Cyber Risk Meetup Privacy Notice
Updated:12 January 2020
This Cyber Risk Meetup privacy notice (“Privacy Notice”) describes how the Cyber Risk Meetup (“we” or “us”) collect, use, share, and retain personal information that you provide to us, or that we collect, when you use the Cyber Risk Meetup website located at www.cyberriskmeetup.com, complete related forms, participate in Cyber Risk Meetup events, or communicate with one of our representatives (“Personal Data”).
This Cyber Risk Meetup recognises the importance of your privacy rights, and in turn, the importance of being transparent about how we collect, use, and share information about you, and demonstrates this by complying with the Privacy Act 1988 (Cth) Cyber Risk Meetup (Privacy Act), and other applicable privacy and data protection laws such as the European Union General and Data Protection Regulations (GDPR), Singapore Personal Data Protection Act 2012 and the Singapore Government Instruction Manual.
Please note that if you disagree with anything in this Privacy Notice, you must not use the Site, or provide personal information to us in connection with Cyber Risk Meetup services.
1. Data Protection Contact
Cyber Risk Meetup runs community events in Australia, Singapore and Japan. You may contact Cyber Risk Meetup’s representative if you have any questions or concerns about Cyber Risk Meetup’s policies or practices regarding Personal Data.
Cyber Risk Meetup:
2. Collection of Personal Information
A. Information You Directly and Voluntarily Provide to Us.
Subscription: If you provide your Personal Data to Cyber Risk Meetup by subscribing to event updates, you will be required to provide certain information as part of the subscription process. This information will include your first and last name, email address, job title and location. Subscription information is used to communicate with you, to design content and activities that we believe would be of interest to you. If you wish to opt-out of receiving these communications from us, please follow the instructions contained in an applicable communication you receive from us or submit a request to firstname.lastname@example.org
Events and Conferences: Cyber Risk Meetup may host events that include in-person and virtual conferences, training, knowledge sharing and webinars. If you register for a Cyber Risk Meetup event, we will collect your first and last name, email address, contact number, title and company, which we will use to provide you with information and services associated with the event.
Communications with Cyber Risk Meetup: If you communicate or correspond with us by email, through the contact or feedback form, via phone or through other forms of communication, we may collect the information you provide as part of those communications. For example, if you correspond with us through email, we may collect and store the email address you use to send the applicable correspondence and use it to respond to your inquiry; to notify you of Cyber Risk Meetup conferences, partnerships, publications, or other services; or to keep a record of your complaint, accommodation request, and similar purposes.
B. Information We Automatically Collect from You.
We may automatically collect information about you when you use the Site or our services. For example, if you access the Site through a computer, we will automatically collect information such as your browser type and version, computer and connection information, IP address and standard web log information. If you access the Site through a mobile device, we may also be able to identify the location of your mobile device. You may choose not to share your location details with us by adjusting your mobile device’s location services settings. For instructions on changing the relevant settings, please contact your service provider or device manufacturer. This information that we automatically collect from you is used to enhance the performance of Cyber Risk Meetup’s website. Cyber Risk Meetup also uses your location information (if shared with Cyber Risk Meetup) to identify the geographic locations from which our content is accessed so that we can better understand what content topics may be most relevant in that region, and to Cyber Risk Meetup members generally, and to develop resources around those content topics.
We may automatically collect information from you when you use the Site using “cookies” and other similar technologies, such as web beacons. Cookies are small amounts of data that are stored within your computer’s Internet browser and that are accessed and recorded by the websites that you visit so that they can recognize the same browser navigating online at a later time. The cookies are not able to execute code or access other information stored on the computer. Web beacons are transparent pixel images that are used in collecting information about website usage, email response and tracking.
Information that may be collected by cookies when you use the Site may include, without limitation:
the pages you visit within the Site;
the date and time of your visit to the Site;
the amount of time you spend using the Site;
the Internet Protocol (IP) address used to connect your computer to the Internet; and/or
your computer and connection information such as your browser type and version, operating system and platform.
Cyber Risk Meetup will not associate identifiers from cookies or similar technologies with sensitive identifiers about you, such as race, religion, sexual orientation or health.
C. Information Collected by Third Parties through Third-Party Links and Content.
D. Information Collected by Third-Party Analytics Services.
E. Information You Share on Third-Party Websites or through Social Media Services.
The Site may include links to third-party websites and social media services where you will be able to post comments, stories, reviews or other information outside of Cyber Risk Meetup’s control. Your use of these third-party websites and social media services may result in the collection or sharing of information about you by these third-party websites and social media services. Cyber Risk Meetup is not responsible for the security or privacy of any information collected by other websites or other services. Information collected by third parties is governed by their privacy practices. We encourage you to review the privacy policies and settings on the third-party websites and social media services with which you interact to make sure you understand the information that may be collected, used, and shared by those third-party websites and social media services.
F. Information You Post on the Site.
If you post information on public areas of the Site, that information may be collected and used by Cyber Risk Meetup, other users of the Site, and the public generally.
3. Use, Sharing and Retention of Personal Information
A. How We Use Your Information.
Cyber Risk Meetup uses personal information for the purposes described at the time of collection, to provide services to you, or registering you for event or training programs, and to otherwise process your requests or address your inquiries. Cyber Risk Meetup also publishes the names, titles, country and business affiliations of Cyber Risk Meetup volunteers, speakers, and others who have assisted with initiatives or events to provide recognition of their contributions to the Cyber Risk Meetup community. Cyber Risk Meetup also uses your information, as permitted by law, to provide you with information about Cyber Risk Meetup, our events or other services in which we believe you may be interested. If you have registered for any Cyber Risk Meetup events, we may email you about other events or services that we believe may be of interest to you. If you wish to opt-out of receiving these emails from us, please follow the instructions contained in an applicable email you receive from us, which will allow you to opt-out of receiving these types of email communications from us. Alternatively, you can reply to the email email and request to be removed from this list. We may also use your personal information to tailor your experience at our Site, to compile and display content and information that we think you might be interested in, and to provide you with content according to these preferences. Cyber Risk Meetup may also use this information to help us understand our attendees’ needs and interests, to better tailor our services to meet your needs.
B. How We Share Your Information with Third Parties.
Except as set forth in this Privacy Notice or when specifically agreed to by you, we will not disclose personal information we gather from you to third parties unless Cyber Risk Meetup is required to share this information to complete your request or for legitimate business purposes. Cyber Risk Meetup shares personal information in the following circumstances:
Third-Party Service Providers. We may share your information with vendors or third parties who deliver or provide goods and services or otherwise act on behalf of or at the direction of Cyber Risk Meetup. These third parties may include, for example, our third-party technology providers, including third-party event hosts, co-organisers, partners, sponsors, and co-sponsors. These third-party service providers will only have access to the information needed to perform these limited functions on our behalf. If you do not wish to have your information included in an attendee list or to receive information from event hosts, co-organisers, partners, sponsors, and/or co-sponsors, you can express your preferences when you register for events or you may contact Cyber Risk Meetup directly at email@example.com.
Volunteers. We may share your information with our affiliates, subsidiaries and Cyber Risk Meetup volunteers for purposes of conducting Cyber Risk Meetup’s internal business operations. Upon request, Cyber Risk Meetup also makes available the names, titles, country and business affiliations of volunteers and others who have assisted with initiatives or events.
Cyber Risk Meetup Events. If you are an event attendee, speaker, or sponsor, certain items of your information may be included in the event roster, which will be publicly disclosed, and may also be shared with third-party event hosts, co-organisers, partners, sponsors, and co-sponsors. Further, by registering and attending a Cyber Risk Meetup event, you agree irrevocably, with no compensation to you, that Cyber Risk Meetup or any third party who is acting on Cyber Risk Meetup’s behalf may create images, videos and/or sound recordings of you (“works”) at the event for marketing purposes. This grant of rights in the works also includes the rights to adapt, reproduce, distribute, perform, make available to the public, broadcast, retransmit or sublicense the works to Cyber Risk Meetup’s affiliates. This grant of rights in the works also includes all current and future media and is not restricted to time or territory.
Response to Subpoenas, Court Orders, Government Requests or to Protect Rights and to Comply with Our Policies. To the extent permitted by law, we will disclose your information to government authorities or third parties if: (a) required to do so by law or regulation, or in response to a subpoena or court order or any other enforceable governmental request or order; (b) we believe in our sole discretion that disclosure is reasonably necessary to protect against fraud, to protect the property or other rights of us or other users, third parties or the public at large; or (c) we believe that you have abused the Site by using them to attack other systems or to gain unauthorized access to any other system, to engage in spamming or otherwise to violate applicable laws. You should be aware that, following disclosure to any third party, your information may be accessible by others to the extent permitted or required by applicable law.
Aggregate Information. We may share your information with affiliated or unaffiliated third parties on an anonymous, aggregate basis. While this information will not identify you personally, in some instances these third parties may be able to combine this aggregate information with other data they have about you, or that they receive from third parties, in a manner that allows them to identify you personally.
Where we do share your personal data with third parties, Cyber Risk Meetup takes steps to ensure that they use appropriate safeguards to protect your personal data.
European Union’s General Data Protection Regulation. The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for data subjects (these are persons that can be identified).
This Privacy Notice is intended to provide you with information about what personal data Cyber Risk Meetup collects about you and how it is used.
If you wish to confirm that Cyber Risk Meetup is processing your personal data, or to have access to the personal data Cyber Risk Meetup may have about you, or have other questions, please contact us via firstname.lastname@example.org
You may also request information through email@example.com the purpose of the processing; the categories of personal data concerned; who else outside Cyber Risk Meetup might have received the data from Cyber Risk Meetup; what the source of the information was (if you did not provide it directly to Cyber Risk Meetup); where the personal data is stored and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by Cyber Risk Meetup if it is inaccurate. You may request that Cyber Risk Meetup erase that data or cease processing it, subject to certain exceptions. You may also ask Cyber Risk Meetup for your personal data to be supplemented or updated, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. You may withdraw your consent for the processing of personal data or the further processing of personal data by Cyber Risk Meetup at any time. You may also request that Cyber Risk Meetup cease using your data for direct marketing purposes. In many countries (including EEA countries), you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Cyber Risk Meetup processes your personal data. When technically feasible, Cyber Risk Meetup will—at your request—provide your personal data to you or transmit it directly to another controller. You have the right to receive your personal information in a structured and standard format.
In addition to the information contained in this Privacy Notice, you may be provided with additional and contextual information concerning particular services or the collection and processing of your personal data upon request.
Reasonable access to your personal data will be provided at no cost to Cyber Risk Meetup attendees, and others upon request made to Cyber Risk Meetup via firstname.lastname@example.org. If access cannot be provided within a reasonable time frame, Cyber Risk Meetup will provide you with a date when the information will be provided. If for some reason access is denied, Cyber Risk Meetup will provide an explanation as to why access has been denied.
D. Security of Your Information.
Cyber Risk Meetup uses reasonable administrative measures to safeguard personal information you provide through the Site or in connection with Cyber Risk Meetup’s events. Please be aware that no data transmission over the Internet can be guaranteed to be 100% secure. As a result, Cyber Risk Meetup cannot guarantee or warrant the security of any information you transmit on or through the Site and you do so at your own risk.
E. Data Storage and Retention.
Your personal data is stored by Cyber Risk Meetup on its servers, and on the servers of the database management services Cyber Risk Meetup engages, located in Australia and Singapore. Cyber Risk Meetup retains data for the duration of the customer’s or member’s business relationship with Cyber Risk Meetup and otherwise as required under applicable law. Personal data will be kept for no longer than is necessary for the purposes for which your personal data are processed. We will retain your personal data as long as you are a Cyber Risk Meetup attendee, subscriber or require our services so that we can provide these services to you.
5. How to Contact Cyber Risk Meetup and Modify Your Information or Preferences.
Questions regarding this Privacy Notice should be directed to: email@example.com. If you would like to modify the types of marketing email messages you receive from Cyber Risk Meetup, you may do so by following the instructions within the body of any email message that you receive from us.
To help us keep your personal information up to date, or to request access to the personal information Cyber Risk Meetup maintains about you, you may send an email to firstname.lastname@example.org.
Cyber Risk Meetup is a professional association and the Site are not directed to children under the age of 13. Cyber Risk Meetup does not knowingly collect personally identifiable data from persons under the age of 13 of COPPA (The Children’s Online Privacy Protection Act). If you are a parent of a child under 13, and you believe that your child has provided us with information about him or herself, please contact us at email@example.com.
7. Modifications to this Privacy Notice.
From time to time, Cyber Risk Meetup may need to update or modify this Privacy Notice, to reflect changes in our business practices, data collection practices or organization. We reserve the right to update this policy for reasons including but not limited to complying with relevant Singapore legislation, Singapore Government guidelines, regulatory directions and other requirements of a similar nature. Examples of these include future amendments to the Singapore Personal Data Protection Act 2012 or amendments to the Singapore Government Instruction Manual.
We reserve the right to amend this Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended Privacy Notice on the Site, or, if you have provided your email address to us, sending you an email notifying you of the amended Privacy Notice. It is strongly recommended to check the Site often, referring to the date of the last modification listed at the top. We will in any case not reduce your rights under this Privacy Notice without your explicit and informed consent. If you do not agree to the changes, you should discontinue your use of the Site, and cease providing personal information to us, prior to the time the modified Privacy Notice takes effect. If you continue using the Site or provide personal information after the modified Privacy Notice takes effect, you will be bound by the modified Privacy Notice.
8. Questions, Concerns or Complaints
If you have any questions or concerns about this Privacy Notice, please email: firstname.lastname@example.org.