Participation

EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 1/24/2019
Next Certification Due Date: 12/11/2021
Data Collected: HR, NON-HR

Swiss-U.S. Privacy Shield Framework: Active

Original Certification Date: 1/24/2019
Next Certification Due Date: 12/11/2021
Data Collected: HR, NON-HR

Purpose of Data Collection

The A-ISAC collects information about a person when they request information regarding our services, inquire about membership, or sign up to attend an A-ISAC event. The A-ISAC only collects and uses data as described in our Privacy Policy Statement. Except as noted in our Privacy Policy, personal data collected by the A-ISAC via our website or through our services is not shared with third parties without a person's consent. The personal data we may collect from a person might include, by way of example: Email address; Domain name and Internet Protocol (IP) address; Contact information (including, name, phone number(s), business, address, zip code, and country); User-specific and aggregate information on areas of the Site accessed and the Services used; and Other information you volunteer to the site or via other means of communication, such as responses, registrations, surveys, reviews, comments, confirmations, emails, messages, telephone calls, written correspondence or other electronic submissions and communications sent by you to the Site or through a registration or contact initiated by you. Our external facing public website is managed by a third-party provider which is Privacy Shield compliant. The A-ISAC does not collect cookies from our external facing web site hosting service. We use cookies on our external, private-access portals to improving the browser experience and authentication. The A-ISAC will retain personal data for the period necessary to fulfill the purposes outlined in our Privacy Policy unless a longer retention period is required or permitted by law. Agents and Third-Party Service Providers. To provide the A-ISAC’s Services , we may sometimes use other businesses to perform certain specialized services such as bulk emailing, event planning or other technology services. In such instances, we may provide some or all of a member's personal data to those businesses, but they are not permitted to retain or use your information for any other purpose. Members will utilize 3rd party services for information sharing and communications.

Privacy Policy

HR and Non-HR Data

Description:

Effective Date: 1/1/2019

Verification Method

Self-Assessment

Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact A-ISAC at:

Candice Burke
Board Secretary
A-ISAC
1997 Annapolis Exchange, Annapolis Maryland 21401
1997 Annapolis Exchange Pkwy, Suite 300
Annapolis, Maryland 21401

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from A-ISAC to your question or complaint, please contact the independent recourse mechanism listed below




Appropriate statutory body with jurisdiction to investigate any claims against A-ISAC regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission