Privacy & Data Protection Policy


The Personal Data Protection Act (PDPA) establishes a data protection law that governs the collection, use, disclosure and care of personal data.

The Institute of Internal Auditors (IIA) Singapore respects your privacy and recognises that your personal data is important to you.  We are committed to protect the privacy of your personal information. By providing your personal data to us, you are consenting to the collection, use and disclosure as described in this policy.

The policy explains how IIA Singapore gathers information and its handling practices. If you have any questions regarding IIA Singapore’s PDPA policy or do not feel that your concerns have been otherwise addressed, please contact the Data Protection Officer by sending an e-mail to

Type of Personal Data We Collect

We request information from you in several ways such as through our website, IIA Singapore portals for membership and exam applications and seminars and conferences registrations, forms, surveys, and/or other channels that may be used to personally identify you, including but not limited to:

  • Your personal information such as your name, NRIC/FIN/Passport number, date of birth, gender;
  • Your contact information such as postal addresses, email addresses, telephone and fax numbers;
  • Your past and present employment information such as company name, company type, sector, designation, business telephone and fax numbers;
  • Your past and present academic qualifications and academic results;
  • Your billing information, including name of the credit/debit cardholder, credit/debit card number, security code and expiry date.

Purposes for which the Personal Data is Collected, Used and Disclosed

We may use the personal data you provided for one or more of the following purposes:

  1. To process and administer your membership and certification with us;
  2. In relation to your registration for Continuing Professional Education (CPE) training courses, events, seminars, workshops and/or conferences;
  3. For organising of events such as Conferences, Roundtables, Panel Discussions, Workshops and Talks and also corporate social responsibility projects;
  4. For sharing of your personal data with IIA Global for the purpose of maintaining membership, CPE training and certification records on our systems;
  5. For sharing of your personal data with the examination site administering IIA certification progammes;
  6. To IIA Singapore Board Members and volunteers;
  7. If you are an event attendee, speaker, or sponsor, certain of your information will be included in the event roster, which roster will be publicly disclosed, and may also be shared with third-party such as event sponsors and exhibitors;
  8. If you use our Career Center services, your information may be accessible to potential employers or recruiters;
  9. To those who wish to determine if you are certified, your certification status will be shared with those who inquire with your consent in writing;
  10. For the supply of any goods and/or services which we may offer to you or you may require from us;
  11. For your use of the online services on our websites and/or through other digital or telecommunication channels;
  12. For identification and verification purposes in connection with any of the goods and/or services that may be supplied to you;
  13. To contact you regarding your enquiries and/or feedback;
  14. For the conduct of statistical studies and analysis by us or on our behalf;
  15. To administer contests and lucky draws conducted by us or on our behalf;
  16. To send news and events updates, and/or marketing campaigns in relation to the goods and/or services that we and/or our business partners provide, or on our behalf. You may unsubscribe from this service at any time;
  17. To facilitate payment for goods and/or services provided by us or our subsidiaries, and/or a third party on our behalf including verification of credit card details with third parties and using the personal data you provide to conduct matching procedures against databases of known fraudulent transactions (maintained by us or third parties);
  18. To disclose to a third party to comply with any law, legal requirements, orders, directions or requests from any court, authority or government body of any jurisdiction, which may be within or outside Singapore;
  19. To help us improve our services to you;
  20. Purposes which are reasonably related to the aforesaid.

Disclosure of Personal Data

IIA Singapore will take reasonable steps to protect your Personal Data against unauthorised disclosure. Subject to the provisions of any applicable law, your Personal Data may be disclosed, for the purposes listed above (where applicable), to the following:

  1. Agents, contractors or third party service providers who provide operational services to IIA Singapore, such as courier services, information technology, system operation and maintenance or other services to IIA Singapore;
  2. Our professional advisers such as auditors and lawyers;
  3. Any other party to whom you authorise us to disclose your Personal Data to.


By using IIA Singapore’s website and its online portal and IIA Global’s website, you signify your acceptance of our PDPA policy. If you, as a visitor, choose to log on as a member, register for courses or events, purchase products, apply for membership or certification, or otherwise submit personally identifiable information, you are consenting to IIAS the use of such data in accordance with its PDPA policy.

Links to Other Websites

IIA Singapore website and other digital and telecommunication channels may contain links to other sites that are operated by third party companies with different privacy practices. You should remain alert and read the privacy statements of other sites. We have no control over Personal Data that you submit to or receive from these third parties.

Withdrawal of Consent

If you no longer wish to receive marketing messages from us via voice call, text and/or fax messages, you may request to withdraw your consent by sending an email to

Data Access and Correction

If you would like to have a copy of your personal data being held by us, or to update and/or correct the personal data which you have previously provided to us, please write to:

The Data Protection Officer
The Institute of Internal Auditors Singapore
6 Shenton Way #41-04
OUE Downtown 1,
Singapore 068809

We reserve the right, or may, charge a reasonable fee for the processing of any data access request.

We will correct your personal data as soon as practicable.


For any enquiries on our PDPA policy, please write to:

The Data Protection Officer
The Institute of Internal Auditors Singapore
6 Shenton Way #41-04
OUE Downtown 1,
Singapore 068809

IIA Singapore reserves the right to change this policy with or without notice.