This is our data protection and privacy policy. It tells you how we collect and process data received from you on our site. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

1. Who We Are

Founded in 1989, the Information Security Forum (ISF) is an independent, not-for-profit association of leading organisations from around the world. It is dedicated to investigating, clarifying and resolving key issues in cyber, information security and risk management and developing best practice methodologies, processes and solutions that meet the business needs of its Members.

The legal entity that operates the ISF on behalf of its Members is Information Security Forum Limited.

2. Data Protection and Privacy Policy

The ISF is committed to the protection of your personal information in accordance with the principles set out in the United Kingdom of Great Britain and Northern Ireland’s Data Protection Act 1998 (‘the act’).

These principles require that personal data which we hold must be:

  • Processed fairly and lawfully
  • Processed for limited purposes and in an appropriate way
  • Adequate, relevant and not excessive for the purpose
  • Accurate
  • Not kept longer than necessary for the purpose
  • Processed in line with data subjects’ rights
  • Secure.

Here are the details that we have to provide as a ‘data controller’:

Our site address is:

Our company name is: Information Security Forum Ltd

Our registered address is:

Information Security Forum Limited

42-50 Hersham Road,
United Kingdom,
KT12 1RZ

Tel: +44 20 7212 1745
Fax: +44 20 7213 4813

3. What we may collect

We may collect and process the following data about you:

  • Information you put into forms or surveys on our site at any time
  • A record of any correspondence between us
  • Details of your visits to our site and the resources you use
  • Information about your computer (e.g. your IP address, browser, operating system, etc.) for system administration and to report aggregate information. This is statistical data about browser usage and patterns, and does not identify any individual.

4. Cookies

We use cookies to distinguish users and improve our site.

Cookies contain information that is transferred to a computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service.

You may refuse to accept cookies by activating the relevant setting on your browser. However, if you select this setting you may be unable to access certain parts of our site.

List of cookies we collect

The table below lists the cookies we collect and what information they store.

COOKIE Name COOKIE Description
isf_cookies This cookie is set when the cookie notification bar is closed.
isf_downloaded This cookie is set when data is submitted via the download forms.
isf_event_referer This cookie stores the last visited page type to aid navigation.
_ga Google analytics cookie. Used to distinguish users.

Please look at our Cookies Policy for more cookie information.

5. Links to other sites

The ISF website contains links to other websites. Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our site. If you transfer to another website you should read their data protection statement for their policy on the use of personal information. For the purpose of the Data Protection Act 1998 (the Act), the data controller is Information Security Forum Limited.

6. How we use what we collect

We use information about you to:

  • Present site content effectively to you
  • Provide information, products and services that you request, or (with your consent) which we think may interest you.
  • Tell you about other goods and services that might interest you.

7. Where we store your data

The ISF has members throughout the world and the personal information of those members is necessarily transferred overseas when providing information for the provision of membership services.

8. Disclosing your information

We may disclose personal information about you to third parties if we are under a duty to disclose or share personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of the Information Security Forum, Information Security Forum Limited or its customers, or others.

This includes exchanging information with others to protect against fraud or credit risks.

9. Your rights

You can ask us not to use your data for marketing purposes. You can do this by ticking the relevant boxes on our forms, or by contacting us at any time at

The Data Protection Act 1998 gives you the right to see information we hold about you. This may be subject to a fee (currently £10) for this service.

10. Changes

If we change our Privacy Policy, we will post the changes on this page and, where appropriate, we may also email you.

11. Contact

Questions, comments and requests regarding this privacy policy should be addressed to