Privacy Policy
The ISC2 Sydney Chapter is a not-for-profit association based in Sydney, Australia, and we are committed to protecting the privacy of all members, guests, volunteers and visitors who interact with our website. This privacy statement explains, in clear and simple language, the personal information we collect, why we collect it, how we use it, when we may share it, and the rights you have under the Australian Privacy Act 1988 and the Australian Privacy Principles. Our approach also aligns with the obligations set out in our Constitution and reflects our commitment to transparency and responsible governance.
We collect only the personal information that is reasonably necessary for the operations of the Chapter and the services we provide. When you join or renew your membership, we collect details such as your full name, email address, contact number if you choose to provide it, your membership type, your ISC2 certification status (if applicable), the dates you join or cease membership as required under our Constitution, and the confirmation we receive when you make payments through our platform. When you attend our events, we collect information related to event registration, including your name and contact information, ISC2 member ID, any dietary or accessibility requirements you choose to tell us about, as well as the names of guests if you register others. When you use our website, we may receive basic technical information such as your browser type, the pages you visit, and any information you enter through online forms. If you are a child or a young student member, we limit what we collect to the minimum required and explain everything in language that is easy to understand.
We collect this information so we can manage your membership, communicate with you about Chapter activities, verify membership status, process payments, run events and meetings, and meet our governance responsibilities as a registered association. We use your information to send newsletters, event invitations, meeting notices, and updates about Chapter initiatives. We also use it to confirm voting eligibility in elections or general meetings, maintain accurate membership lists, issue receipts, and review feedback so we can improve our services. We do not sell personal information and we do not use your information for purposes unrelated to Chapter activities.
We treat your personal information as confidential, but in some circumstances we may share limited information with other parties. We use trusted service providers to deliver the website, manage email distribution, process payments, store governance records, and run events. These providers may store data in Australia or in other countries. We require them to provide appropriate privacy protection according to Australian privacy standards, including mechanisms for complaint or enforcement. We may also share minimal information with ISC2 Global Headquarters where required under our Chapter Affiliation Agreement, such as information relating to our board or aggregated membership reporting. We do not share full membership lists with ISC2 unless required by their policies or by law. We may also disclose personal information if required by Australian law, such as in response to a legal warrant, subpoena or regulatory request. In all other circumstances, we will only share your information if you provide explicit consent, such as when you choose to publish your information as part of a board nomination.
If you provide personal information about other people, for example, when registering a guest for an event or adding a bundle member, you must ensure that you have their permission to give us their information and that they understand how we will use it. We treat their information with the same care and protection as we treat yours.
We take special care when handling information about children or young people. If a member is under 18, we collect only what is absolutely necessary, explain clearly how we use the information, seek guardian consent when required, and avoid any use of children’s information for marketing or promotional purposes. We will never disclose information about a child except where legally required or necessary to run an event safely.
We store personal information in secure systems and take reasonable steps to protect it from misuse, loss, unauthorised access or disclosure. Access to membership information is limited to authorised volunteers such as board members who need it to perform their Chapter roles. We regularly review our records and retention practices to ensure compliance with our governance obligations. Some records, including those related to membership dates, financial transactions and governance activities, must be kept for periods required by law and by our Constitution.
You have the right to request access to the personal information we hold about you, to request corrections if your information is inaccurate or outdated, and to request deletion of information that we are not required to retain. We may need to verify your identity before releasing information to protect your privacy, and we will respond to privacy requests as promptly as possible.
We retain personal information only for as long as necessary to fulfil the purpose it was collected for, unless legal or governance requirements require us to keep it for longer. Records that must be maintained under our Constitution, such as membership details and governance documentation will be retained in line with those requirements.
If you have questions about this privacy statement, or if you wish to make a request for access, correction or deletion of your information, or to make a complaint, you may contact us at our Chapter email address ([email protected]) or through the contact form on our website. We will respond to all privacy-related enquiries as soon as reasonably practicable.
We may update this privacy statement from time to time to reflect changes in our practices or legal obligations. Any updated version will be published on our website with a new effective date.