In connection with the Personal Data Protection Act (No. 26 of 2012) (“the Act”), this Statement sets out how we,  ISS Data entities and its affiliates (together “ISS Data Group”), manage personal data which is subject to the Act. The security of your personal data is important to us. This Statement describes how we collect, use, disclose, process and protect your personal data.

In using or continuing to use websites and/or services from any ISS Data entity, you shall be deemed to have consented, accepted and agreed to be bound by the provisions of this Statement and for your personal data to be used for the purposes stated herein.

This Statement supplements but does not supersede nor replace any other consent you may have previously provided to us in respect of your personal data.

For the purposes of the Act, we are a data intermediary when we process personal data on behalf of and for the purposes of another organisation. At the same time, we also collect use and disclose personal data for purposes that are reasonable and appropriate.

This Statement forms part of the terms and conditions, if any, governing your specific relationship with any entity within ISS Data Group and should be read in conjunction with such terms of engagement. In the event of any conflict or inconsistency between the provisions of this Statement and the terms of engagement, the terms of engagement shall prevail to the fullest extent permissible by law.




We may collect personally identifiable information from you which we require in order for us to provide our services to you, for a purpose authorised by you or for purposes that are reasonably appropriate:

  1. your name, NRIC, passport or other identification number, personal telephone number(s), personal mailing address, personal email address, bank account number, employment history, education background;
  2. photos, film, CCTV and/or video recordings of you;
  3. information about your use of our websites, including cookies, IP addresses, etc.
  4. any other information relating to you which you have provided us in any forms you may have submitted to us, or in other forms of interaction with you.


Before you disclose to us the personal information of another person, you must obtain that person's consent to both the disclosure and the processing of that personal information in accordance with the terms of this Statement. Failure on your part to do so or to ensure that the personal data for another person is complete, accurate, true and correct may result in us being unable to provide you with the services you have requested or require.


Personal data may be shared among our subsidiaries, affiliates, network firms and third parties to enable us to provide our services to you and for our business purposes including:

  1. office management, operations and administration purposes and for independence and conflict clearance, due diligence and background checks in accordance with legal, regulatory and professional requirements;
  2. providing you with information relevant to your business, and to ensure your continuous access to publications, events, news and promotional materials which may be of interest to you;
  3. organising events and seminars, recording or taking photographs of participants at events or functions organised, hosted or participated by us;
  4. generating reports and performance of analytics for the purposes of developing or improving our products, services, security, service quality and marketing strategies; and
  5. to the extent necessary to comply with any laws, regulations, rules, directions and guidelines.

Arrangements are in place to protect the security of any personal data shared.




We will not:

  1. disclose your personal information except to those to whom disclosure is necessary to provide our services to you or in the management, operation and administration of our business and who are similarly bound to hold your data in confidence; or
  2. disclose your personal information unless required to do so by law or in the good faith belief that such disclosure is reasonably necessary: (i) for our professional advisers such as our lawyers (ii) comply with legal process such as if required by any court, tribunal, regulator, government department, agency, ministry, statutory board or relevant authority; (iii) respond to claims that any of personal data provided to us violates the rights of third parties; or (iv) protect our rights, property, or personal safety and that of our clients or the public.




To safeguard your personal information, all electronic storage, hosting, processing, transmission and backup (for disaster recovery or otherwise) of personal and other information are secured with appropriate administrative, physical and technical security measures. You acknowledge and consent that we may make use of cloud services within or outside Singapore (which may be managed by a third party service provider). While we take reasonable efforts to maintain the confidentiality and security of your personal data, we cannot guarantee that any information that is transmitted or stored electronically is completely secure.




We will retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required for legal or business purposes. Any personal data which are no longer needed for legal or business purposes will be destroyed or anonymised according to our document retention policy.




Your information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this Statement. We will take reasonable steps to ensure that such personal data transferred receives a standard of protection comparable to the protection required under the Act.


If you use our services while you are outside Singapore, your personal data may be transferred outside Singapore in order for us to provide you with those services. Where you have engaged us to carry out any work in any jurisdictions outside Singapore, the transfer of your personal data to these jurisdictions may be necessary to give effect to your instructions.




Our website uses cookies. By using our website, you consent to our use of cookies which will provide you with a more personalised experience. You can choose to turn off all cookies. If you turn the cookies off, you won't have access to many features that make your site experience more efficient and some of our services will not function properly. Please refer to your browser’s documentation to check if cookies have been enabled on your computer or to request not to receive cookies.


We use Google Analytics to analyse the use of our website. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users' computers. The information generated relating to our website is used to create reports about the use of our website. Google will store this information. If you want to opt out of Google Analytics, you can download and install the add-on for your web browser here.


Our advertisers, sponsors and content providers may also use cookies and web beacons on our website in order to provide you with information and advertisements which are of interest to you. We do not have control over such third party cookies.


We may also include third party links on our website for your convenience and information. These linked sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites and we encourage you to consult the privacy notices of those sites.



In addition to and without affecting the generality of the other provisions of this privacy policy, this Clause 7 shall apply in relation to virtual events such as, but not limited to, webinars, video-conferences and/or virtual meetings and workshops (“Virtual Events”).


In the course of Virtual Events, visual and/or audio recordings of you, including but not limited to photographs, videos, images, and recordings of interviews, may be carried out by us or parties appointed by us for the purposes of record and/or post-event publicity on our website, social media platforms, and/or any other publications such as newsletters, and/or any third party’s website, social media platforms and/or other publications approved by us. By participating in these Virtual Events, you consent to the collection, use and disclosure by ISS Data Group of any visual and audio recordings taken of you including through third-party virtual event facilities during such Virtual Events for the aforementioned purposes.


By participating in our Virtual Events, you release ISS Data Group, its officers, employees, and each and all persons involved, from any liability connected with the taking, recording, or publication of the said visual and/or audio recordings.


The Virtual Events and any of their recordings are to be viewed by the registrant only. Unless otherwise indicated, ISS Data Group and/or the Virtual Event presenter(s) own the copyright for all content presented, referenced or otherwise used in the Virtual Event. The Virtual Events (and any content therein) must not be recorded, reproduced, modified, redistributed and/or republished in any way (in whole or in part) without the prior written consent of ISS Data Group and/or the Virtual Event presenter(s).




We may, upon written request, allow you to view stored personal information subject to legal requirements. We reserve the right to charge a reasonable administrative fee for this service. We will respond to such request within 30 days of receipt of your written request.

Kindly inform us in writing if any personal information which we hold about you needs to be corrected or updated.




You may, subject to applicable law, regulations and professional standards, at any time, give us reasonable written notice of your withdrawal of consent to collect, use or disclose the personal information. If you choose to withdraw your consent to any or all or the disclosure of your personal data, please note that we may not be in a position to continue providing our services to you Withdrawal may also result in the termination of any agreement you may have with us.




If we process personal data on your behalf and for your purposes as a data intermediary, we shall:

  1. observe the relevant obligations under the Act in the performance of our services;
  2. process the personal data we receive from you only to the extent necessary for the purposes specified in the engagement and in accordance with your instructions from time to time given in writing and shall not process the personal data for any other purpose;
  3. ensure that access to the personal data is limited to employees who need to access to meet our obligations to you;
  4. in order to perform the services, share the personal data with our subsidiaries and affiliates, whether in Singapore or elsewhere. When doing so, we will require them to ensure that the personal data are kept secure and confidential;
  5. use reasonable degree of professional care to prevent unauthorised use, dissemination or disclosure of personal data, and shall implement any generally applicable physical, technical and administrative measures to protect the personal data from accidental or unauthorized disclosure, alteration, loss or destruction;
  6. notify you promptly in writing if we become aware of any accidental or unauthorized disclosure, alteration, destruction or loss of personal data unless prohibited from doing so by law;
  7. take reasonable action within reasonable time, and investigate the security incident, and use its best efforts to mitigate the impact and scope of any security incident, and to carry out such recovery or other action we determine necessary in the circumstance to remedy the security incident; and
  8. not hold personal data any longer than required by law for the purpose of performing or having performed the services or for legal or business purposes.


In the same regard, if we process personal data on your behalf and for your purposes, you:

  1. will provide us with specific written instructions with regard to the processing of personal data. Oral instructions given by your authorised representatives will be accepted by us in case of emergency only and subject to immediate written confirmation;
  2. undertake and warrant that you have lawfully obtained personal data of your employees and have sufficient legal grounds, including all necessary authorizations, consents or permissions to provide us with the personal data, and that the same are accurate and provided in any form, to us in a secured way;
  3. will inform us immediately in writing of any change, including any error or omission, with regard to the lawful processing and use of any of the personal data; and
  4. will inform us as soon as reasonably possible of any access request, request for correction or blocking or deletion of personal data or any objection made by the employees related to the processing of their personal data.




We will amend this Statement from time to time and the updated versions will be posted on our website and date stamped so that you are aware of when the Statement was last updated. We encourage all users to periodically review our website for the latest information on our privacy practices. Continued use of our services and website following the posting of changes to this Statement shall constitute your consent to such changes.



If you require more information relating to this Statement or require or access to correct or update your personal data or to withdraw your consent, please contact us at:

Data Protection Officer
ISS Data Pte Ltd
9 Tampines Grande
Asia Green #02-11
Singapore 528735
Tel: 6887 3418

If your personal data was provided to us by a third party, kindly contact that organisation to make such a request or query on your behalf.