What is the PDPA Regulation of Singapore?
Last Updated: March 18, 2020
Enacted in Singapore in 2012, the Personal Data Protection Act (PDPA) regulates how personal data can be collected and processed by companies who deal with the personal data of individuals in Singapore.
The PDPA is comprised of rules that regulate the collection, use, disclosure and storage of personal data. It seeks to protect the rights of both individuals to protect their right and the needs of companies to collect personal data for legitimate purposes.
It establishes the Do Not Call (DNC) registry and identifies what personal data is protected, who must follow it, and who is protected.
Similar to the GDPR, the PDPA has a territorial reach beyond just those companies or organizations within the country. It’s extended to those who may not have a physical presence in Singapore, but who still handle personal data of users in Singapore.