Privacy - GDPR


ISECOM will not collect, store, or process any information that you do not freely give. Please see the following for where and how we collect information and what you can do to address it, see it, change it, or delete it.


Website

ISECOM does not collect or store personally identifying information or meta data from website visits. Session data for authenticated users is temporary for the duration of the access. Website access logs are stored temporarily to create statistics and are then stored off the server in case needed for forensic investigations. Our hosting provider is located in the USA and is active and compliant to GDPR privacy standards which you can verify at Privacy Shield. You can read more about their privacy policy at Pair.com.


Email Lists

ISECOM requires the email address holder’s consent before being signed to an email list. The link to view, change, or unsubscribe the list is located at the bottom of each list email sent.


Certification 

ISECOM requires some personal identifying information for the people who take a class, take an exam, and receive a certification in the postal mail. This information is stored immediately off the Internet in a secure, encrypted location. At any time you choose to have your information changed or removed from this storage you can write info@isecom.org. Removal from our records means we have no further record of you ever having been certified by ISECOM. Any information provided directly to the training partner and not over our secure online forms will need to be changed or removed directly through that training partner.


Subscriptions

ISECOM collects personal identifying and payment information when people subscribe to our online services. ISECOM does not save payment information and uses it only once. Personal identifying information is saved securely and encrypted. The ability to view, change, or unsubscribe the subscription is located at the subscription website. 


Social Media

ISECOM does not collect or store personal identifying information of followers or “likes” of people following on any social media platforms. Any changes or removals is managed and processed by the social media platform and not by ISECOM. Please see the help and support pages from that platform to change or remove your interactions with ISECOM.


Training 

ISECOM does not share personal identifying information with any party without consent directly given to ISECOM unless that information came from the Partners, Contractors, Volunteers, and Vendors in which case only the information originally provided will be shared back with that entity. We will not process any information received as part of the training process and will store it only for our training and certification records. This information is stored immediately off the Internet in a secure, encrypted location. At any time you choose to have your information changed or removed from this storage you can write info@isecom.org. Removal from our records means we have no further record of you ever having been trained by ISECOM or ISECOM Training Partner. Any information provided directly to the training partner and not over our secure online forms will need to be changed or removed directly through that training partner.


GDPR Roles and Employees

ISECOM is actively promoting awareness of privacy and compliance regulations stated in the GDPR across the organization, assessing our readiness, identifying any gap areas and implementing the new policies, procedures and measures.

ISECOM understands that continuous employee awareness and understanding is vital to the continued privacy and compliance of the GDPR and have involved our employees in our preparation plans.


If you have any questions about our preparation for the GDPR, please contact ISECOM Support.