到社交媒体服务时, you are authorizing us to collect, store, and use such information and content in accordance with this Privacy Notice.
D. Information You Post on the Sites
If you post personal data on public areas of the Sites, that information may be collected and used by us, other users of the Sites, and the public generally.
如果您是澳门赌场官方软件或注册用户,并选择参与我们的专业网络功能, which are provided by our third-party vendor and volunteer platform provider, Higher Logic, 您的帖子将与您的公开澳门赌场官方软件档案中的个人资料(包括您的姓名)相关联, user name, and other optional information you may choose to include). ISACA may share the following personal data, to the extent you have provided it, 为这个志愿者管理平台和其他ISACA平台提供更高的逻辑:您的名字, state, zip code, country, phone number, bio, email, job title, company, ISACA and non-ISACA certifications, education (university or school and degree), areas of interest, membership level, chapter membership, chapter leader role, chapter ID, work experience, date of birth, photo and staff membership.
If you decide to participate in our platforms and professional networking features, keep in mind that your personal data (for example, your name and online user name), along with any substantive information you disclose in the communication you decide to post, will be publicly accessible and viewable by others who visit that area. In addition, 我们可能会突出显示某些用户的帖子或对ISACA专业网络功能的其他成员的贡献. For example, users who participate actively in our social networking features, like contributing materials and engaging in certain online activities, 将被列为“活跃成员”的花名册,是所有其他注册用户可见, to the extent that they consent to being listed. It is possible that your posting may result in unsolicited messages from third parties. 我们强烈建议您不要在网站的公共区域发布任何让陌生人识别或定位您的信息,或者您不希望与公众分享的信息.
E. Payment Information
您为支付我们的服务而提供的所有信用卡或借记卡号码均由符合支付卡行业数据安全标准(PCI/DSS)的第三方支付处理服务处理。. 我们无法获得这些第三方提供商为处理您的付款而收集的所有信息, 除非您在使用本网站或我们的服务时以其他方式向我们提供此信息.
4. WHY WE COLLECT YOUR PERSONAL DATA
We use your information for business purposes, including to provide the products and services you request, to perform customer service functions, for security and fraud prevention, for marketing and promotional purposes, and to perform website and mobile application analytics. We may use the data we collect about you to:
A. To Provide and Maintain Our Services
我们将使用您的个人数据来提供您所要求的信息或提供您所要求的服务,并允许您选择参与我们网站和服务的互动功能. For example:
- We process your personal data to provide membership benefits and other services to you, including order processing, processing of certification or membership applications, registering you for event or training programs, or registering you for reduced hotel price rates.
- When you sign up for a certification course or seminar, we will use your personal data to facilitate the delivery of such course or seminar.
- To the extent your organization has paid for your certification course or seminar, subject to your consent, we may provide the status of your course or seminar to your organization.
- In compliance with applicable laws, we may also publish the names, titles, country and business affiliations of officers, 委员会成员和其他协助倡议或项目的人,以表彰他们在ISACA澳门赌场官方下载的成就.
B. To Provide Customer Support or Respond to You
We collect any information that you provide to us when you contact us, such as with questions, concerns, feedback, disputes or issues. Without your personal data, we cannot respond to you.
C. To Personalize Your Experience
We may also use your personal data to tailor your experience at our Sites, to compile and display content and information that we think you might be interested in, and to provide you with content according to these preferences. We may also use this information to help us understand your needs and interests, and to better tailor our products and services to meet your needs.
D. For Research and Development
我们可能会使用您的信息来收集分析或有价值的信息,以便我们改进我们的服务并进行检测, prevent and address technical issues. 我们也可能使用您的信息来监控我们网站的使用情况,包括但不限于输入的搜索词, pages visited and documents viewed.
E. For Security Reasons
We may use personal data to help monitor, prevent and detect fraud, enhance security, monitor and verify identity or access, or security risks.
F. To Send You Marketing and Promotional Emails
我们可能会使用我们从您和第三方来源收集的您的个人数据,通过时事通讯与您联系, marketing or promotional materials and other information that may be of interest to you, to deliver targeted and relevant advertising and marketing to you, and to promote our Services. 我们的营销将根据您的广告/营销偏好并在适用法律允许的情况下进行.
G. To Advise You of Other Services
From time to time, subject to the applicable law, we may share your personal data with third parties or partners. You may opt out of having your personal data shared with third parties. If you choose to limit the use of your personal data , certain features or Services may not be available to you.
H. To Post Testimonials
We may use personal data to post testimonials on our Sites. Prior to posting a testimonial, we will obtain your consent to use your name and testimonial. 您可以随时通过发送带有您姓名的请求来要求更新或删除您的推荐, testimonial location and contact information.
I. To Enforce Our Terms, Agreements or Policies
When you access or use our Services, you are bound to our Terms of Use. To ensure you comply with them, we process your personal data by actively monitoring, investigating, preventing and mitigating any alleged or actual prohibited, illicit or illegal activities on our Services. We may process your personal data to: investigate, prevent or mitigate violations of our internal terms, agreements or policies; enforce our agreements with third parties and business partners; and, as applicable, collect fees based on your use of our Services. We may also use your data to ensure that we will not violate any applicable U.S. sanctions in accepting your donation or by providing you access to our Services.
J. To Maintain Legal and Regulatory Compliance
我们的服务受某些法律法规的约束,这些法律法规可能要求我们处理您的个人数据. For example, we process your personal data to fulfill our business obligations, or as necessary to manage risk as required under applicable law, or to respond to requests by judicial process or governmental agencies.
K. With Your Consent
在您向我们提供您的个人资料之前向您披露的任何其他目的,或为提供所要求的服务或其他相关服务而合理需要的任何其他目的, with your permission or upon your direction.
5. HOW WE DISCLOSE YOUR PERSONAL DATA
Except as set forth in this Privacy Notice or when specifically agreed to by you, 我们会注意只允许为执行其任务和职责而需要访问您的个人资料的人士访问您的个人资料, or have a legitimate purpose for accessing it. In general, 我们不会与第三方共享您的信息以供其独立使用,除非:(i)您请求或授权, (ii) it is required by law, or (iii) it is in connection with a co-sponsored event. We may share your personal data in the following circumstances:
A. For Recognition
Subject to applicable law, we may also make publicly available the names, titles, country and business affiliations of officers, 委员会成员和其他协助倡议或项目的人,以确保他们得到适当的认可.
B. When We Work with Service Providers
We may share your personal data with our suppliers, subcontractors, 以及向我们提供广告服务的其他第三方(统称为“服务提供商”), hosting, data analytics, information technology and infrastructure, email delivery, auditing, exam-testing, training providers, conference or event venues or on-site service providers, and other related activities. 我们只向我们的服务提供商提供他们执行其指定功能所需的信息,并且禁止将我们提供的数据用于他们自己的目的.
C. When We Work with Business Partners and Sponsors
From time to time, we may engage in joint sales or product promotions with selected business partners. If you purchase or specifically express interest in a jointly-offered product, promotion or service, we may share relevant personal data with those partners as permitted under applicable law. If you are an event attendee, speaker, or sponsor, certain personal data about you may be included in the event roster, 哪些信息也可能与第三方活动赞助商和参展商共享并公开披露, subject to the applicable law. While we do not control our business partners’ use of such information, 我们会采取适当措施,确保他们使用适当的保障措施来保护您的个人资料. 我们的合作伙伴和赞助商有责任管理他们在这些情况下收集的个人数据的使用, including providing privacy notices to you about how they use your personal data. 我们建议您查看相关合作伙伴的隐私政策,以了解他们如何处理您的个人数据. Where we do share your personal data with third parties, ISACA采取措施确保他们使用适当的保护措施来保护您的个人数据符合适用的法律.
D. Within Our Corporate Organization and with Our Local Chapters and Volunteers
We are part of a corporate organization that has many legal entities, business processes, management structures and technical systems. If you participate in our “Enterprise Participation Program,” your personal data, 特别是关于贵公司为贵公司利益从ISACA购买的商品和/或服务, will be shared with your organization’s program coordinator. As permitted under applicable law, we may also share your personal data:
- 在本组织内部以及与我们的子公司和/或附属公司提供服务和支持, provide recommendation to optimize services, to provide members and prospective members with information about our Services, and for the purposes otherwise described in this Privacy Notice.
- 与我们的董事会成员和志愿者一起开展我们的内部业务运营.
- 与您的 本地ISACA分会 联系,以便他们可以根据您在该分会的澳门赌场官方软件资格为您提供澳门赌场官方软件资格和相关服务.
- With One in Tech, an ISACA Foundation to provide information regarding their programs and initiatives.
E. When Sharing Helps Us Protect Safety and Lawful Interests
在下列情况下,我们可能会向政府机构或第三方披露您的个人资料:(i)法律或法规要求这样做, or in response to a subpoena or court order or any other enforceable governmental request or order; (ii) we believe disclosure is reasonably necessary to protect against fraud, to protect the property or other rights of us or other users, third parties or the public at large; or (iii) to exercise, establish or defend our legal rights.
F. When We Work on Business Transactions
If we become involved with a merger, 公司交易或涉及部分或全部业务资产转移的其他情况, 我们可能会与参与谈判或转让的商业实体或人员共享您的信息. 所有转让的用户信息的使用和披露将受本隐私声明的约束. However, 您提交的或在此类转移后收集的任何信息可能受后续实体采用的新隐私政策的约束.
G. Potential Employers
If you use ISACA’s Career Center services, 您在个人资料中包含的个人资料将与我们的就业中心网站供应商共享,并受供应商的隐私政策约束. When you provide information in the Career Center, your information may be accessible to potential employers or recruiters. 我们只会与潜在雇主或招聘人员分享您的个人信息,前提是您事先同意我们分享这些信息.
H. With Your Consent
如果您允许或指示我们共享您的信息,我们可能会与其他公司共享您的信息.
I. When You Post on Our Sites
If you post information on a blog or another part of our Sites, the information that you post may be seen by other visitors to our websites. We are not responsible for the information you choose to submit in these public areas.
6. HOW WE PROTECT YOUR PERSONAL DATA
Personal data is maintained on our servers or those of our service providers, and is accessible by authorized employees, representatives, and agents as necessary for the purposes described in this Privacy Notice.
We realize that individuals trust us to protect their personal data. We take reasonable measures to protect all personal data we may hold in order to prevent loss, misuse, unauthorized access, disclosure, alteration and destruction. In some areas of our platforms, we may use encryption technologies to enhance data privacy and help prevent loss, misuse, or alteration of the information under ISACA’s control.
While we attempt to protect your personal data in our possession, no method of transmission over the internet or security system is perfect, and we cannot promise that information about you will remain secure in all circumstances. We encourage you to use caution when disclosing information online. Often, you are in the best position to protect yourself online. You are responsible for protecting your login ID and password from third-party access, and for selecting passwords that are secure.
7. DATA RETENTION
当我们有正当的业务需要和/或为实现本隐私声明所述目的所需的时间,我们将保留从您那里收集的个人资料, unless a longer retention period is required or permitted by law (such as tax, legal, accounting or other purposes). When we have no justifiable business need to process your personal data, we will either delete or anonymize it, or, if this is not possible (for example, because your personal data has been stored in backup archives), 然后,我们将安全地存储您的个人数据,并将其与任何进一步处理隔离,直到可以删除为止. Please note that, 如果您希望取消您的帐户或要求我们不再使用您的信息为您提供服务, 我们仍可能保留和使用您的信息,以履行我们的法律义务, resolve disputes, and enforce our agreements.
8. YOUR CHOICES
以下是我们在处理您的个人数据方面为您提供的选择. Individuals located in the European Economic Area (“EEA”), the United Kingdom or Switzerland at the time you provide your personal data, please see section 9 for more information about your rights.
A. Marketing Communications
If you receive commercial electronic communications from us, 您可以通过点击该等通讯中提供的“退订链接”取消接收我们未来的商业电子通讯, 或进入您的MyISACA个人资料和取消订阅部分,并选择您的选择退出偏好. 请注意,即使您已选择不接收我们的营销相关通讯, we may still send you important administrative messages, and you cannot opt out from receiving these messages.
B. Subscriptions
You may manage your subscriptions by subscribing or unsubscribing at any time. 请浏览您的MyISACA个人资料和取消订阅部分,并选择您的选择退出偏好来取消此类订阅.
C. Access and Correction
You have the right to review and correct personal data that we have collected from you. You may exercise this right by contacting us as indicated in the “How to Contact Us” section, or by going to the Privacy Rights Portal. In your request, please make clear what information you would like to have changed. For your protection, we may need to verify your identity before implementing your request. We will try to implement your request as soon as reasonably practicable. 我们保留拒绝明显没有根据或过分的请求(例如,因为它是重复的)和/或收取费用的权利,该费用考虑到提供信息或采取所要求的行动的管理成本.
D. Cookies and Targeted Advertising
您可以选择不使用我们网站上用于各种目的(如定向广告)的cookie和类似技术. To do so, when you visit our Sites, go to To do so, when you visit our Sites, 到网站页脚的“cookie设置”链接,使用cookie偏好中心确认您的选择. Please see our Cookie Notice to learn more about cookies
E. California Residents
This section applies only to California residents.
- 您可以要求我们提供有关我们向第三方或关联公司披露的个人资料类别(如有)的信息,以供其直接营销之用. To make such a request, please visit our Privacy Rights Portal.
- If you are under the age of 18, and you have a registered account, 您可以要求我们删除您在本网站上发布或存储在我们服务器上的内容或信息, by submitting a request in writing as indicated in the “How to Contact Us” section below, and clearly identifying the content or information that you wish to have removed, 并提供足够的信息,使我们能够定位要删除的内容或信息.
- 您的浏览器可能允许您调整浏览器设置,以便将“不跟踪”请求发送到您访问的网站. However, we do not respond to “Do Not Track” (DNT) signals. 确定它使用的任何第三方服务是否遵守“请勿跟踪”请求, please read their privacy notices.
9. YOUR RIGHTS
Your rights may include:
- Access and portability. You may ask us to confirm whether we are processing your personal data, provide you with details about such processing, and, in some limited circumstances, give you a copy of your personal data. You may ask us to provide your personal data in a structured, commonly used, machine-readable format, or you can ask to have it ported directly to another controller.
- Erasure or deletion. You may ask us to delete the personal data that we hold about you.
- Rectification or correction. You may ask us to correct any inaccurate or incomplete personal data that we hold about you.
- Objection to processing. 您可以要求我们停止为特定目的(包括营销和分析)处理您的个人数据.
- Restriction of processing. 您可以要求我们在某些情况下限制处理您的个人数据(例如, where you believe that the personal data we hold about you is not accurate or lawfully held).
- Lodge a complaint to your local Data Protection Authority. 您可能有权向您的国家数据保护局或同等监管机构提出投诉. Contact details for data protection authorities in the European Economic Area are available here, and contact details for the United Kingdom’s ICO are available here.
- Automated decision-making. We do not employ solely automated decision-making, as a matter of course, 这导致自动做出的决定(包括分析)在法律上或类似地对您产生重大影响. 自动决策是基于计算机决策(使用软件算法)自动做出的决策。, without human review. If you are to be subjected to automated decision making, we will make it clear at the time and you have the right to contest the decision, to express your point of view, and to require a human review of the decision.
这些权利不是绝对的,并受适用法律规定的条件或限制的约束. If you would like to exercise any of the above rights, please go to our Privacy Rights Portal. We will process your request in accordance with applicable privacy and data protection laws. To protect your privacy and security, we may take steps to verify your identity before complying with the request.
10. INTERNATIONAL TRANSFERS
When you access or use our Services, your personal data may be processed in the United States or any other country in which ISACA, our affiliates, or service providers maintain facilities. 这些国家或司法管辖区的数据保护法的保护力度可能不及您所在司法管辖区的法律.
我们将采取一切合理必要的措施,确保您的个人数据得到安全且符合本隐私声明的处理,除非有适当的控制措施,否则不会将您的个人数据转移到任何组织或国家. 如果您不希望您的个人数据被转移到您所在的国家或司法管辖区以外的地方,或被处理或保存, you should not use our Services.
Individuals located in the European Economic Area (“EEA”), the United Kingdom or Switzerland at the time you access our Services, please see section 11, for information on how we transfer your personal data.
11. ADDITIONAL NOTICE FOR INDIVIDUALS LOCATED IN THE EEA, UNITED KINGDOM AND SWITZERLAND
本节仅适用于位于欧洲经济区访问或使用我们服务的个人, the United Kingdom or Switzerland (collectively “Europe”). 当您使用某些服务时,我们可能会要求您确定您所在的国家/地区,或者我们可能会依赖您的IP地址来确定您所在的国家/地区. When we rely on your IP address, 我们不能将本节的条款适用于向我们掩盖或以其他方式隐藏其位置信息以使其看起来不位于欧洲的任何个人. If any terms in this section conflict with other terms contained in this Notice, the terms in this section shall apply to users in Europe.
A. Data Controller, Data Protection Officer and UK Representative
The controller for the processing described in this Privacy Notice is: ISACA, 1700 E. Golf Road, Suite 400, Schaumburg, Illinois 60173, USA.
If you are located in Europe, you can contact our Data Protection Officer via our Privacy Rights Portal.
UK Data Subjects: As ISACA does not have a physical present in the UK, we have appointed DataRep as our UK representative in accordance with Art. 27, UK-GDPR. 如果您想向ISACA提出问题或就您的个人资料行使您的权利, you may do so by:
- sending an email to DataRep at datarequest@datarep.com quoting “ISACA” in the subject line,
- contacting us on our online webform at www.datarep.com/data-request, or
- mailing your inquiry to DataRep at DataRep, BPM 335368, 372 Old Street, EC1V 9AU, London, United Kingdom.
Please note that when mailing inquiries, 请务必在信函中注明“DataRep”而不是“ISACA”,否则您的查询可能无法送达我们. Please refer clearly to ISACA in your correspondence. On receiving your correspondence, 我们可能会核实您的身份,以确保您的个人资料和相关信息不会提供给除您以外的任何人. 如果您对DataRep如何处理您的个人数据有任何疑问,我们将要求您提供服务. please refer to our privacy notice at www.datarep.com/privacy-policy.
B. Marketing
我们只会基于我们的合法利益通过电子方式(包括电子邮件或短信)联系位于欧洲的个人, as permitted by applicable law or the individual’s consent. When we rely on legitimate interest, 我们只会向您发送有关我们服务的信息,这些信息与以前向您销售或销售谈判的内容类似. 如果您不希望我们以这种方式使用您的个人数据,请点击电子邮件中的退订链接,或进入您的MyISACA个人资料和退订部分,并提交退订请求. You can object to direct marketing at any time and free of charge. 直接营销包括任何仅基于广告或促销产品和服务的通信.
C. Legal Bases for Processing
For individuals who are located in Europe at the time their personal data is collected, 我们根据《澳门赌场官方软件》(“GDPR”)处理您的信息的法律依据将取决于收集个人数据的具体背景和使用个人数据的目的. When we process your personal data, depending on the context, we may rely on a variety of different legal bases to process, including: (i) to perform a contract with you (or to take steps at your request prior to entering into a contract with you); (ii) necessity for our legitimate interests; (iii) to comply with our legal obligations and/or (iv) your consent. Below is a list of how we use or disclose your personal data, as described above in Section 4 and 5, with the corresponding legal bases for processing.
Processing Activity | Legal Bases for Processing |
---|---|
Section 4(E) For Security Reasons Section 5(E) When Sharing Helps Us Protect Safety and Lawful Interests |
Based on our legal obligations. Article 6(1) lit.(c) GDPR. |
Section 4(A) To Provide and Maintain Our Services Section 4(B) To Provide Customer Support and Respond to You Section 4(I) To Enforce Our Terms, Agreements and Policies Section 5(A) For Recognition Section 5(B) When We Work with Service Providers Section 5(D) Within Our Corporate Organization and with Our Local Chapters and Volunteers. Section 5(G) Potential Employers |
Based on our contract with you or to take steps at your request prior to entering a contract. Article 6(1) lit.(b) GDPR. |
Section 4(C) To Personalize Your Experience Section 4(D) For Research and Development Section 4(H) To Post Testimonials Section 4(G) To Advise You of Other Services Section 5(F) When We Work on Business Transactions |
基于我们经营业务的合法利益,不受您的数据保护利益或基本权利和自由的影响. Article 6(1) lit.(f) GDPR. |
Section 4(F) To Send You Marketing and Promotional Emails Section 4(K) With Your Consent Section 5(C) When We Work with Business Partners and Sponsors Section 5(H) With Your Consent Section 5(I) When You Post on Our Sites |
Based on your consent. Article 6(1) lit.(a) GDPR. |
D. Transfers of Personal Data Outside the Europe
While ISACA has an establishment in Ireland, ISACA Europe Limited, our headquarters are located in the United States, and information we collect from you will be transferred, stored and processed in the United States.
无论在何处处理您的个人数据,我们都会根据本隐私声明保护您的个人数据,并将根据适用法律采取适当的合同或其他步骤来保护相关的个人数据. 这些步骤包括执行欧盟委员会的标准合同条款,将个人数据传输给我们位于欧盟认为没有提供足够数据保护水平的国家的服务提供商和业务伙伴. To the extent applicable, ISACA may also rely on derogations as set forth in Article 49, GDPR for the transfer and onward transfer of personal data in such situations.
12. ADDITIONAL NOTICE TO INDIVIDUALS IN CANADA
本节为ISACA收集其个人数据时居住在加拿大的个人提供了额外信息. You may request details about our privacy practices, access or correct your personal data, or make a complaint by contacting our privacy officer at Privacy Rights Portal.
If you are not satisfied with our response to your inquiry, 您可以联系加拿大隐私专员办公室:1-800-282-1376(免费电话)或privv.gc.ca.
13. ADDITIONAL NOTICE TO INDIVIDUALS IN AUSTRALIA
本节向ISACA收集其个人数据时身在澳大利亚的个人提供了额外信息. You may request to correct or update any of your personal data in our files. 我们可能会向您提供直接通过我们的 Privacy Rights Portal. If you request that your information be corrected, and we do not agree that it is incorrect, we may refuse to update that information. In such a scenario, we will provide written notice of our refusal to do so and upon your request, 你会否在存放及查阅你的个人资料的地方,放置一份声明,说明你所声称的是正确的.
14. ADDITIONAL NOTICE TO INDIVIDUAL IN BRAZIL
本节提供了ISACA收集巴西境内个人数据时的附加信息.
The controller for the processing described in this Privacy Notice is: ISACA, 1700 E. Golf Road, Suite 400, Schaumburg, Illinois 60173, USA.
We process your personal data on one or more of the following legal bases:
- as necessary to enter into a contract with you, to perform our contractual obligations, to provide our Services, to respond to requests from you, or to provide customer support;
- where we have a legitimate interest, as described in this Privacy Notice;
- as necessary to comply with relevant law and legal obligations, including to respond to lawful requests and orders; or
- with your consent.
您也可以通过其官方渠道向巴西国家数据保护局(ANPD)提出投诉.
Transfers outside of Brazil. When we transfer your personal data outside Brazil, 我们这样做是根据本隐私声明的条款和适用的数据保护法.
15. CHILDREN’S PRIVACY
We do not knowingly collect personal data from persons under the age of 18. If you are a parent of a child under 18, and you believe that your child has provided us with information about him or herself, please contact us via the information in the Contact section below.
16. CONTACT INFORMATION
If you have any questions or concerns about this Privacy Notice, please…
- Visit our Privacy Rights Portal
- Email the ISACA Data Protection Officer at: DPO@gregory-mairet.com
- Write to us at:
ISACA
Data Protection Officer
1700 E. Golf Road, Suite 400
Schaumburg, Illinois 60173, USA