For organisations, businesses, MCSTs, and Non-profits in Singapore that want to save time and resources on their PDPA compliance.
As Featured On
Under the Personal Data Protection Act (PDPA), all organisations in Singapore are mandated to appoint a Data Protection Officer. Non-compliance is a chargeable offence.
Outsourced Data Protection Officer Scope Of Work
What we do for our clients (annual coverage)
DPO Filing in ACRA Bizfile+
We'll guide you through the process of registering your appointed DPO in ACRA Bizfile+
Surprise Audits
Bi-annual company review/risk assessment on business processes and audit.
Data Protection Management Program (DPMP)
Develop data handling, retention policies and Data Protection Management Programme
Privacy Policy
Review of corporate website data collection and PDPA compliant Privacy Policy
DPO Group Email
Be part of DPO group email to answer any Data Protection related queries
Awareness Update
Weekly newsletter on the latest PDPA breaches and regulations
E-Learning Training
PDPC corporate e-learning with assessment tracking for employees
Ongoing DPO Support
Ongoing data protection support for specific business questions
1-on-1 Account Manager
Every client is assigned an Account Manager for exclusive PDPA related support, technical issues and faster responses. We can be reached through WhatsApp or email regarding issues or advisory anytime.
Wait... There's More!
Leaked Passwords Check
Check if business emails have any leaked accounts and passwords on the deep/dark web
Email Phishing Campaign
Perform a random email phishing campaign to test employees' cyber awareness
24/7 Email Blacklist Monitoring
24/7 business email blacklist monitoring on SPAM / blacklist databases
24/7 Website Defacement Monitoring
24/7 monitoring of corporate website and alert management when we detect defacement
Email Spoofing Test
Perform an email spoofing vulnerability test on business domain
Dedicated WhatsApp Chat
A dedicated WhatsApp groupchat for faster communication and coordination
Plus!..
S$1 Million Insurance Coverage
Our outsourced Data Protection Officer services are covered by S$1 Million professional Indemnity insurance. Be assured of top quality service with insurance covering our work rendered to clients.
Our Certifications
Master DPO Team
Andy Prakash
CEO, Master DPO
Singapore
Core Skills: DPO-as-a-Service, Risk Management, IT Security Consultancy
Sub Skills: Policy Development, DevOps
- Over 8 years of experience in the software development, project management and cybersecurity field
- Operational and leadership roles
- Currently appointed as the Data Protection Officer (DPO) for over 300 organizations, businesses and MCSTs in Singapore
- Involved in compliance assessments and GAP analysis, eKYC system testing, vulnerability assessment & penetration testing
- Consulted and managed the software development for over 30 software projects
- Co-founded Singapore’s first Bug Bounty platform, AntiHACK.me
- Developed the company’s own email phishing simulation software
- Practitioner Certificate in Data Protection (Singapore)
- Given speeches and conducted masterclasses for ACE startups, co-working spaces, Chamber of Commerce
- Conducted live hacking demonstrations to showcase dangers of the cyber world at events like Echelon by e27
- Invited to speak at Interpol World event
-  Featured on Business Insider, Yahoo News, Channel News Asia, The Straits Times, Channel 8, Lian He Zao Bao, Berita Harian, radio talk show on data protection, hacks, scams and cyber security
- Some key clients: Marina Bay Holdings Group, Curtin University, Marché Mövenpick, Adam Khoo Learning Technologies Group, Astons Group, Civil Service Club Singapore, J&T Express, A*Star Research, Epitex International
Dexter Ng
CTO, Master DPO
Singapore / Thailand
Core Skills: CTO-as-a-Service, Risk Management, IT Security Consultancy
Sub Skills: DevSecOps, OSINT
- Over 12 years of experience in the software development, project management and cybersecurity field
- Strategic and leadership roles
- Currently appointed as the Chief Technology Officer (CTO) for companies globally
- Worked with multiple start-ups to provide leading edge ideas and technologies, technical development, business consulting, project management and cybersecurity/data protection
- Started Singapore’s first Bug Bounty platform, AntiHACK.me
- Created Singapore’s first cybersecurity insurance bundle together with data protection in Singapore
- Started Singapore’s first iOS mobile application development company
- Cybersecurity and data protection speak at Google event, Singapore Government SMART NATION, CEBIT, Mindef Maritime defence, e27 and more
- Featured on Channel News Asia, MoneyFM 89.3 Radio, Business Times, Straits Times, AsiaOne , Newpaper, Edge magazine and also Hardwarezone Magazine on cybersecurity
- Some key clients: Temasek Club, NETS, SPIZE, PropertyGuru.com.sg, Club21, Starhub, NTUC (Nebo), Health Promotional Board, Marlboro, Gelato Ice Cream, Bali Thai, Hotel 81, Vhotel
Sanjeev Gathani
Master DPO
Singapore
Core Skills: DPO-as-a-Service, Governance Risk Compliance (GRC), Cyber Incident Response
Sub Skills: AML/CTF, TBF, ABC, GDPR
- Over 20 years of experience in the GRC space
- Accomplished speaker, facilitator and invited to speak at conferences both locally and internationally
- Certified Information Privacy Manager (CIPM, USA), Practitioner Certificate in Data Protection (Singapore), Certified Data Protection Officer (Indonesia), Integrated Data Privacy Professional (IDPP, USA)
- Certified Compliance Professional (IABFM), Governance, Risk, Compliance Management (IABFM)
- Professional Certificate in Financial Control and Governance (Singapore), Governance Risk Compliance Professional (GRCP, USA) Governance Risk Compliance Auditor (GRCA, USA), Certified Internal Controls Professional (CICP, USA)
- Certified in Enterprise Risk Governance (CERG, ERMA), Certified Fraud Examiner (CFE), License Private Investigator (Singapore), Certified Anti-Money Laundering Specialist (ACAMS), ICA Advanced Certificate in Regulatory Compliance (Financial Crime) with Merit
- Certified Cyber Risk Officer (CCRO, ICTTF, UK), Cyber Incident Planning and Response (CIPR, UK)
- Some key clients: SKF, OSIM, MIDS, NUS, BNP, HSBC, Citibank, Well Fargo, UOB, JP Morgan, Morgan Stantely, Casino Regulatory Authority of Singapore, Ministry of Finance, Ministry of Law, Singapore Police Force, IJM, National Semiconductor, Chemical Company of Malaysia Berhad, Institute of Internal Auditors Malaysia, Brunei Investment Agency, Bank Baiduri Berhad, Habib Bank, Royal Brunei Airlines
- Featured in Business Times (Singapore), Borneo Bulletin and Brunei Times
Let us help you out.
Appointing a DPO is Mandatory in Singapore
All organisations, including sole proprietorships, are required to designate at least one person, a Data Protection Officer (DPO), to be responsible for ensuring that the organisation complies with the PDPA.
Organisations are also required to ensure that at least one DPO’s business contact information is made available to the public. The business contact information may be a general telephone or email address of the organisation.
The DPO may be a person whose scope of work solely relates to data protection or a person in the organisation who takes on this role as one of his multiple responsibilities.
It has been seen from past enforcement cases that Organisations that failed to appoint a Data Protection Officer have had financial penalties ranging from $5000 to $20,000.
Our Approach
DPO-As-A-Service
Trusted by hundreds of businesses
- A data protection and PDPA expert is officially registered with ACRA to be your DPO.
- Our experts are certified in the PDPA’s data protection obligations and value add with cybersecurity expertise
- The outsourced DPO contact details are published on your organisation’s website and ACRA registry
Organisations are required to designate at least one individual, known as the data protection officer (DPO), to oversee the data protection responsibilities within the organisation and ensure compliance with the PDPA.
- Bi-annual surprise audit to ensure employees handling personal data adhere to SOPs
- Data protection expert support for specific business questions
- Outsourced DPO as contact channel for data privacy queries and complaints from individuals or authorities.
- Liaise with the PDPC to respond to new regulatory requirements.
- Drafting of required data protection policies, agreements and procedures.
- Review and definition of required data protection policies and procedures.
- Integration of defined procedures into daily business routine.
Under the Personal Data Protection Act 2012 (PDPA), organisations are required to develop and implement policies and practices that are necessary to meet its obligations under the PDPA.
- Creation of Data Inventory Maps (DIM)
- Risk assessment and mitigation recommendations from quarterly audit results.
- Develop organization’s data breach management plan
- Corporate E-learning with assessment tracking for employees
- Monthly emailer on latest PDPA breaches and regulations
Review your organisation’s data management framework and processes to align them with the PDPA, for example, determining how, when and where your organisation collects personal data, the purposes for the data collection, and ensuring that consent has been obtained for the collection, use and disclosure of the data. In the unlikely event of a data breach still happening, a systematic data breach management plan will be utilized.
Appointed by Over 250 Organizations
Whether you’re a big MNC, a local SME, or even a non-for-profit organization – we are happy to work with you
View more
MCST Properties We Serve
And More..
All third party trademarks (including logos and icons) referenced remain the property of their respective owners.
Testimonials
Privacy Ninja's outsourced DPO service came at the perfect time while we were scaling our business. The DPOaaS engagement gelled seamlessly into our operations, saving us time and resources on our PDPA compliance, while we focused on growing.
CHERILYN TAN Founder, Tessaract.io 
Appointing Privacy Ninja as our outsourced DPO has been a good decision, with the guidance & knowledge they bring. We especially appreciate Andy’s dedication in helping us with our data protection initiatives. In short, Privacy Ninja’s offering provides great value!
ANDREW YAPCEO, InnoProbe Insight 
With more and more businesses no longer just being conducted physically, but have now shifted to online, having a reliable partner that takes care of your security needs is a must. And I am glad that while we make sales out there, DPO service keeps us safe all the time.
PADDY TANManaging Partner, BlackStorm Consulting 
When we started with Privacy Ninja’s DPO Service, they provided us with a step-by-step package to ensure we comply with all the government’s regulations. Their response to our queries is quick and insightful. Using their service allows our organisation to focus on other areas of the business.
CLARENCE GOHHead of IT, Global Education Institution 
Previous
Next
