Feb 1, 2021 · This guide provides an introductory outline of key principles and considerations for organisations, especially those without any measures or tools to address specific personal …

(1) In this Act, unless the context otherwise requires — “user‑provided data”, in relation to an organisation, means personal data provided by an individual to the organisation.

Jan 29, 2025 · Under Singapore’s PDPA, the PDPC does not mandate DPIAs for all types of data processing. However, it strongly recommends them in situations where the processing may …

The PDPA provides that an organisation must not transfer personal data to a country or territory outside Singapore except in accordance with requirements prescribed under the PDPA and …

Nov 12, 2025 · Mandatory steps for PDPA compliance in Singapore Beyond awareness of the PDPA, organisations must take proactive steps to ensure full compliance and robust data …

In Singapore, the Personal Data Protection Act 2012 (PDPA) is the main legislation governing data protection and privacy. It establishes a baseline data protection framework which applies …

May 14, 2024 · In a comprehensive guide, Singapore’s Personal Data Protection Act, or PDPA, sets out several examples of when an applicable business is required to conduct DPIA.

The questionnaire below illustrates how the DPIA lead can assess the project against a range of PDPA requirements and data protection best practices, and identify gaps or risks related to …

personal data protection as part of their training and development. After completion of the training programme, staff will be required to sign an acknowledgement form to acknowledge that they …

Some organisations base their DPIA on the threshold for Mandatory Data Breach Reporting Obligation under the PDPA, where it involves 500 records of personal data or sensitive …