Who we are and what we do

The Immigration & Checkpoints Authority (ICA) is a Singapore Public Agency responsible for securing Singapore’s borders against the entry of undesirable people and cargo through land, air and sea checkpoints.

ICA also administers immigration and registration services, such as issuing passports and Identity Cards to Singapore citizens, and immigration passes and permits to foreigners.

As a security agency, we enforce laws and regulations relating to immigration and registration. This includes conducting inland enforcement operations against immigration offenders. We are a member of the Home Team under the Ministry of Home Affairs.

What information do we collect about you

In general, we collect information that is required for the performance of our statutory functions of maintaining border security and administering immigration and registration services. Such information includes but is not limited to your personal identifiers, travel document information, background information e.g. educational background, employment and family details, and contact information. In addition, we collect technical information from you when you use our digital services, and any other information you may submit when you or someone you have authorised on your behalf use our services in-person (such as submitting an application form at the ICA Building).

How will we use the information about you

In general, we use your information for the following purposes:

1. Maintaining border security
2. Administering immigration facilities
3. National Registration

To fulfil our statutory functions, we are authorised under Singapore law to collect, use or disclose Personal Data, including but not limited to the Constitution of the Republic of Singapore, Immigration Act 1959, Immigration Regulations, Passports Act 2007, Passports Regulations 2007, National Registration Act 1965, National Registration Regulations, Registration of Births and Deaths Act 2021, Registration of Births and Deaths Regulations 2022, Public Sector (Governance) Act 2018.

We also use your information to serve you better, to provide you with our services for customer support, for law enforcement, for research and development, for legal proceedings and requirements and to support Whole-of-Government initiatives.

Who do we share your information with 

We may share your information with:

1. Other Government Agencies (Organs of State, Ministries, Departments and Statutory Boards)
2. Non-Government Entities such as:
   1. Authorised third party service providers or agents to the extent necessary for them to carry out specific Government services 
   2. Authorised representatives acting on behalf
   3. Next-of-kin
   4. Airport/Port operator
   5. Foreign authorities or international bodies

How can you exercise your access or correction rights 

Please contact ICA via the Feedback Form to request for:

1. more information on or access to your Personal Data which you have provided to us in the past; or
2. a correction of error or omission in your Personal Data that you have provided to us in the past.

We endeavour to assist with your requests unless exceptions or prohibitions apply. Please note that data privacy regulations/rules in Singapore do not provide individuals the right to request for data erasure or deletion. ICA, however, will cease to retain your personal data where retention is no longer necessary to fulfil the purpose(s) for which the personal data was collected for, or no longer necessary for official government purposes.

We collect Personal Data directly from you, or from other sources.

1. Data we collect directly from you or authorised representatives acting on your behalf

The types of data that we collect depend on the circumstances of collection and the nature of the service requested/provided or transaction undertaken. They include:

1. Personal information that can be used to identify an individual, such as name, sex, date of birth, nationality, race, religion, dialect group, personal identification numbers (e.g. NRIC number, FIN), biometrics (fingerprints, facial image and iris image) including photograph-of-the-day (captured for facial authentication when an individual performs immigration clearance at our checkpoints) and photograph on the passport biodata page;
2. Travel Document information such as travel document number, travel document type, country of issue, date of issue, date of expiry, including supporting documents with information such as photocopy of the passport biodata page;
3. Contact information such as residential address, phone number, email address;
4. Health or medical information such as vaccination status, health status, medical test result, information provided in letters and requests related to health or medical conditions;
5. Educational history and qualifications such as name of educational institution, country of educational institution, level of qualifications, including supporting documents such as educational certificates (for application of immigration facilities such as Singapore Citizenship and Permanent Residence);
6. Employment and income information such as employment status, name of employer/ company, position held, monthly salary, including supporting documents such as pay slips (for application of immigration facilities such as Singapore Citizenship and Permanent Residence);
7. Entry and exit information during immigration clearance at our checkpoints, including trip details (e.g. submitted via the Singapore Arrival Card, where applicable);
8. Activities in Singapore including intended activities, place of accommodation, employment in Singapore and other security questions that our immigration officers may enquire travellers at our checkpoints;
9. Risk indicators such as past criminal offences and investigations;
10. Transaction information related to the use of our services, including the type of services requested or provided; transaction details (such as application reference number, date and time, payment details) and appointment information.
11. Behavioural information captured by sensors such as CCTVs and Body Worn Cameras (BWCs).  
12. Information required under our immigration and registration laws such as information provided to us in the reporting of births or deaths in Singapore in accordance with the requirements under the Registration of Births and Deaths Act 2021 or information required by us under the Immigration Act 1959 including declaration for past convictions to assess your eligibility for immigration facilities;
13. Information you provide or information about your interactions with our staff, such as the details of any complaint cases, email inquiries, call details and other information relevant for our staff to assist you;
14. Information you choose and/or consent to submit when you use our website, mobile application, smart kiosks or other online facilities, including, but not limited to:
    • information in the queries you enter into our chatbot, social media sites, website and mobile application;
    • photographs, screenshots, audio or video recordings you submit to us in connection with a customer support request;
15. Data collected through cookies such as information relating to the use of our digital services. While this cookie can tell us when you enter our digital services and which pages you visit, it cannot read data off your hard disk. Not all cookies collect personal data and you may configure your preferences and settings to reject the use of cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may however, prevent you from taking full advantage of the digital service.
16. Data collected through Analytics tags such as the effectiveness of functionalities, features and user preferences relating to our digital services.

Note: Where you disclose Personal Data of another individual to us, you undertake to ensure that the individual whose Personal Data is supplied to us has, where required under applicable data protection laws, authorised the disclosure, is informed of, understands and acknowledges the provisions of this Privacy Statement.

2. Data we receive or collect from other sources

They include:

1. Advance passenger information which includes booking data, check-in data and flight manifests that we collect from airlines for flights arriving at or departing from Singapore.
2. Data we receive or acquire from other Government Agencies for legitimate purposes including the following:
   • to improve the efficiency and effectiveness of ICA’s services to you (such as the authentication of an individual’s identity via SingPass and the pre-filling of electronic forms via MyInfo);
   • for purposes in line with Section 4 of the Public Sector (Governance) Act 2018;
   • for purposes in the public or national interest (such as to ensure border security);
   • for evaluative purposes (such as to determine an applicant’s eligibility for immigration facilities);
   • for enforcement, investigation or Court proceedings;
   • to recover a debt owed by an individual to us or to pay to the individual a debt owed to him.

3. Data we receive or acquire from Non-Government Entities for legitimate purposes including:

1. Employment reference checks with an individual’s former employer(s) or referees provided by the individual to determine an individual’s suitability for employment;
2. Data we receive or acquire from Foreign Authorities to investigate suspected or potential contravention of Singapore’s immigration and registration laws, international laws, for the provision of mutual assistance in parallel or joint investigations into potential cross border contraventions of legislations, to respond to an emergency or a crisis, or for purposes that are in the vital interests of an individual or individuals, or in the public interest (including without limitation national interest).
3. Individuals providing information of other individuals in connection with appeals, requests, enquiries, reporting of immigration offences and scams or information provided to us as required under our immigration and registration laws e.g. a certified medical practitioner providing information of an individual’s death under the Registration of Births and Deaths Act.

Specifically, we use data for:

1. Securing of Singapore’s borders

This includes but not limited to using data to:

1. Control entry of people and cargo according to immigration and customs laws and regulations. This includes working with other controlling agencies, such as the Health Sciences Authority and Singapore Customs, to control the importation or possession of prohibited, controlled or dutiable goods.
2. Protect against threats to public security and safety
3. Detect and prevent crime. This includes surveillance and security monitoring at the checkpoints achieved through information collection by sensors such as CCTVs, BWCs, Automatic Number-Plate Recognition (ANPR) cameras augmented by video analytics capabilities to flag out anomalies such as intrusion attempts in real-time.
4. Develop risk and fraud profiles, including performing advance risk assessment prior to the arrival of travellers in Singapore. 
5. Support removal, repatriation and detention of undesirable persons.

2. Provision of immigration and registration services

This includes, but not limited to, administering:

1. Application or renewal, for immigration facilities such as Student’s Pass (STP), Long Term Visit Pass (LTVP), Permanent Residence or Singapore Citizenship, including application assessment and review;
2. Registration or re-registration of NRIC, replacement of lost or damaged NRIC, change of NRIC particulars;
3. Change of residential address for NRIC holders and LTVP/ STP holders;
4. Application for Singapore Passport, replacement of lost or damaged Singapore Passport, reporting of foreign passport lost in Singapore;
5. Application for, renewal or transfer of re-entry permit;
6. Birth and death registration and application for birth and death extracts; 
7. Application for other documents such as Certificate of Identity, change of particulars for Certificate of Identity, replacement of lost or damaged Citizenship Certificate, endorsement of Right of Entry (ROE); 
8. Application for overseas expedited immigration clearance such as APEC Business Travel Card and automated clearance such as the Singapore-United States of America Trusted Traveller Programme (TTP);
9. Application for Singapore entry visa;
10. Application for extension of Visit Pass;
11. Enrolment for Automated Clearance Initiative.
    

Note: We may also use your data to engage with your sponsors or other relevant individuals such as your dependants for applications concerning them and/or you.

3. Law Enforcement 
As a security agency under the Ministry of Home Affairs, we use data and information to enforce laws and regulations relating to immigration and registration, including for investigation, prosecution and risk assessment purposes.

4. Whole-of-Government initiatives 
We use data to support inter-governmental programmes, functions or services where necessary and justified by a legal basis. 

5. Legal proceedings and requirements
We use data to investigate or address claims or disputes relating to the use of ICA’s services, to satisfy requirements under applicable laws, regulations, or operating licences or agreements, or pursuant to a court order.

6. Employment 
If you provide us with your Personal Data voluntarily through a job application portal, either in response to our recruitment advertisement or otherwise, we will use the Personal Data to determine your eligibility, suitability or qualifications for employment with us. We may also use publicly available information about you or information collected from other sources such as your former employer or referees for evaluative purpose.

7. Purposes of Legitimate Interests

1. Customer support  
   ICA uses the information we collect to provide customer support in-person, over the phone, via written correspondences such as letter, SMS or email, including the management of appointment bookings, issuance of notices and reminders and the support of appeal and review processes. We also use information (which may include call recordings and video footages) to investigate and address customer concerns and to monitor and improve our customer support responses and processes.
2. Policy Analysis, Review and Formulation
   We use data for testing, research and analysis to improve service delivery and efficiency in executing our statutory functions. This includes making our services more convenient and easier to use, enhancing the safety and security of our services and systems and developing new services and features. We also use data for immigration and registration policy review e.g. policy review of the Singapore passport validity period, for incident or crisis management or to ensure business continuity e.g. traffic flow and crowd control management at our checkpoints. 
3. Parliamentary or Media Questions
   We use data to respond to questions raised in the Singapore Parliament or by the Media that are related to our statutory functions e.g. statistical analyses of PR applications.
4. Service Delivery
   As it is in our legitimate interests to be responsive to you, to provide optimum service delivery and to ensure the proper functioning of our products, services and organisation, we use data to:
   • administer our website and mobile application, and for internal operations, including troubleshooting, data analysis, testing, research and statistical purposes to understand how our services are used;
   • monitor and record calls for quality, training, analysis and other related purposes to improve service delivery;
   • provide you with support services;
   • send you service emails, such as appointment reminders;
   • respond to your enquiries, requests or feedback;
   • enforce our terms, conditions and policies;
   • perform statistical analysis so that we can improve our service offering e.g. statistical analysis of traffic conditions and trends at our checkpoints to deploy strategies to minimise congestion and ensure smoother immigration clearance;
   • personalise our services for you, including providing recommendations;
   • improve the safety and reliability of our services. This includes detecting, preventing and responding to fraud, abuse, security risks and technical issues that could harm ICA, the Government, our users, or the public.

We share Personal Data with third parties for purposes justified by legal bases and strictly on a need-to-know basis. ICA will never sell your personal data.

1. Other Government Agencies

We share Personal Data with other Government Agencies to facilitate and enhance service delivery to provide services that are easy, seamless and relevant for our citizens and businesses and to support the Government’s discharge of public functions.

Purposes

They include:

1. Service Planning and Delivery such as:
   • Administering Government scheme benefits e.g. we share data with the Ministry of Finance and CPF Board to administer the disbursement of GST vouchers;
   • Delivering digital services e.g. we share data with GovTech to support the National Digital Identity (NDI) initiative;
   • Programme management e.g. we share data with the Infocomm Media Development Authority (IMDA) to support the Seniors Go Digital Programme;
   • Supporting other operational needs e.g. we share data with Health Promotion Board to support the operational need of letter dissemination to seniors to receive vaccination as recommended under the National Adult Immunisation Schedule (NAIS).
2. Policy Analysis, Review and Formulation informed by data, including by conducting surveys, studies, research or data analytics work e.g. we share data with the Ministry of Education to support education policy analysis and review.
3. Law Enforcement including crime prevention, criminal investigation or fraud detection to uphold the rule of law and to ensure the safety and security of Singapore e.g. we share data with law enforcement agencies such as the Singapore Police Force to prevent, deter and detect crime and for criminal investigation and prosecution.
4. Legal proceedings to produce information or documents in Court.
5. Public interests including the protection of national security and interests e.g. we share data with the Ministry of Health to support Covid-19 operations to contain the threat to public health and public order.
6. Public accountability for the government’s policies and decisions e.g. we share data with the national auditor, Auditor-General’s Office Singapore (AGO), for the auditing of public funds and resources.
7. Vital interests of individuals such as to respond to an emergency that threatens the life, health or safety of an individual or individuals or to contact the next-of-kin or a friend of any injured, ill or deceased individual e.g. we share data with the Ministry of Social and Family (MSF) under the Hague Convention to assist on child abduction matters.
8. Legitimate interests of the Singapore Government such as:
   • To secure economies or efficiencies for the Singapore public sector e.g. we share data with other government agencies under the “Tell Us Once” policy to minimise duplicative data collection efforts by other government agencies and also to provide better service and convenience to the public;
   • To ensure business continuity e.g. we share data with other government agencies for national emergency planning;
   • To ensure accountable and prudent stewardship of Singapore public sector finances and resources e.g. we share data with the Auditor-General's Office (AGO) for audit checks;
   • To manage risks to the financial position of the Government e.g. we share data with other government agencies for payment, loan or debt recovery;
   • To uphold and promote the values of the Singapore public sector e.g. we share data with the Prime Minister’s Office’s National Population and Talent Division for studies on e.g. a Strong Singapore Society;
   • To support a whole-of-government approach in the discharge of the Singapore public sector agencies’ functions. e.g. we share data with People’s Association for Covid-19 mask distribution.
9. Archival or preservation of records We are required under the Government’s Instruction Manual to transfer public records of archival and preservation value to the National Archives of Singapore. These include records that contain vital documentation of the identity, rights and responsibilities of individuals, such as birth, citizenship or death of an individual.

2. Non-Government Entities (NGEs)

An NGE refers to an individual, company or an incorporated body of persons e.g. an association, other than a government agency.

We take the disclosure of your Personal Data seriously and will only share it in a responsible manner with selected NGEs. We will NOT share your personal data with other NGEs without your consent except where such sharing complies with the law. For example, we may share your Personal Data with:

1. Authorised service providers such as outsourced vendors and contractors;
2. Partners (such as the Changi Airport Group) to improve efficiency, security and to optimise passenger flow at the airports;
3. Individuals authorised to act on behalf of another such as a person having power of attorney or lasting power of attorney or a Court Order;
4. Next-of-kin, where such disclosure is necessary in the vital interests of an injured, ill or deceased individual;
5. Foreign authorities, international task forces, organisations, or intergovernmental bodies to fight transnational crime, or sharing data with foreign authorities in the event of a crisis or disaster abroad to provide assistance to overseas Singaporeans. 

Our data storage facilities are in Singapore. We do not transfer Personal Data overseas unless in the following circumstances:

1. The data transfer is necessary in the vital interests of individuals (such as to respond to an emergency that threatens the life, health or safety of an individual) or in the national interest, and reasonable steps are taken to ensure that the Personal Data will not be used or disclosed by the overseas recipient for any other purpose; or
2. The overseas recipient is bound by legally enforceable obligations, or Memoranda of Understanding or the Government’s Instruction Manual to provide the transferred Personal Data a standard of protection comparable to that of the Singapore Government’s Instruction Manual; or
3. You consent to the transfer of your Personal Data after being informed about how your Personal Data will be protected in the destination country; or
4. The transfer is reasonably necessary for the conclusion or performance of a contract between ICA (or the Singapore Government) and you, including the transfer to a third party organisation (deemed consent by contractual necessity); or
5. The Personal Data is publicly available in Singapore.

ICA retains your Personal Data for as long as required:

1. under any relevant legislation requiring data to be retained;
2. to fulfil the purpose for which it was collected; and/or
3. for official government purposes. 

If you would like to request for access to your Personal Data which you have earlier provided to ICA or information about the ways in which the Personal Data you have provided has been used or disclosed by ICA, please use the Feedback Form.

ICA may charge an access fee to cover the reasonable cost of retrieving the information and supplying it to you. We may deny your request for access to Personal Data in accordance with the Government Instruction Manual if certain exceptions apply.

We take reasonable efforts to ensure that the Personal Data ICA collects is accurate and complete. For your convenience, we may also display to you or auto populate data you had previously supplied us or other Government Agencies. This will speed up the transaction and save you the trouble of repeating previous submissions. To assist ICA in keeping its records up-to-date, it is important that you inform ICA of any changes to your Personal Data via ICA’s digital services (where applicable) or in writing. If you would like to correct any inaccuracies in your Personal Data, please use the Feedback Form. To report change of residential address, please use the “e-Services and Forms” service on ICA’s website.

Please note that data privacy regulations/rules in Singapore do not provide individuals the right to request for data erasure or deletion. ICA, however, will cease to retain your personal data where retention is no longer necessary to fulfil the purpose(s) for which the personal data was collected for, or no longer necessary for official government purposes.

General

ICA takes reasonable technical, physical and organisational security measures to ensure that your Personal Data is protected. This includes measures to prevent Personal Data from being lost, used or accessed in an unauthorised way. We limit access to your Personal Data to our employees on a need-to-know basis. Those processing your Personal Data will only do so in an authorised manner and are required to treat your information with confidentiality. Our data security measures are guided by the Singapore Government’s Instruction Manual on Infocomm Technology & Smart Systems Management. You may visit the Ministry of Digital Development and Information (MDDI) webpage to read more about the Singapore Government’s key data protection policies.

Our authorised Third Parties are required to comply with data security requirements to safeguard data. You may visit the same MDDI webpage as stated above to read about the key policies of the Singapore Government’s Third-Party Management Framework.

Our digital services may contain links to non-Government digital services or websites for your convenience and information. If you follow a link to any of these websites, please note that these websites have their own privacy practices. We do not accept any responsibility or liability for your use of these digital services or websites, and we encourage you to review the privacy notices of these digital services or websites before use.

Biometrics

Layers of security measures are in place to protect your biometric data. They include technical measures such as encryption and system access controls to ensure only authorised users can access the databases. Administrative controls in the form of audit checks are in place to ensure security compliance.

The use of biometrics also adheres strictly to the data minimisation principle, where the granularity of biometric data needed to achieve the purpose of a use case is carefully considered before deployment. This means that the use of biometric templates (which are strings of codes or compact representations of the original, raw biometrics which cannot be reverse-engineered to the raw biometric form) are always prioritised over the use of raw biometrics, where sufficient for the use case.

ICA will only collect or use your biometrics where there is a legal basis for doing so (e.g. to fulfil a statutory function authorised under law). For more information, you may refer to Sections 1 and 2 of this Privacy Statement on the Collection and Use of Personal Data.

We may amend this Privacy Statement from time to time. The current version of the Privacy Statement will be accessible on our website and mobile application; and date stamped at the bottom of the page so that you are aware of when the Privacy Statement was last updated. Please review this Privacy Statement when you use our website, app or other services.

If you have feedback, enquiries, or requests relating to this Privacy Statement, please contact ICA via the Feedback Form.