REGULATIONS

PDPA (Singapore)

The PDPA is the primary personal data protection legislation of the Singapore. It regulates the processing of personal data in the private sector.

Personal Data Protection Act 2012

Personal Data Protection Act 2012

Personal Data Protection Act (PDPA), 2012 is a law of Singapore. Singapore has emerged as a business hub in Asia and this makes PDPA important for the business operating in Singapore or doing business with businesses of Singapore. This law requires Singaporean organisations to ensure that the data intermediaries (processing personal data on behalf of Singaporean businesses) comply with Singaporean laws as it imposes an obligation which makes organization’s responsible for the acts of data intermediaries.

Requirements to comply:

  • Accountability.
  • Internal and external policies.
  • Grievance redressal mechanism.
  • Mechanism to withdraw consent.
  • Purpose limitation and notification of purpose.
  • Care of personal data through maintaining Accuracy, Protection, retention of personal data.
  • Right to access, correction and preservation of copies of personal data.
  • Co-operation Agreements.
  • Notification of data breaches to the affected individuals and the Commission.
  • Duty to check register.
  • Assessment of data breach.

Non-compliance

Non-compliance with PDPA can expose organisations to a penalty up to 10% of an organisation’s annual turnover in Singapore or SGD 1 million, whichever is higher.

  • Accountability.
  • Internal and external policies.
  • Grievance redressal mechanism.
  • Mechanism to withdraw
  • consent.
  • Purpose limitation and
  • notification of purpose.
  • Care of personal data through
  • maintaining Accuracy, Protection, retention of personal data.
  • Right to access, correction and
  • preservation of copies of personal data.
  • Co-operation Agreements.
  • Notification of data breaches to
  • the affected individuals and the Commission.
  • Duty to check register.
  • Assessment of data breach.

Non-compliance

Non-compliance with PDPA can expose organisations to a penalty up to 10% of an organisation’s annual turnover in Singapore or SGD 1 million, whichever is higher.

How our privacy team can help

At Tsaaro’s, our privacy team comprises of experienced lawyers and InfoSec professionals. Together we ensure that your organisation is compliant with all regulatory requirements along with best possible technical and infrastructural solutions. We provide personalised plans to our customers to inculcate data protection by design and by default in their processes in a cost efficient manner.

  • Assess the applicable global personal data protection laws
  • (Regulatory Assessement)
  • Ensure Data Protection by Design.
  • Protection your organisation against hefty fines.
  • Improve customer and investor’s trust in your organisation.