How we collect, use, and protect personal data under Singapore PDPA.
Last updated: 1 January 2026
AI Executive Institute Pte. Ltd. ("AEI", "we", "us", "our") respects your privacy and is committed to protecting personal data in accordance with the Personal Data Protection Act 2012 ("PDPA") of Singapore and related guidance issued by the Personal Data Protection Commission ("PDPC"). This Privacy Policy explains what personal data we collect, why we collect it, how we use and disclose it, how long we retain it, and your rights as an individual.
This policy applies to personal data collected through aiexecutiveinstitute.pro, enrolment processes, corporate contracts, email and telephone communications, in-person institute sessions at 50 Raffles Place, and related executive education activities. By using our website, submitting forms, or enrolling in programmes, you acknowledge this policy. Where we require explicit consent — for example, marketing communications or non-essential cookies — we request it separately and do not pre-check consent boxes on contact forms.
The data controller is AI Executive Institute Pte. Ltd., UEN 202914673R, registered address: 50 Raffles Place, #17-02, Singapore Land Tower, Singapore 048623. Data Protection Contact: [email protected]. General enquiries: [email protected] | +65 6532 4401.
AEI provides executive education in AI strategy, generative AI governance, and transformation leadership for senior managers and directors. We are not a medical institute, hospital, or degree-granting university. Personal data we process typically relates to professional identities — corporate email addresses, job titles, employer names, and programme preferences — rather than sensitive health records or academic transcript verification for university admission. If you choose to disclose sensitive information in free-text messages, we will handle it with additional care and limit use to responding to your enquiry unless separate consent is obtained.
When you complete our contact form, register for programmes, or correspond with programme directors, we may collect: full name; work email address; telephone number; job title and employer; subject and message content; programme interests; billing and invoicing details for corporate clients; dietary or accessibility requirements for in-person events (where voluntarily provided); and PDPA consent records including timestamp and IP-derived metadata where logged.
When you browse our website, we may automatically collect: IP address and approximate geographic location; browser type and device identifiers; pages viewed, time spent, and referral URLs; cookie and local storage identifiers as described in our Cookie Policy; and security logs related to form submissions and bot mitigation including honeypot field triggers silently discarded by our systems.
Corporate sponsors may provide participant lists for private cohort registration. We require sponsors to have authority to share such data. Payment processors may confirm transaction status without storing full card details on our servers when card payments are enabled.
We collect and use personal data for purposes including:
We do not sell personal data. We do not use your data to offer medical diagnoses, unaccredited degree credentials, or guaranteed employment outcomes.
Under the PDPA, we rely on: consent (contact form PDPA checkbox, marketing opt-in, optional analytics cookies); contractual necessity (delivering enrolled programmes and corporate contracts); legal obligation (financial and regulatory record-keeping); and legitimate interests (website security, aggregated service improvement) balanced against your rights. You may withdraw consent for marketing or optional analytics without affecting core enquiry responses, though we may still retain data required by law.
We may disclose personal data to:
International transfers, if any, are conducted with appropriate protections such as contractual clauses or vendor certifications. Contact [email protected] for transfer details relevant to your data.
We retain personal data only as long as necessary for the purposes collected. Indicative periods: contact form submissions — up to twenty-four months unless an enrolment relationship continues; enrolment and certificate records — up to seven years for business and legal compliance; marketing suppression lists — indefinitely to honour opt-out; security logs — up to twelve months unless investigation requires longer retention. Aggregated analytics devoid of identifiers may be retained indefinitely.
We implement reasonable administrative, technical, and physical safeguards including access controls for staff, secure hosting, form honeypot fields, input sanitisation on server-side processing in send.php, and limited access to mailbox destinations. No method of transmission over the Internet is completely secure; executives should avoid sending confidential trade secrets via unsecured web forms and may request alternate secure channels for sensitive corporate materials.
Subject to exceptions in the PDPA, you have the right to:
Submit requests to [email protected] with sufficient identity verification. We respond within thirty days in most cases, or inform you if an extension is required.
We send marketing emails only with consent or where permitted for similar institute services to existing clients. Each message includes an unsubscribe mechanism. Unsubscribing does not affect transactional emails about enrolled programmes or legal notices.
Cookie use is detailed in our Cookie Policy. Non-essential cookies activate only after banner consent. You may change preferences by clearing browser storage or revisiting the banner when it reappears after six months.
Our institute serves senior executives and corporate clients. Services are not directed at individuals under eighteen. We do not knowingly collect data from minors. University students seeking accredited degrees should contact accredited academic institutions — not AEI.
We do not make solely automated decisions with legal or similarly significant effects on individuals. Form spam filtering may automatedly discard honeypot submissions without human review.
If a notifiable data breach occurs under PDPA requirements, we will assess impact, take containment steps, notify PDPC and affected individuals where required, and document remedial actions.
Our site may link to external resources. Their privacy practices are independent. Review their policies before providing personal data.
We may update this policy for legal, operational, or technological reasons. Material changes appear on this page with a revised date. Significant changes affecting enrolled clients may also be communicated by email where appropriate.
Privacy enquiries: [email protected]
Postal: Data Protection Officer, AI Executive Institute Pte. Ltd., 50 Raffles Place, #17-02, Singapore Land Tower, Singapore 048623
PDPC: Personal Data Protection Commission, Singapore — www.pdpc.gov.sg
When your employer sponsors a private cohort or corporate institute briefing, we process participant lists under instructions aligned with your organisation's HR or learning-and-development policies. Sponsors must confirm they have authority to share colleague names, work emails, and job titles. We use sponsor-provided data solely to deliver contracted institute services, issue certificates, and provide completion summaries agreed in statements of work. Sponsors should not submit special-category personal data unless strictly necessary and lawfully permitted.
Where telephone marketing applies, we check Singapore Do Not Call Registry requirements before promotional calls to Singapore numbers unless an exception applies under PDPA. Email marketing relies on documented consent or permissible existing-client channels as described in Section 10.
We maintain records of PDPA consent checkboxes submitted via contact forms, including approximate timestamp and originating page. Consent records help demonstrate compliance during audits and support your withdrawal requests. Consent logs are retained according to Section 7 retention schedules.
You are responsible for ensuring enquiry and enrolment information is accurate. We may verify corporate email domains and employer names to prevent misrepresentation. False identity or impersonation of other executives may result in rejected enrolment and referral to authorities where appropriate.
We may produce anonymised statistics about programme participation trends — for example, industry mix of cohorts — without identifying individuals. Aggregated reports may inform curriculum updates and are not sold as personal data products to unrelated third parties.