OT Security Professionals (OTSecPro)

Join us

Privacy Policy

OT Security Professionals Association (OTSecPro)

Last Updated: 20 March 2026

🧭 1. Introduction

OT Security Professionals Association (“OTSecPro”, “we”, “our”, “us”) is committed to protecting your privacy and ensuring that personal data is processed in a lawful, fair, and transparent manner.

This Privacy Policy applies to data collected through:

  • OTSecPro Web Portal (https://www.otsecpro.org)
  • Member Verification Forms
  • Community platforms (including WhatsApp and related channels)

OTSecPro operates as a Section 8 Company under the Companies Act, 2013 (India), functioning strictly as a non-profit professional community.

Domain Ownership, Usage & Authenticity.

OT Security Professionals Association aka OTSecPro, a non-profit community initiative, owns and operates the following domain names as part of its official digital infrastructure:

These domains are exclusively used for the organization’s official purposes, including but not limited to:

  • Hosting the official website and community platforms
  • Managing official communications (including email correspondence)
  • Conducting webinars, events, and knowledge-sharing initiatives
  • Publishing content, resources, and community updates

All communications, content, and engagements originating from the above domains shall be considered authentic and authorized representations of OTSecPro

Impersonation & Misuse Protection

Any unauthorized use, imitation, or misrepresentation of the above domains, including the creation of similar-looking domains, email addresses, or digital assets intended to mislead, impersonate, or defraud stakeholders, is strictly prohibited.

OTSecPro does not take responsibility for any communication, transaction, or engagement originating from domains, platforms, or sources other than those explicitly listed above.

Users, members, and partners are strongly advised to verify the authenticity of communications and report any suspicious or fraudulent activity to the organization through its official channels

Governance Alignment

The usage and management of these domains are governed by OTSecPro’s applicable policies, including its Terms of Use, Privacy Policy, and Community Guidelines. By accessing or interacting with these domains, users agree to comply with the stated policies and the overarching mission of the organization.

🌐 2. Who We Are

Our website address is: https://www.otsecpro.org

We are a global community of professionals across:

  • Operational Technology (OT)
  • Industrial Control Systems (ICS)
  • SCADA & Substation Automation
  • Cyber Security

📊 3. Data We Collect

We collect limited, relevant, and necessary personal data, including:

  • Name, professional role, organization (if provided)
  • Email address and mobile number
  • Professional background (OT / ICS / Cybersecurity relevance)
  • Information submitted for verification or membership
  • Website usage data (cookies, analytics, device/browser info)

⚠️ We do not intentionally collect sensitive personal data unless explicitly required and consented.

📊🎯 4. Purpose of Data Processing

Your data is processed strictly for:

  • Membership verification and eligibility assessment
  • Enabling access to community platforms and regional groups
  • Communication of updates, initiatives, and activities
  • Preventing spam, impersonation, or misuse
  • Maintaining a secure and trusted professional environment
  • Improving website performance and user experience

⚖️ 5. Legal Basis for Processing

We process data based on:

  • Consent (form submissions, platform usage)
  • Legitimate Interest (community security, integrity, operations)
  • Legal Compliance under:
    • Digital Personal Data Protection (DPDP) Act, 2023
    • GDPR (where applicable)

You may withdraw consent at any time.

🔄 6. Data Sharing & Disclosure

  • Access is restricted to authorized OTSecPro core team members
  • We do not sell, rent, or commercially share personal data
  • No advertising, profiling, or third-party monetization

Data may be disclosed only if required by law.

⏳ 7. Data Retention

We retain data only as long as necessary to:

  • Maintain membership records
  • Support operational and verification processes
  • Comply with legal obligations

Data may be deleted upon:

  • Withdrawal of consent
  • Membership exit
  • Valid erasure request

🔐 8. Data Security

We implement appropriate safeguards to protect data against:

  • Unauthorized access
  • Disclosure or misuse
  • Alteration or loss

👤 9. Your Rights

You have the right to:

  • Access your data
  • Request correction or deletion
  • Withdraw consent
  • Restrict or object to processing
  • Request data portability (GDPR/DPDP)
  • Lodge a complaint

📩 Contact: connect@otsecpro.org

💬 10. Comments

When visitors leave comments:

  • We collect form data, IP address, and browser details
  • Used for spam detection and moderation

Comments may be reviewed and moderated to maintain professional standards.

Gravatar

An anonymized email hash may be shared with Gravatar:
https://automattic.com/privacy/

🖼️ 11. Media

  • Avoid uploading images with embedded location data (EXIF GPS)
  • Publicly uploaded media may expose metadata

🍪 12. Cookies Policy

We use limited cookies for functionality and security.

Types of Cookies

  • Essential Cookies – login, session, security
  • Performance Cookies – usage insights
  • Preference Cookies – user settings

⚠️ No advertising or behavioral tracking cookies are used.

We use limited cookies for functionality and security.

Cookies Use Cases

  • Comment form convenience (1 year)
  • Login/session cookies (2 days to 2 weeks)
  • Screen preferences (1 year)
  • Content editing cookies (1 day)

You can manage cookies via browser settings.

📊 13. Analytics & Usage Tracking

We use privacy-conscious analytics to collect:

  • Page visits and navigation patterns
  • Device, browser, and OS details
  • General location (non-precise)
  • Session behavior

Purpose:

  • Improve platform usability
  • Enhance content relevance
  • Identify technical issues

✔️ Data is aggregated and anonymized wherever possible
❌ No profiling or cross-platform tracking

🔗 14. Embedded Content

Embedded content (videos, articles, etc.) behaves like visiting external websites.

These sites may:

  • Collect data
  • Use cookies
  • Track interactions

OTSecPro is not responsible for third-party practices.

🔄 15. Data Sharing (Specific Cases)

  • Password reset emails may include IP address for security
  • Comments may be processed via spam detection services

⏳ 16. Data Retention (Website Users)

  • Comments retained indefinitely
  • Registered users can view/edit/delete personal data (except username)
  • Admins may access data for operational purposes

🌍 17. Cross-Border Data Processing

  • Data may be processed in India or other compliant jurisdictions
  • Safeguards applied as per DPDP and GDPR

📱 18. Community Platform Disclaimer (WhatsApp & Others)

  • Your mobile number/profile may be visible to other members
  • OTSecPro is not responsible for private interactions
  • Members must maintain professional conduct

⚖️ 19. Section 8 Non-Profit Commitment

As a Section 8 Company:

  • No profit distribution
  • No data monetization
  • No commercial exploitation of member data

Data is used strictly for:

  • Cybersecurity awareness
  • Community development
  • Knowledge sharing

🔄 20. Updates to This Policy

This Privacy Policy may be updated periodically.
Changes will be reflected with a revised “Last Updated” date.

📬 21. Contact Information

📧 Email: connect@otsecpro.org
🌐 Website: https://www.otsecpro.org

OTSecPro is committed to building a secure, trusted, and professionally governed OT cybersecurity community, where privacy, integrity, and responsible data handling are foundational principles.