EC-Council recognizes the importance of maintaining your privacy and is committed to protecting it and developing technology that gives you the most powerful and safe online experience. This Statement of Privacy applies to current and former visitors to all our EC-Council websites and governs data collection and usage. By using the EC-Council website, you consent to the data practices described in this statement. At EC-Council, the privacy and security of our customers, respondents, and visitors are of paramount importance. We value your privacy and appreciate your trust in us.
What type of personal information do we gather?
EC-Council collects certain personal information about you during your relationship with us. ECCouncil, through various web-platforms that help our members to register, reset passwords, get training, partner with us, etc. collects personally identifiable information that may include:
Contact information. We might collect your name, e-mail, home or work addresses, telephone numbers, organization names, etc.
Payment and billing information. We might collect your billing name, billing address the legal age as permitted by his/her country of origin/residency and payment method when you buy a ticket. We NEVER collect your credit card number or credit card expiry date or other details pertaining to your credit card on our website.
Information you post. We collect information you post in a public space on our website or on a third-party social media site belonging to EC-Council.
Demographic information. We may collect anonymous demographic information, which is not unique to you, such as your ZIP code, age, gender, preferences, interests, favorites, or any other information provided by your during the use of our website. We might collect this as a part of a survey also.
Other information. If you use our website, we may collect information about your IP address and the browser you’re using. This may also include interactions through our website, training centers, meetings with our representatives- from our authorized partners and other third parties or duration of time spent on our website.
EC-Council does not collect, use, or disclose sensitive personal information, such as race, religion, or political affiliations without your explicit consent.
Minor’s Online Privacy
EC-Council’s courses and services are not directed to minors and EC-Council does not knowingly collect online personal information from minors under the legal age as permitted by his/her country of origin/residency. If you are a parent or guardian of a minor and believe that he or she has disclosed personal information to us, please contact us.
Where do we collect Personal Information about you?
We collect information in different ways.
We collect information directly from you. We collect information directly from you when you register or partner with us. You may choose to apply for specific information or services on topics such as products, training, white papers, brochures, etc. which may require you to fill out forms and share your personal information. This information is irrespective of your membership. ECCouncil asks you to allow representatives of EC-Council to contact you for the purpose asked.
EC-Council may collect different data from or about you depending on how you use EC-Council Services. When you create an account and use our Services, including through a third-party platform, we collect any data you provide directly, including, but not limited to data about your accounts on other Services.
We collect information from you passively. We receive and store certain types of information whenever you interact with us. We use browser cookies and web beacons, for collecting information about your usage of our website or any of our subdomains, advertisements, and other content served by or on behalf of EC-Council on other websites. We may use this information for internal analysis and to provide you with location-based services, such as advertising, search results, and other personalized content.
To help us make our emails communication more useful and interesting, we often receive a confirmation when you open email from eccouncil.org, if your computer supports such capabilities. If you do not want to receive e-mail or other mail from us, please edit your customer communication preferences.
We get information about you from third parties. If you access or use our Services through a third-party platform or service, or if you use an integrated social media feature on our websites, or click on any third-party links, the collection, use, and sharing of your data will also be subject to the privacy policies and other agreements of that third party.
We may obtain certain information through your social media or other online accounts if they are connected to your EC-Council account. If you login to EC-Council via social media platforms e.g., Facebook or join EC-Council sponsored WhatsApp Group, another third-party platform or service, we ask for your permission to access certain information about that other account. The third-party social media site may give us certain information about you. For example, depending on the platform or service we may collect your name, profile picture, membership account ID, login email address, location, physical location of your access devices, gender, birthday, and list of friends or contacts. Those platforms and services make information available to us through their APIs. The information we receive depends on what information you (via your privacy settings) or the platform or service decide to give us.
We get information about you from other sources. We might receive information about you from other sources and add it to our account information.
How and why do we use your personal information?
We use information to contact/respond to your requests or questions: We might use the information you provide to contact you to deliver the services you have requested or administering and processing your certification exams.
We use information to improve our products and services. We might use your information to analyze and customize our products, websites, newsletters, and other communications to support and improve your online experience with us.
We use information to look at site trends and customer interests. We may use your information to make our website and products better. We may combine information we get from you with information about you we get from third parties. EC-Council may also contact you via surveys to conduct research about your opinion of current services or of potential new services that may be offered.
We use information for security purposes. We may use information to protect our company, our customers, or our websites.
We use information for marketing purposes. We may use your information for sending communications to you, including for marketing and promotional or customer satisfaction purposes to inform you of other products or services available from EC-Council and its affiliates.
We use information to send you transactional communications. We might send you emails or SMS about your account or a product or service purchase.
We use information as otherwise permitted by law. To comply with our obligations under the law, including record-keeping, reporting, accounting, tax, etc.
Who do we share your personal information with?
EC-Council does not sell, rent, or lease your personal information to third parties without your explicit consent
EC-Council shares personal information in the following ways:
We will share your personal information with our other Group companies for internal reasons, primarily for business and operational purposes.
We will share information with. We share information with vendors who help us manage our online registration process or payment processors or transactional message processors. Some vendors may be located outside of India.
We will share information with our business partners/ third parties who perform services on our behalf. EC-Council may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your unique, personally identifiable information (e-mail, name, address, telephone number) is not transferred to the third party. However, EC-Council may share data with trusted partners to help us perform statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such partners are prohibited from using your personal information except to provide these services to EC-Council, and they are required to maintain the confidentiality of your information.
We may share information if we think we must comply with the law or to protect ourselves.
EC-Council websites will disclose your personal information, without consent, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on EC-Council or the site; (b) protect and defend the rights or property of EC-Council; and, (c) act under exigent circumstances to protect the personal safety of users of EC-Council or the public.
We may share your information for reasons not described in this policy. We will tell you before we do this.
EC-Council does not transfer any sensitive personal information.
By using or continuing to use the site you agree to our use of your information (including sensitive personal information) in accordance with this Privacy Notice, as may be amended from time to time by eccouncil.org at its discretion. You also agree and consent to us collecting, storing, processing, transferring, and sharing information (including sensitive personal information) related to you with third parties or service providers for the purposes as set out in this Privacy Notice.
We may be required to share the aforementioned information with government authorities and agencies for the purposes of verification of identity or for the prevention, detection, investigation, prosecution, or punishment of cyber incidents or any other legal offenses. You agree and consent to EC-Council, at its sole discretion, disclosing the required information with government authorities and agencies in such cases.
EC-Council encourages you to review the privacy statements of websites you choose to link to from EC-Council so that you can understand how those websites collect, use, and share your information. EC-Council is not responsible for the privacy statements or content on websites outside of the EC-Council family of websites.
How EC-Council stores the personal information it collects?
EC-Council stores your personally identifiable information such as name, contact number, email address, etc. on a secure server which is encrypted and is accessible only to EC-Council’s applications. EC Council may be required to share personal information with its affiliates, advisors, and auditors in other countries where it may be processed. If we or our affiliates or our service providers transfer personal information outside of the country of origin, we always require that appropriate safeguards are in place to protect the information when it is processed.
How EC-Council secures your personal information?
We take appropriate technical and organizational measures to secure your information and to protect it against unauthorized or unlawful use and accidental loss or destruction.
EC- Council uses secure servers to store your information and only shares and provides access to your information to the minimum extent necessary, subjected to confidentiality restrictions where appropriate, and on an anonymized basis wherever possible. We also verifying the identity of any individual who requests access to information prior to granting them access to information
EC-Council also uses Secure Sockets Layer (SSL) software or other similar encryption technologies to encrypt any payment transactions you make on or via our website. EC-Council also adopted comprehensive standards such as ISO/IEC 27001:2013.
How long do we keep your personal information?
We will retain your personal information as needed to fulfill the purposes for which it was collected. We will retain and use your personal information as necessary to comply with our business requirements, legal obligations, resolve disputes, protect our assets, and enforce our agreements.
We determine standard retention periods for different categories of personal information in our possession. Where it isn’t possible to determine standard retention periods, we do so, based on the following criteria:
- our relationship with you
- the legal obligations we are subject to.
- the legal basis we have for processing your data (consent, performance of contract, etc.).
- the purposes and uses of your data (this include present and future uses).
- the level of risk with retaining or using your data.
- your rights under the GDPR and other relevant laws.
- any other relevant circumstances.
As EC-Council is a certification body, we store users’ information relevant to the upgrading or renewing their certification which includes submission of ECE Credits in line with the certification ECE policy.
What legal basis do we have for using your personal information?
We process your personal information on the following legal bases:
We use consent to process your data for certain purposes such as when you consent to receive marketing communication, when you express interest in associating with us or to know more about us, etc. You can withdraw your consent at any time by writing to us at the e-mail addresses provided below, or by clicking on the opt-out link.
Performance of Contract
Provided that such processing shall not outweigh your rights and freedoms, we may use your personal information for our legitimate interests which include legal obligations, direct marketing, market research, web analytics/profiling, compliance abidance, customer service, record-keeping, review, research, and analysis, to fulfil our legal obligations under applicable laws, security, storage, etc. You’ve the right to object, on grounds relating to your situation, at any time to processing of personal data concerning you which is based on legitimate interests. More information on this right and on how to exercise it is set out below.
A cookie is a small text file which is placed onto your computer or electronic device when you access our website. Cookies are used to track users’ actions and activities, and to store specific information about your preferences, location, session details, etc. aboutthem. We use these cookies and/orsimilartechnologiesonthis website forthe only purpose of ensuringthat you getthe best experience.You can go to the preference or content setting of your web browser to delete the cookies pertaining to any website at any time.
Consent for Cookies
Turn Off or Opt-Out of Cookies
Rejecting cookies may restrict your browsing experience on EC-Council websites related to important features such as login, location-specific data, and other demographic dependent information.
What rights do you have in relation to the personal information we hold on you, in compliance to GDPR?
The General Data Protection Regulation (GDPR) benefits you several rights when it comes to your
The Right to be Informed.
The Right of Access
You have the right to obtain access to your information that we are processing and certain other information, in accordance with data protection law. Contact EC-Council if you wish to access the personal information EC-Council holds about users/data subjects.
The Right to Rectification
You are entitled to have your information corrected if it’s inaccurate or incomplete.
The Right to Erasure
This is also known as ‘the right to be forgotten’. If users want EC-Council to erase all personal data and we do not have a legal reason to continue to process and hold it, please contact us at [email protected] or [email protected]. This is not a general right to erasure; there are exceptions.
The Right to Restrict Processing
You have rights to ‘block’ or suppress further use of your information. Users have the right to ask ECCouncil to restrict how we process user data. This means we are permitted to store the data but not further process it. We keep just enough data to make sure we respect our users request in the future.
The Right to Data Portability
EC-Council allows to obtain and reuse personal data for purposes across services in a safe and secure way without this effecting the usability of user data.
The Right to Withdraw Consent
If users have given us their consent to process their data but change their mind later, they have the right to withdraw their consent at any time, and EC-Council stop processing their data. Users can write to [email protected] or [email protected] or www.eccouncil.org/unsubscribe
Further information and advice about your rights can be obtained from the data protection regulator in your country.
Data Protection Officer
In accordance with Information Technology Act 2000, India and rules made there under and the General Data Protection Regulation (EU) 2016/679 (GDPR) the name and contact details of the appointed Data Protection Officer are provided below:
Email: [email protected]
If you have any questions about this Policy or other privacy concerns, you can also email us at the abovementioned details.
What is our Opt-Out Policy?
Users may unsubscribe from our marketing communications by clicking on the “unsubscribe” link located on the bottom of our e-mails, or by sending us email us at [email protected] or [email protected] or www.eccouncil.org/unsubscribe Customers cannot opt out of receiving transactional emails related to their account with us or our Services, like aspen emails, certification renewal emails.
Third Party sites
How can you contact us?
All rights reserved by EC-Council.