Be aware of scammers impersonating as IMDA officers. Government officials will NEVER call you to transfer money, disclose bank log-in details or request for your personal information. For scam-related advice, please call the ScamShield Helpline at 1799 or go to www.ScamShield.gov.sg.

  1. Architects of SG's Digital Future
  2. How We Can Help
  3. APEC Cross-Border Privacy Rules (CBPR) System
  4. Directory of APEC Cross Border Privacy Rules (CBPR) Certified Organisations

Directory of APEC CBPR certified organisations

Cross Border Privacy Rules

Only organisations certified by IMDA are allowed to display the APEC CBPR logo, ensuring compliance with data privacy regulations.

Organisation name BytePlus Pte. Ltd.
Organisation contact Clark Yang
Privacy statement Visit here
Certification scope
  • Customer data collected online for account registration and purchases of cloud services on BytePlus platform
Certification Validity Period Aug 2025 – Aug 2026

Organisation name Cloud Intelligence (Singapore) Holding Pte Ltd
Organisation contact Irene Wang
Privacy statement Visit here
Certification scope

Customer data collected online for account registration and purchases of cloud services on Alibaba Cloud Platform by the subsidiaries of Cloud Intelligence (Singapore) Holding Private Limited

  • Alibaba Cloud (Singapore) Private Limited and
  • Alibaba Cloud (Malaysia) Sdn. Bhd.
Certification Validity Period July 2025 – July 2026

Organisation name CrimsonLogic Pte Ltd
Organisation contact Lim Hsiao Kang
Privacy statement Visit here
Certification scope
  • Employee/Prospective Employee and Customer/Prospective Customer collected online and offline for CrimsonLogic Pte Ltd and its Singapore subsidiary, CrimsonLogic eTrade (Asia) Pte Ltd
Initial certification date Apr 2020
Certification validity period Apr 2025 – Apr 2026

Organisation name Lark Technologies Pte. Ltd.
Organisation contact Lim Ming Lun
Privacy statement Visit here
Certification scope
  • Customers/Prospective Customers' data collected and processed by Lark Technologies Pte. Ltd. and their affiliates (Lark Enterprise Applications Inc (US) and Lark Japan KK)
Initial certification date Oct 2022
Certification validity period Oct 2025 – Oct 2026

Organisation name NEC Asia Pacific Pte Ltd
Organisation contact Eddie Lai
Privacy statement Visit here
Certification scope
  • Employees, job applicants and visitors' personal data collected and processed by NEC Asia Pacific Pte Ltd
Certification validity period Sep 2025 – Sep 2026

Organisation name Oversea-Chinese Banking Corporation Limited
Organisation contact Wijaya Abori
Privacy statement Visit here
Certification scope
  • Employees, job applicants and customer’s data collected and processed by Oversea-Chinese Banking Corporation Limited
Initial certification date Nov 2024
Certification validity period Nov 2025 – Nov 2026

Organisation name Shopline Commerce Ptd. Ltd.
Organisation contact Stephanie Chen
Privacy statement Visit here
Certification scope
  • Employees' data collected and processed by Shopline Commerce Pte. Ltd.
Initial certification date Dec 2023
Certification validity period Dec 2024 – Nov 2025

Organisation name Singapore Life Ltd
Organisation contact Ashley Tan Yong Hui
Privacy statement Visit here
Certification scope
  • Employees/Prospective Employees' personal data collected online and offline for HR related activities; and
  • Customers/Prospective Customers' personal data collected for financial services related activities by Singapore Life Ltd
Initial certification date Dec 2022
Certification validity period Dec 2024 – Dec 2025

Organisation name The Great Eastern Life Assurance Company Limited
Organisation contact Josephine Cheong
Privacy statement Visit here
Certification scope
  • Employees/Prospective Employees' personal data collected online and offline for HR related activities; and
  • Customers' and representatives' personal data collected for insurance related activities by The Great Eastern Life Assurance Company Limited
Initial certification date Sep 2020
Certification validity period Sep 2025 – Sep 2026

Organisation name TRS Forensics Pte Ltd
Organisation contact Tan Swee Wan
Privacy statement Visit here
Certification scope
  • Employee/Prospective Employee data collected online and offline for HR related activities; and
  • Customer data collected by TRS Forensics Pte Ltd and its affiliate (TRS Forensics Sdn Bhd)
Initial certification date May 2021
Certification validity period May 2025 – May 2026

Organisation name Xiaomi Technologies Singapore Pte Ltd
Organisation contact Celia Wu
Privacy statement Visit here
Certification scope
  • Processing of customer personal data collected during Xiaomi account registration or through the use of Xiaomi digital services, including mobile phone applications, E-commerce services, and IoT Ecosystem products.
Certification validity period Oct 2025 – Oct 2026
Explore related tags

LAST UPDATED: 27 NOV 2025

Explore more

Related Programmes

BCA-IMDA Green Mark for Data Centres Scheme
Programme +2
  • Digital Solution
  • Certification

BCA-IMDA Green Mark for Data Centres Scheme

BCA and IMDA's Green Mark scheme recognises data centers excelling in green practices and energy performance, allowing them to...

APEC Cross-Border Privacy Rules (CBPR) System
Programme +1
  • Certification

APEC Cross-Border Privacy Rules (CBPR) System

The CBPR System applies to organisations (data controllers) that control the collection, holding, processing, or use of...

Establishment of a Data Centre Park (DCP)
Digital Solution +1
  • Programme

Establishment of a Data Centre Park (DCP)

Set up your HQ and premium DC operations in our Data Centre Park for reliable and easy data management solutions.

View all programmes