+65 6681 6717
In response to increasing community concern about the growth in unsolicited marketing related communications, the Singapore Government introduced the Personal Data Protection Act on 1 July 2014. The primary purpose of the PDPA, is hence to balance the commercial need of organisations to use individuals’ personal data and the right of individuals to protect their personal data.
All “personal data” belonging to an individual is protected under the PDPA. Hence the following data which identifies an individual will be considered “personal data”: full name, NRIC Number, passport number, photographs and CCTV images, personal mobile telephone number, personal e-mail address, name and residential address.
There are nine important legal obligations that every organisation must comply with, constituting the core. Organisations must start to comply with these obligations from 2 July 2014. The list of obligations is as following:
1. The Consent Obligation
2. The Purpose Limitation Obligation
3. The Notification Obligation
4. The Access and Correction Obligation
5. The Accuracy Obligation
6. The Protection Obligation
7. The Retention Limitation Obligation
8. The Transfer Limitation Obligation
9. The Openness Obligation
Further details can be found at the Personal Data Protection Commission Singapore website: