Discover PDPA - PDPA Singapore Checklist to Comply PDPA: The Complete PDPA Compliance Guide for Business & Companies in Singapore

PDPA Overview: What You Should Know about the Personal Data Protection Act.

Advisory Guidelines on PDPA
Advisory Guidelines on PDPA
Personal Data is any set of data provided for the purpose of identification of a person normally used in a
Advisory Guidelines on PDPA
Advisory Guidelines on PDPA
Welcome to the Advisory Guidelines on Singapore Personal Data Protection Act. The following resource is compiled by PDPC to serve
Understand what is a data breach and the sources of data breach | Understanding PDPA Data Breach
Are you PDPA Ready? PDPA Livestream - Learn more about PDPA here!
PDPA Compliance Checklist
PDPA Compliance Checklist
Key Components of PDPA The Personal Data Protection Act (Singapore) was introduced since 2014, this video gives you a brief
Protection of Personal Data is an important topic that can be over looked by many organisations because there is little

Get Acquainted with the Personal Data Protection Act

About the Personal Data Protection Act

The first thing one need to know as a Data Protection Officer (DPO) is the Personal Data Protection Act (PDPA). It is a legislative and mandatory requirement for all organisations in Singapore. It was passed in Singapore in 2012 and has been further enforced from 01 Sep 2019 with new guidelines.

The Personal Data Protection Commission (PDPC) is the main Authority in Singapore for matters relating to Personal Data Protection. It also In charge of administering and enforcing the PDPA; to protect the rights of individuals and formulate policies and guidelines for organisations for protection of personal data.

There are 3 key provisions of the PDPA.

They are as follows:
1. Do-Not-Call Advisory Guidelines
2. NRIC Advisory Guidelines
3. Nine Obligations

DPOs need to know where to find information about PDPA.

Learn more about PDPA in Singapore here!


Overview of PDPA - PDPA Implementation & Compliance for Companies and Businesses

Objectives of PDPA

Management of Personal Data & Analysis of Personal Data through Technology

Today, vast amounts of personal data are collected, used and even transferred to third party organisations for a variety of reasons. This trend is expected to grow exponentially as the processing and analysis of large amounts of personal data becomes possible with increasingly sophisticated technology.


Collection, Use & Disclosure of Personal Data

With such a trend comes growing concerns from individuals about how their personal data is being used. Hence, a data protection regime to govern the collection, use and disclosure of personal data is necessary to address these concerns and to maintain individuals’ trust in organisations that manage data.

The need to regulate the flow of Personal Data

By regulating the flow of personal data among organisations, the PDPA also aims to strengthen and entrench Singapore’s competitiveness and position as a trusted, world-class hub for businesses.

How does the Personal Data Protection Act work?

The PDPA will ensure a baseline standard of protection for personal data across the economy by complementing sector-specific legislative and regulatory frameworks. This means that organisations will have to comply with the PDPA as well as the common law and other relevant laws that are applied to the specific industry that they belong to, when handling personal data in their possession. 

The PDPA takes into account the following concepts:


Organisations may collect, use or disclose personal data only with the individual’s knowledge and consent (with some exceptions).


Organisations may collect, use or disclose personal data in an appropriate manner for the circumstances, and only if they have informed the individual of purposes for the collection, use or disclosure.


Organisations may collect, use or disclose personal data only for purposes that would be considered appropriate to a reasonable person in the given circumstances.