Yes. We process data in Sydney, Australia using Amazon Web Services (AWS). We only collect the information required to operate ICA services.

No, we never sell data.

Upon deleting your account, all data which is not necessary for ICA to fulfill their legal obligations under Papua New Guinean law, will be deleted. An encrypted copy of your data will remain in our backup archives for 30 days.

If you wish to receive a copy of the data we hold in your MICA account, please visit our Account Control page.

We restrict personnel access to system data to certified staff only.

We regularly test, assess and evaluate the effectiveness of our processes and technology.

We use encryption, firewalls and industry-best-practices to keep your data safe.

Yes. ICA and third party services are fully compliant with the GDPR.

The General Data Protection Regulation (GDPR) is a regulation designed to help citizens and residents of the European Union (EU) protect their personal data by specifying how such data may be collected, processed and stored.