Industries
- Non-Profits and Associations
- Business Associations
Participation
UK Extension to the EU-U.S. Data Privacy Framework Framework: Active
EU-U.S. Data Privacy Framework Framework: Active
Swiss-U.S. Data Privacy Framework Framework: Active
Purpose of Data Collection
The A-ISAC collects information about a person when they request information regarding our services, inquire about membership, or sign up to attend an A-ISAC event. The A-ISAC only collects and uses data as described in our Privacy Policy Statement. Except as noted in our Privacy Policy, personal data collected by the A-ISAC via our website or through our services is not shared with third parties without a person's consent. The personal data we may collect from a person might include, by way of example: Email address; Domain name and Internet Protocol (IP) address; Contact information (including, name, phone number(s), business, address, zip code, and country); User-specific and aggregate information on areas of the Site accessed and the Services used; and Other information you volunteer to the site or via other means of communication, such as responses, registrations, surveys, reviews, comments, confirmations, emails, messages, telephone calls, written correspondence or other electronic submissions and communications sent by you to the Site or through a registration or contact initiated by you. Our external facing public website is managed by a third-party provider which is Privacy Shield compliant. The A-ISAC does not collect cookies from our external facing web site hosting service. We use cookies on our external, private-access portals to improving the browser experience and authentication. The A-ISAC will retain personal data for the period necessary to fulfill the purposes outlined in our Privacy Policy unless a longer retention period is required or permitted by law. Agents and Third-Party Service Providers. To provide the A-ISAC’s Services , we may sometimes use other businesses to perform certain specialized services such as bulk emailing, event planning or other technology services. In such instances, we may provide some or all of a member's personal data to those businesses, but they are not permitted to retain or use your information for any other purpose. Members will utilize 3rd party services for information sharing and communications.
Privacy Policy
HR and Non-HR Data
Attached is an updated DRAFT of the A-ISAC Privacy Policy that will be located on our public website. Any new modifications have been made in BLUE. Please note that this draft update has not yet been updated on our website due to waiting to receive confirmation that the updates are acceptable and that we are approved to include the UK extension.
Verification Method
Self-Assessment
Dispute Resolution
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact A-ISAC at:
Business Manager
Annapolis, Maryland 21401
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from A-ISAC to your question or complaint, please contact the independent recourse mechanism listed below
HR RECOURSE MECHANISM
Appropriate statutory body with jurisdiction to investigate any claims against A-ISAC regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission