External Privacy Policy

ISACA China Hong Kong Chapter Privacy Policy – Your Privacy Rights

This Privacy Policy describes how the ISACA China Hong Kong Chapter (“the Chapter”) collects, uses, shares, and retains personally identifiable information you provide. The Policy is effective as of May 2011. The policy was last modified on 29 April 2011. This Privacy Policy applies to information collected by the Chapter at https://www.isaca.org.hk/ and emails as well as through physical documents such as registration forms, survey forms. It does not apply to information collected or used by ISACA International (“ISACA”) web sites, including (www.isaca.org, for the ISACA International Privacy Policy, please visit https://www.isaca.org/pages/Privacy.aspx). This Privacy Policy also does not cover the practices of the Chapter business partners (such as vendors, sponsors, or advertisers), nor does it apply to personally identifiable information that we collect from or about our employees, consultants, contractors, vendors, sponsors, or advertisers.

Modifications to this Policy

From time to time, the Chapter may need to update or modify this Privacy Policy, including to address new issues or to reflect changes on our web sites. To the extent required by law, the Chapter will notify you of material changes to this Privacy Policy, including by posting the most recent version of the Privacy Policy and information about the changes from the previous version on the Chapter web site.

Collection of Personally Identifiable Information

The Chapter collects and maintains a variety of personally identifiable information, including email addresses, phone numbers, payment information, business and home addresses, as well as demographic information such as courses or areas of study in which you may be interested. The Chapter collects information directly from you through online registration forms, as well as offline, through event registration forms.

Information is collected and maintained from members, exam candidates, those who have been certified by ISACA, applicants, event attendees, speakers, participants in the Chapter programs, purchasers of the Chapter products and services, current and past web site users, survey respondents.

The Chapter requests this personal information for purposes of verification and keeping records of your identity, correspondence with you relating to the services we provide, or for conducting any specific Chapter business which you have requested or to which you have agreed. To the extent that information requested is not required for your participation in a given Chapter program, you will be told which information is optional. Should you fail to provide optional information, certain Chapter programs or features may not be available to you.

The Chapter may also maintain information about you that you do not directly provide, whether it is information received from third parties, such as business partners who provide professional educational services, or information the Chapter collect about your activities. For example, the Chapter keeps track of events you have attended, such as CPD seminars; certification courses and workshops; the boards and committees you have served on, and which offices you have held.

In addition to any specific purpose, where personal data is provided by you, the Chapter may occasionally use such data to send you materials regarding our services. At the time of collection of the personal data you will be given the option to opt-out from receiving such materials. You may also change your preference with regard to such materials at any time by sending e-mail to us at privacy@isaca.org.hk.

Passive Online Data Collection

The Chapter also collects certain information passively, such as: collecting online, non-identifying information through the use of cookies technology and/or Internet Protocol (“IP”) address tracking. Non-personal identification information might include the browser used by you, the ENGINE of computer, the operating systems, the Internet service providers, and other similar information. The Chapter system also automatically gathers information about the areas you visit on the Site and about the links you may select from within the Site to other sites. Most browsers are set to accept cookies. You can set yours to refuse cookies, or to alert you when cookies are being sent; however, if you disable cookies, the full functionality of our sites may not be available to you. Cookies are small bits of information that are automatically stored by a website on a person’s web browser in their computer that can be retrieved by that website.

On the Chapter Site, there may be certain third-party advertisers whose advertisements contain cookies that collect data from you. Some of those cookies may contain tracking mechanisms that observe your behavior across multiple Sites. The Chapter does not control the use of cookies by advertisers or third parties displaying data on the Site or on the sites you visit using links from the Site.

Use, Sharing and Retention of Personally Identifiable Information

The Chapter uses personally identifiable information for the purposes described at the time of collection or as otherwise described to you; to process your requests; to report to others about whether you are certified or not; as permitted by law to provide you with information about the Chapter ,our products and services or other products and services in which we believe you may be interested; or for other legitimate Chapter business purposes, including order processing, enquiries relating to certification or membership applications, or registering you for event or training programs. We may also use your personally identifiable information to tailor your experience at our sites, to compile and display content and information that we think you might be interested in, and to provide you with content according to such preferences. The Chapter also publishes the names, titles, country and business affiliations of officers, committee members and others who have assisted with initiatives or projects.

The Chapter may share personally identifiable information with third parties for legitimate business purposes, including for the following reasons or in the following circumstances:

  • To vendors or third-parties who deliver or provide goods and services or otherwise act on behalf of or at the direction of the Chapter, which third parties include, for example, training providers and partners, product-fulfillment companies, third-party event hosts, other third parties who may provide services on web sites that are accessible from links on one of our Site, and credit card companies processing payment;
  • To the Chapter volunteers and board members;
  • To ISACA and other ISACA chapters, the IT Governance Institute, and if you participate in our “Enterprise Participation Program,” your information will be shared with your organization’s program coordinator;
  • If you are an event attendee, speaker, or sponsor, certain of your information will be included in the event roster, which roster will be publicly disclosed, and may also be shared with third-party event sponsors and exhibitors;
  • To investigate potentially fraudulent or questionable activities;
  • In anticipation of and in the course of an actual or potential sale, reorganization, consolidation, merger, or amalgamation of all or part of our business or operations; and
  • When we believe it is necessary to cooperate with law enforcement or in response to a government request, including if specifically requested or required, as otherwise permitted by law, and for other valid Chapter business purposes.

The Chapter also may use your profile information on an aggregate basis – without personal identifiers – to provide third parties with information, such as to help us develop new features and content for the Site, and to provide Sponsors and others with aggregate information about our users and the usage patterns of the Site.

The Chapter retains personally identifiable information for as long as necessary for its legitimate business purposes, and as otherwise permitted by applicable law.


When collecting personal data over the Internet, the Chapter will use such secured encryption systems as are appropriate to the nature of the data being collected.

Where personal data is stored electronically, it will be kept in a password-protected form. Personal data, whether stored in electronic form on computers or in hard-copy form will be accessible only by authorized officers or employees of the Chapter. Persons designated by the Chapter to handle personal data will be made acquainted with this Privacy Policy Statement and told how to fulfill our obligations to you.

Any personal data the Chapter received from you will not be disclosed by the Chapter to any party outside the Chapter except as provided herein, as notified to you at the time of collection, or with your prior consent.

The Chapter cannot guarantee, however, that your information will remain secure. The Internet by its nature is a public forum, and the Chapter encourages you to use caution when disclosing information online. Often, you are in the best situation to protect yourself online. You are responsible for protecting your username and password from third party access, and for selecting passwords that are secure.

Links to Third-Party Sites

From time to time, the Chapter will provide links to third-party web sites, or advertisements will contain links to third-party sites. For example, the Chapter may link to a third party who is assisting in or is providing online training services. These links are provided as a service to you. These sites are operated by independent entities that have their own privacy policies. The Chapter’s Privacy Policy does not apply to such other sites or to the use that those entities make of your information. The Chapter has no control over the content displayed on such sites, nor over the measures, if any, that are taken by such sites to protect the privacy of your information.

Your Privacy Rights Relating to Certain Information Disclosures

If you have an established business relationship with us you may request from us a list of the categories of personal information we have disclosed to third parties for those third parties’ marketing purposes, and a list of all third parties to whom we have shared that information. We will include in that list the names and addresses of the third parties who received the information and used it (or who we believe may have used it) for their own marketing purposes.

To exercise your rights, you may make your request by emailing us at privacy@isaca.org.hk or writing us at the address listed in the “How to Contact ISACA China Hong Kong Chapter and Modify Your Information Preferences” section below.

How to Contact ISACA China Hong Kong Chapter and Modify Your Information or Preferences

Questions regarding this Privacy Policy should be directed to privacy@isaca.org.hk. If you would like to modify the ENGINEs of marketing email messages you receive from the Chapter, you may do so by following the instructions within the body of any email message that you receive from us.

If you are writing to us, please send your letter to the Chapter office address at 15B, Yam Tze Commercial Building, 23 Thomson Road, Wanchai, Hong Kong, or you may fax it to 852-81012802.