Your Data Journey

Why We Collect Data

(ISC)² is an international, nonprofit membership association for information security leaders like you. We're committed to helping our members and professionals learn, grow and thrive. More than 130,000 certified members strong, we empower professionals who touch every aspect of information security. We achieve this by connecting professionals together to share insights, experiences and make an impact.

What Information We Collect About You

Whether you are creating an account on (ISC)² website, downloading a content piece, registering for an (ISC)² event or webinar, or signing up to our online educational resources or (ISC)² Community, we may collect a variety of information.

Your Data Journey as an (ISC)² Member

Your data journey evolves when you become certified and (ISC)² member. You get your membership pack and certification, as well as access to additional resources and member benefits. We collect a variety of data including First Name, Last Name, Telephone Number, Email Address, Mailing Address, Job Title, Company name, and we create a member ID number for you.

How We Use the Information We Collect

• Your data is always protected and never shared without your permission.
• Your personal information may be transferred to countries other than your own, especially to servers in the United States, to process and store data in accordance with our Privacy Policy and to provide you with products and services.
• When we collect data, we will use it to benefit you and to make your experiences better. We provide additional resources and content you have subscribed to receive. You can change your subscription preferences at any time by clicking here.
• (ISC)² members receive their membership packs via mailing. From time to time, we may use (ISC)² personal information to send important notices such as Official Member Communications – you cannot opt-out to these notices.
• On very rare occasions (once, twice per year), we will send opted-in members and professionals an (ISC)² resource by direct mail or give you a call to check how we can improve your experience at (ISC)²
• If you have opted-in for your information to be shared with sponsors, your data will be passed on to the relevant party on a one-time basis per event or webinar.

How Long We Keep Your Personal Information

It varies according to the information we collect and what it’s used for. If you are an (ISC)² member, there are legal requirements to keep data for as long as your membership is valid.

If you are not an (ISC)² member and expressed interest to receive content from us, we’ll only have it for as long as is necessary for the purposes for which the data was collected or for which it is to be further processed. However, you may contact us at any time to ask for your information to be deleted.

Your Rights. Your Choices.

We use your data to provide you with a more personalised experience. Here we explain the rights and choices you have with regards to the personal data that we hold about you, the information you choose to receive from us, and we give you the controls to adjust these settings.

Managing your marketing choices

Whether you’re an (ISC)² member or a professional, (ISC)² provides a plethora of educational and personal development resources to grow your knowledge, sharpen your skills and get certified. We also connect you with fellow professionals from the CISO to the practitioner across the globe who are experiencing the same challenges as you are. We want to make this experience better for you by sending the relevant tools and resources you choose to receive. You also have the right to ask us not to process your personal data for marketing purposes.

So please take a moment to update your subscription preferences here.

Keeping your personal data up to date

We want to make sure that the personal data we hold about you is accurate. You have a right to find out what personal data we hold about you.

If any of your details are incorrect you can update them here or please feel free to submit a Subject Access Request below.

Privacy and Security

We employ a number of measures to protect your personal information; here are some of the things that we do:

• Your personal information is stored in a secure database
• We provide a secure account sign-in to members and professionals registered on our website
• Credit card details are encrypted, stored securely, and deleted immediately when no longer needed
• Remote accesses are secured for all employees across all regions

Review the (ISC)² Privacy Policy here.

If you have any questions about your data that is not addressed here, please contact our Data Protection Officer, Graham Jackson at dpo@isc2.org.