Who We Are, And What Services We Offer
ISACA South African Chapter is a [describe your purpose and mission].
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of changes to this policy by email or public notice on our website.
ISACA South African Chapter is operated by [replace company name] a private company registered in South Africa with registration number [ replace with registration number]
How Do We Collect Data?
To create an account you need to provide data including your name, email address and/or mobile number, and a password. If you register while purchasing products on our site, you will need to provide payment (e.g., credit card) and billing information.
You have choices about the information on your profile, such as your work experience, skills, photo, location, and endorsements. Please do not post or add personal data to your profile that you would not want to be publicly available.
Posting and Uploading
We collect personal data from you when you provide, post or upload it, such as when you fill out a form or respond to a survey.
We log your visits and use of our Services, such as when you view or click on content or ads, perform a search, or share posts. We use log-ins, cookies, device information and internet protocol (“IP”) addresses to identify you and log your use.
– cookies that are required for our website to operate normally (these do contain personally identifiable information);
– anonymous tracking cookies used to determine what users do on our website e.g. Google Analytics (these do not by themselves contain personally identifiable information);
– third party cookies e.g. cookies used for tracking site usage from a third- party platform (such as Facebook) and/or for re-marketing. Users are asked to consent to this type of cookie monitoring and this consent may be withdrawn at any time.
Content and News
You and others may post content that includes information about you (as part of articles, posts, comments, videos) on our website. Information submitted by administrators, editors and contributors will be publicly available on the website. Administrators, editors and contributors are responsible for the information submitted by them and acknowledge that this information will be displayed publicly.
We collect information about you when you send, receive, or engage with the website. For example, if you get a friend request, we track whether you have acted on it and will send you reminders.
What Do we do with your Data?
We use data collected by us to ensure our website functions properly, and in order to optimise and improve our service offering. Our data helps you connect with others, find and be found for work and business opportunities, stay informed, get training and be more productive. Our data is used to provide services that allow you to:
– stay informed about news, events and ideas regarding professional topics you care about, and from professionals you respect.
– improve your professional skills, or learn new ones.
– explore careers, evaluate educational opportunities, and seek out, and be found for, career opportunities.
– collaborate with colleagues, search for potential clients, customers, partners and others to do business with.
We promote our Services to you and others. We may also use Members’ & Customers’ data and content for invitations and communications promoting membership and network growth, engagement and our Services, such as by showing your connections that you have used a feature on our Services.
We use data, including public feedback, to develop our Services in order to provide you and others with a better, more intuitive and personalised experience, drive membership growth and engagement on our Services, and help connect professionals to each other and to economic opportunity.
We use data to help you and fix problems.
We use your data to produce and share insights that do not identify you. For example, we may use your data to generate statistics about our Members and Customers, their profession or industry, to calculate ad impressions served or clicked on, or to publish visitor demographics for a Service or create demographic workforce insights.
Third Party Services
We may contact users directly or through a third-party service provider regarding products or services a user has signed up for or purchased from us. We may also contact you with offers for additional services we think you’ll find valuable if you give us consent, or where allowed based upon legitimate interests.
We may share personal data with trusted third parties as necessary for them to perform services on our behalf, such as processing credit card payments. We only share personal data as necessary for any third party to provide the services as requested or as needed on our behalf. These third parties (and any subcontractors) are subject to strict data processing terms and conditions and are prohibited from utilising, sharing or retaining your personal data for any other purpose than as they have been specifically contracted for (or without your consent). We will share transaction data with our payment service providers or bank only to the extent necessary for the purposes of processing payments, refunding payments, transferring money to a user, and/or dealing with user queries and complaints relating to such payments, refunds and transfers.
Legal & Analytics
The hosting, analytics, email sending and other technical provisions for our website may be hosted on servers outside of South Africa. However, ISACA South African Chapter shall ensure that its host providers are subject to laws, or policies, which uphold principles for the reasonable processing of information substantially similar to the data protection laws applicable to South Africa to ensure adequate protection of any such data.
We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process, to protect our property and rights or the property and rights of a third party, to protect the safety of the public or any person, or to prevent or stop activity we consider to be illegal or unethical.
We use analytics tools provided by service partners such as Google Analytics to collect information about how users interact with our website, including what pages you visit, what site you visited prior to visiting our website, how much time you spend on each page, what operating system and web browser you use and network and IP information. We use the information provided by these tools to improve our service offering. These tools place persistent cookies in a user’s browser to identify the user the next time a user visits our website. Each cookie cannot be used by anyone other than the service provider (e.g. Google for Google Analytics). The information collected from the cookie may be transmitted to and stored by these service partners on servers in a country other than the country in which you reside. You can control the technologies we use by managing your settings through the “cookie banners” that may be presented when you first visit our web pages, or by utilising settings in your browser or third-party tools. Refusing or deleting some cookies may make it impossible for us to provide our services to you.
How can you change or delete Data?
For account users, the easiest way to change your information is to log into your account and edit your account settings.
If you make a request to delete your personal data, the request will be honoured only to the extent that your information is no longer necessary for any services purchased by you or required for our legitimate business purposes or legal or contractual record keeping requirements.
Users can “opt out” of receiving newsletter emails by clicking on the “unsubscribe” link in newsletter emails. It may take up to 24 hours to be processed.
If we are in possession of, or processing, your personal data, then you have the following rights:
- Right of access – to request a copy of the information that we hold about you. Access to this information will be subject to an administrative fee the request is unfounded, excessive or repetitive.
- Right of rectification – to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – to ask for the data we hold about you to be erased from our records, in certain circumstances. Erasure will be subject to an administrative fee if your request is manifestly unfounded, excessive or repetitive.
- Right to restriction of processing – to restrict processing of your information in certain circumstances.
- Right of portability – to have the data we hold about you transferred to another organisation.
- Right to object – to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – to object the automated processing or profiling.
- Right to judicial review: you have the right to complain to a relevant authority regarding the use of your personal data by us.
How We Protect Your Data
All data provided to us is stored on our secure servers or those of our trusted partner services. We implement appropriate, generally accepted technical and organisational measures to protect personal data against unauthorised or unlawful processing, accidental loss, destruction or damage, including encryption where appropriate. Unfortunately, the transmission of information via the Internet is not completely secure. We will do our best to protect your personal information, but we cannot guarantee 100% security of your data transmitted to our servers; any transmission is at your own risk.
How Long Do We Keep Data?
We retain personal data only for as long as necessary to provide services requested by you and thereafter for a variety of legitimate legal or business purposes. This might include retention periods mandated by law, contract or similar obligations applicable to our business operations.
ISACA South African Chapter does not knowingly collect data from children under the age of 18. If a user is under the age of 18, the user should not use our services or submit any data to us, without the consent of their legal guardian. If you are a parent of a child under 18 and become aware that your child has provided personal data to us, please contact us. If we learn that we have collected the personal data of a child under the age of 18 years, we will take reasonable steps to delete the personal data.
How We Share Information
Any data that you include on your profile and any content you post or social action (e.g., likes, follows, comments, shares) you take on our Services will be seen by others, consistent with your settings. Your profile is fully visible to all Members and customers of our Services.
We may need to share your data when we believe it’s required by law or to help protect the rights and safety of you, us or others. It is possible that we will need to disclose information about you when required by law, subpoena, or other legal process or if we have a good faith belief that disclosure is reasonably necessary to (1) investigate, prevent or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (2) enforce our agreements with you; (3) investigate and defend ourselves against any third-party claims or allegations; (4) protect the security or integrity of our Services (such as by sharing with companies facing similar threats); or (5) exercise or protect the rights and safety of ISACA South African Chapter, our Members, Customers, personnel or others. We attempt to notify Members and Customers about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
Change in Control or Sale
We monitor for and try to prevent security breaches. We implement security safeguards designed to protect your data, such as HTTPS. We regularly monitor our systems for possible vulnerabilities and attacks. However, we cannot warrant the security of any information that you send us. There is no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.