Privacy Notice

The (ISC)² Hellenic Chapter of the International Information Systems Security Certifications Consortium (hereinafter the “Chapter”) is strongly committed to privacy issues, and this privacy statement details our approach on such issues. We publish this Notice in accordance with Article 13 of the General Data Protection Regulation to inform you about what personal data we collect, for what purpose and how we use your personal data.

This policy applies to information we collect:

  • On this Website
  • In email, text, and other electronic messages between you and this Website.

It does not apply to information collected by:

  • Us offline or through any other means, including on any other website operated by (ISC)² or any third party; or
  • Any third party (including affiliates) including through any application or content (including advertising) that may link to or be accessible from the Website.

If you have any questions regarding this Notice and the way your personal data are processed, please contact us to the following email:

privacy{at}isc2-chapter.gr

Collection & Processing of Data

User Registration

Data we Collect\Process: username, email, first/last name, isc2 member id, phone number, profession, affiliations, registered date, IP address.

Purpose of Collection: In order to associate you with your membership and be able to contact you for any matters for which you have already provided us with your consent.

Retention Period: 5 years after user deactivation.

Disclosure to third parties: No.

Comments

Personal Data we Collect/Process:

Purpose of Collection: We collect the data shown in the form to be able to better process your comments and for future reference. We collect your IP address for spam protection purposes.

Retention Period:

Disclosure to third parties: An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Google Analytics

Personal Data we Collect\Process:

Purpose of Collection: To optimize the services we offer your through our website

Retention Period: Please refer to Google’s Privacy Statement here:

Disclosure to third parties: Google. You can find the Privacy Statement here.

Other Disclosures to third parties

Further to the above, the Chapter may disclose the above personal data to IT support services providers and web support companies, web hosting companies.

Security

The Chapter collects, maintains and processes your personal data in a manner that ensures their protection. Specifically, your personal data are processed solely by specifically authorized personnel or by suppliers of the Chapter which are bound towards the Chapter with the same obligations regarding your personal data protection, while all appropriate organizational and technical measures are in place for data security and protection against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access and any other form of illicit processing.

What rights you have over your data

This section presents your rights with respect to your personal data. These rights are subject to certain exceptions, reservations or limitations.

Please submit your requests responsibly. The Chapter will respond as soon as possible and in any case within one month of receipt of the request. If the examination of your request will require more time, you will be informed in this respect. To exercise your rights, please contact at email:

privacy{at}isc2-chapter.gr

The Chapter ensures that you can exercise the following rights uninterruptedly:

  • Right of information/update

You have the right to request and receive clear, transparent and easily understandable information about how we process your personal data.

  • Right of access

You have the right to access your personal data for free, except in the following cases, where there may be a reasonable charge to cover the administrative expenses of the Chapter:

• Manifestly Unfounded or excessive in particular because of their repetitive character

• Additional copies of the same information

  • Right to Rectification

You have the right to request the correction of your personal data if their inaccurate or incomplete.

  • Right to Erasure

You have the right to request the deletion or removal of your personal data when it is no longer necessary for the purposes collected or there is no legitimate reason to continue processing them. The right to erasure is incomplete, if there is a specific legal obligation or other legal reason for keeping your personal data by the Chapter.

  • Right to Restriction of Processing

In some cases, you have the right to restrict or terminate further processing of your personal data. In cases where processing has been restricted, your personal data remain stored, without being subject to further processing.

  • Right to Data Portability

You have the right to request your personal information, which you have provided us, structured and commonly used format readable by machines and forward that data to another data controller.

  • Right to Object

You have the right to object at any time and for reasons related to your particular situation to the processing of your personal data, unless the Chapter demonstrates imperative and legitimate reasons for such processing.

  • Rights on automated individual decision-making and profiling

The Chapter does not make automated individual decision-making, including profiling.

Withdrawal of consent

We inform you that the data subject shall have the right to withdraw his or her consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. The data subject can withdraw his/her consent by email:

privacy{at}isc2-chapter.gr

Modifications to the present Privacy Statement

Our goal is to review and to update this Privacy Statement, so as to comply with the relevant legislative and regulatory requirements and provide at the same time the optimum personal data protection. Any further update will be shared through this site.

Latest Update: 03/07/2019