EC-Council recognizes the importance of maintaining your privacy and is committed to protecting it and developing technology that gives you the most powerful and safe online experience. This Statement of Privacy applies to current and former visitors to all our EC-Council websites and governs data collection and usage. By using the EC-Council website, you consent to the data practices described in this statement. At EC-Council, the privacy and security of our customers, respondents, and visitors are of paramount importance. We value your privacy and appreciate your trust in us.
EC-Council collects certain personal information about you during your relationship with us. ECCouncil, through various web-platforms that help our members to register, reset passwords, get training, partner with us, etc. collects personally identifiable information that may include:
EC-Council does not collect, use, or disclose sensitive personal information, such as race, religion, or political affiliations without your explicit consent.
We collect information directly from you when you register or partner with us. You may choose to apply for specific information or services on topics such as products, training, white papers, brochures, etc. which may require you to fill out forms and share your personal information. This information is irrespective of your membership. ECCouncil asks you to allow representatives of EC-Council to contact you for the purpose asked.
EC-Council may collect different data from or about you depending on how you use EC-Council Services. When you create an account and use our Services, including through a third-party platform, we collect any data you provide directly, including, but not limited to data about your accounts on other Services.
To help us make our emails communication more useful and interesting, we often receive a confirmation when you open email from eccouncil.org, if your computer supports such capabilities. If you do not want to receive e-mail or other mail from us, please edit your customer communication preferences.
We may obtain certain information through your social media or other online accounts if they are connected to your EC-Council account. If you login to EC-Council via social media platforms e.g., Facebook or join EC-Council sponsored WhatsApp Group, another third-party platform or service, we ask for your permission to access certain information about that other account. The third-party social media site may give us certain information about you. For example, depending on the platform or service we may collect your name, profile picture, membership account ID, login email address, location, physical location of your access devices, gender, birthday, and list of friends or contacts. Those platforms and services make information available to us through their APIs. The information we receive depends on what information you (via your privacy settings) or the platform or service decide to give us.
EC-Council does not sell, rent, or lease your personal information to third parties without your explicit consent
EC-Council shares personal information in the following ways:
EC-Council websites will disclose your personal information, without consent, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on EC-Council or the site; (b) protect and defend the rights or property of EC-Council; and, (c) act under exigent circumstances to protect the personal safety of users of EC-Council or the public.
EC-Council does not transfer any sensitive personal information.
By using or continuing to use the site you agree to our use of your information (including sensitive personal information) in accordance with this Privacy Notice, as may be amended from time to time by eccouncil.org at its discretion. You also agree and consent to us collecting, storing, processing, transferring, and sharing information (including sensitive personal information) related to you with third parties or service providers for the purposes as set out in this Privacy Notice.
We may be required to share the aforementioned information with government authorities and agencies for the purposes of verification of identity or for the prevention, detection, investigation, prosecution, or punishment of cyber incidents or any other legal offenses. You agree and consent to EC-Council, at its sole discretion, disclosing the required information with government authorities and agencies in such cases.
EC-Council encourages you to review the privacy statements of websites you choose to link to from EC-Council so that you can understand how those websites collect, use, and share your information. EC-Council is not responsible for the privacy statements or content on websites outside of the EC-Council family of websites.How EC-Council stores the personal information it collects?
EC-Council stores your personally identifiable information such as name, contact number, email address, etc. on a secure server which is encrypted and is accessible only to EC-Council’s applications. EC Council may be required to share personal information with its affiliates, advisors, and auditors in other countries where it may be processed. If we or our affiliates or our service providers transfer personal information outside of the country of origin, we always require that appropriate safeguards are in place to protect the information when it is processed.
We take appropriate technical and organizational measures to secure your information and to protect it against unauthorized or unlawful use and accidental loss or destruction.
EC- Council uses secure servers to store your information and only shares and provides access to your information to the minimum extent necessary, subjected to confidentiality restrictions where appropriate, and on an anonymized basis wherever possible. We also verifying the identity of any individual who requests access to information prior to granting them access to information
EC-Council also uses Secure Sockets Layer (SSL) software or other similar encryption technologies to encrypt any payment transactions you make on or via our website. EC-Council also adopted comprehensive standards such as ISO/IEC 27001:2013.
We will retain your personal information as needed to fulfill the purposes for which it was collected. We will retain and use your personal information as necessary to comply with our business requirements, legal obligations, resolve disputes, protect our assets, and enforce our agreements.
We determine standard retention periods for different categories of personal information in our possession. Where it isn’t possible to determine standard retention periods, we do so, based on the following criteria:
•     our relationship with you
•     the legal obligations we are subject to.
•     the legal basis we have for processing your data (consent, performance of contract, etc.).
•     the purposes and uses of your data (this include present and future uses).
•     the level of risk with retaining or using your data.
•     your rights under the GDPR and other relevant laws.
•     any other relevant circumstances.
As EC-Council is a certification body, we store users’ information relevant to the upgrading or renewing their certification which includes submission of ECE Credits in line with the certification ECE policy.
We process your personal information on the following legal bases:
We use consent to process your data for certain purposes such as when you consent to receive marketing communication, when you express interest in associating with us or to know more about us, etc. You can withdraw your consent at any time by writing to us at the e-mail addresses provided below, or by clicking on the opt-out link.
•     Performance of Contract
•     Legitimate Interests
Provided that such processing shall not outweigh your rights and freedoms, we may use your personal information for our legitimate interests which include legal obligations, direct marketing, market research, web analytics/profiling, compliance abidance, customer service, record-keeping, review, research, and analysis, to fulfil our legal obligations under applicable laws, security, storage, etc. You’ve the right to object, on grounds relating to your situation, at any time to processing of personal data concerning you which is based on legitimate interests. More information on this right and on how to exercise it is set out below.
A cookie is a small text file which is placed onto your computer or electronic device when you access our website. Cookies are used to track users’ actions and activities, and to store specific information about your preferences, location, session details, etc. aboutthem. We use these cookies and/orsimilartechnologiesonthis website forthe only purpose of ensuringthat you getthe best experience.You can go to the preference or content setting of your web browser to delete the cookies pertaining to any website at any time.
Rejecting cookies may restrict your browsing experience on EC-Council websites related to important features such as login, location-specific data, and other demographic dependent information.
The General Data Protection Regulation (GDPR) benefits you several rights when it comes to your personal information.
|Right||What does this mean?|
|2. The right of access||You have the right to obtain access to your information that we are processing and certain other information, in accordance with data protection law. Contact EC-Council if you wish to access the personal information EC-Council holds about users/data subjects.|
|3. The right to rectification||You are entitled to have your information corrected if it’s inaccurate or incomplete.|
|4. The right to erasure||This is also known as ‘the right to be forgotten’. If users want EC-Council to erase all personal data and we do not have a legal reason to continue to process and hold it, please contact us at [email protected] or [email protected] This is not a general right to erasure; there are exceptions.|
|5. The right to restrict processing||You have rights to ‘block’ or suppress further use of your information. Users have the right to ask ECCouncil to restrict how we process user data. This means we are permitted to store the data but not further process it. We keep just enough data to make sure we respect our users request in the future.|
|6. The right to data portability||EC-Council allows to obtain and reuse personal data for purposes across services in a safe and secure way without this effecting the usability of user data.|
|7. The right to withdraw consent||If users have given us their consent to process their data but change their mind later, they have the right to withdraw their consent at any time, and EC-Council stop processing their data. Users can write to [email protected] or [email protected] or www.eccouncil.org/unsubscribe|
Further information and advice about your rights can be obtained from the data protection regulator in your country.
In accordance with Information Technology Act 2000, India and rules made there under and the General Data Protection Regulation (EU) 2016/679 (GDPR) the name and contact details of the appointed Data Protection Officer are provided below:
Email: [email protected]
If you have any questions about this Policy or other privacy concerns, you can also email us at the abovementioned details.
Users may unsubscribe from our marketing communications by clicking on the “unsubscribe” link located on the bottom of our e-mails, or by sending us email us at [email protected] or [email protected] or www.eccouncil.org/unsubscribe Customers cannot opt out of receiving transactional emails related to their account with us or our Services, like aspen emails, certification renewal emails.
All rights reserved by EC-Council.