This Privacy Policy explains how the International Governance Standards Board (IGSB) collects, uses, and protects personal data in connection with its website and written correspondence.
The International Governance Standards Board (IGSB) is an independent standards body. IGSB operates a public website and conducts written correspondence in connection with governance standards, research, readiness reviews, assessment, and certification activities.
IGSB does not provide advisory, consultancy, or implementation services.
This Privacy Policy applies to personal data collected through the IGSB website and through written correspondence with individuals and organisations.
It does not apply to third-party websites that may be linked from the IGSB website. Those sites are governed by their own privacy policies.
IGSB may collect limited personal data, including:
- Names and professional contact details provided through written correspondence
- Email addresses used to communicate with IGSB
- Organisational affiliation where relevant to the correspondence
- Technical data such as IP address, browser type, and access logs generated through normal website operation
IGSB does not intentionally collect special category personal data.
Personal data is processed solely for legitimate institutional purposes, including:
- Responding to written enquiries
- Managing correspondence related to standards, research, readiness reviews, assessments, or certification
- Maintaining records necessary for institutional governance, legal, and compliance purposes
- Operating and securing the IGSB website
Personal data is not used for marketing, profiling, or promotional activity.
IGSB processes personal data on one or more of the following lawful bases:
- Legitimate interests in operating an institutional standards body
- Performance of tasks carried out in connection with written engagements
- Compliance with legal or regulatory obligations
Where required by law, consent will be obtained prior to processing.
Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, including institutional record-keeping and legal obligations.
Retention periods may vary depending on the nature of the correspondence or engagement. Data that is no longer required is securely deleted or anonymised.
IGSB does not sell, rent, or trade personal data.
Personal data may be shared only where necessary for legal, regulatory, or institutional governance purposes, or where required by law. Any such sharing is limited to the minimum necessary information.
IGSB implements appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or disclosure.
However, no website or electronic transmission method can be guaranteed to be completely secure.
Subject to applicable law, individuals may have rights including access to their personal data, correction of inaccurate data, and objection to certain processing activities.
Requests relating to personal data should be made in writing via the Contact page.
All correspondence with IGSB is conducted in writing. IGSB does not engage via telephone calls, video meetings, or live chat.
Written correspondence forms part of the institutional record.
IGSB may update this Privacy Policy from time to time to reflect legal, regulatory, or operational changes. The current version published on the website is authoritative.
%20(2).png)