• Home
• About Us
  • What We Do
  • What We Don't Do
  • Auditor General
  • Auditor's Responsibility
  • Previous Auditor Generals
  • Proactive Disclosure
  • Privacy
  • Governing Legislation
    • Useful Links
• Reports
  • Annual Reports
  • Special Reports
  • Point of Interest Reports
  • Press Releases
• Our Universe
  • Our Universe
  • Work In Progress
• Audit Process
  • Audit Process
  • Audit Terminology
• Careers
  • Why Join Our Team
  • Positions Available
  • Overseas Recruitment
  • Student Services
    • Chartered Professional Accountant
    • Certified Public Accountant
• News
• Contact Us

Privacy Notice

This Privacy Notice details our use of your personal information. 

The Office of the Auditor General of Bermuda takes your privacy seriously.  The Audit Act 1990 requires the Office of the Auditor General to keep any personal information confidential except as necessary for the purpose of any criminal or civil proceedings.  We collect the minimum amount of information necessary to perform our statutory duties. 

Please read this document carefully and contact us if you have any questions 

What do we do?

The overall statutory functions of the Office of the Auditor General of Bermuda are set out within section 6 of the Act, that set out the Office of the Auditor General is responsible for the annual audits of:-

1.   The accounts referred to in the section 101(2) of the Constitution

2.  The accounts of every Government- controlled entity whose accounts are not referred to in section 101(2) of the Constitution; and

3.   Include in every such audit a report setting forth the Auditor’s opinions in accordance with the act.  

Privacy Officer

If you have any general questions regarding this Privacy Notice or our use of your personal information please contact our Privacy Officer at: 

Privacy Officer 
Office of the Auditor General of Bermuda 
T: (441) 296-3148 
E: privacy@oagbermuda.bm   

What personal information do we use and where does it come from? 

Personal information can include things that can allow someone to identify you, either directly through your name or driver license, passport number (etc.), or indirectly through your address, phone number, date of birth or IP address (etc.).  

We may obtain your personal information from -  

• Audits of Public accounts
• You
• Third Party Individual(s) 
• Third Party Organization(s) 

Your personal data may have been provided by the organization that you work for and who we engaged in one of the circumstances listed with section 6 of our act.  We make all reasonable efforts to ensure that only such personal information as is necessary for the purpose is collected and used. 

If the personal information is obtained by any third party we ensure that such disclosures are reasonable and permitted by law.  

What is our legal condition for use? 

We only use personal information when we have the consent of the relevant individual (or their legal representative) or as otherwise permitted by law.  

What is our purpose for use? 

We use all personal information for a defined purpose. This purpose should be disclosed prior to collection unless it is obvious, required by law. 

Who has access to your personal information? 

The following individuals and/or types have access to your personal information: 

• Relevant staff  
• When relevant, auditors or other staff dealing with audits / regulatory standards; 
• IT / technical or other relevant staff who require access to perform their duties. 

These persons have access to only that personal information necessary for the discharge of their duties. 

All of the Office of the Auditor General understand that all information is confidential persons with access are under contract and understand their obligation to maintain personal information subject to conditions of confidence. 

Transfers in Bermuda / overseas? 

In Bermuda: 

• We only transfer personal information to third parties as required by law or when necessary to provide the service(s) you require; 
• We use reasonable efforts to ensure that only the personal information that is relevant and necessary is transferred; 
• All third parties who use personal information transferred by us or on our order must meet our third party transfer requirements. 

Overseas: 

• We only transfer personal information to third parties outside Bermuda as required by law, to our regulatory or when necessary to provide the service(s) you require; 
• We use reasonable efforts to ensure that only the personal information that is relevant and necessary is transferred; 
• All third parties who use personal information transferred by us or on our order must meet our third party transfer requirements including an assessment of the laws that apply in the relevant jurisdiction. 

We will not sell or rent your personal information. 

Where is your personal information stored? 

Your personal information is stored in accordance with our policies and procedures applicable to the relevant area and the sensitivity of the personal information that is used. This may be in Bermuda or if outside Bermuda, in accordance with our policy and procedures for international transfers. 

How long do we keep your personal information? 

We retain your personal information in accordance with our standard retention requirements. 

What are your rights? 

We will do all we reasonably can to assist you with any issue arising from our use of your personal information.  

Please contact our Privacy Officer if you have any questions with regard this Privacy Notice.

For information relating to the PIPA please see the website of the Privacy Commissioner at https://www.privacy.bm/.

Security 

We constantly monitor the security of our systems and we review our policies and procedures on a regular basis to ensure an appropriate level of security for all personal information that we use. 

Privacy Notice (administrative details) 

Privacy Notice No.: 2025/001 
Effective Date: 1 January 2025