Personal Data Protection Act

Definitions of Data:

“Personal data” means data, whether true or not, about an individual who can be identified from that data or from that data and other information to which the organisation has or is likely to have access.

Main Focus of Document:

Governs the collection, use and disclosure of personal data by private sector organisations.

Target Beneficiaries or Sectors:

n/a

Key Elements:

The Personal Data Protection Act (PDPA) sets a baseline standard for data protection in the private sector. It strikes a balance between the need to protect individuals’ personal data and private organisations’ need to collect, use and disclose personal data for legitimate and reasonable purposes. The PDPA contains Data Protection Provisions which govern the collection, use and disclosure of personal data by organisations; and Do Not Call Provisions which govern the sending of telemarketing messages to Singapore telephone numbers. The Act also provides for the Personal Data Protection Commission to administer the Act.