Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Tailored PDPA Training To Suit Your Business


1 Days / 8 Hours

Andy Prakash

Client Office / Training Venue

650 SGD

Bank TT, Cheque, Credit Card

What’s In It For Me

  • You will gain an overview and understanding of the 9 core PDPA obligations
  • Learn on the legislative and regulatory requirements of PDPA
  • Learn how to identify existing PDPA non-compliance at the workplace
  • Regardless of which industry your organization is in, our training is crafted to meet your specific organizational needs


This tailored PDPA consultancy training course will provide you with a good overview and understanding of the PDPA and how it may be applied to the organisations for compliance. Areas covered in the training include key legislative and regulatory requirements of PDPA and how you can help ensure compliance and alignment with PDPA, as well as immediate implementable cyber hygiene practices at the workplace.

The course will be conducted using lecture slides, pop quizzes, case studies and a throughout review of a pre-training workplace audit. You will be awarded a Certificate of Completion upon successful course completion and PDPC’s corporate e-learning assessment.

Course objectives:

Who Should Attend

The suitable students for this programme are likely to be:

  • Compliance Managers or Data Protection Officers (DPOs)
  • Human Resource, Admin, IT personnel, Sales and Business Development Executive / Managers who need to be involved in data protection matters

Course Breakdown

  • What is PDPA
  • Who needs to comply
  • Collection of NRIC
  • How Data Protection Provisions Apply
  • Data Controller
  • Data Intermediary
  • Data Owner
  • Information Lifecycle
  • Data Protection Officer
  • Policy, People, Processes
  • Valid Consent
  • Deemed Consent
  • Right to Withdrawal
  • Exemptions
  • Publicly Available Data
  • Purpose Limitation Obligation
  • Notification Obligation
  • Enforcement Case Study
  • Accuracy Obligation
  • Protection Obligation
  • Administrative Measures
  • Physical Measures
  • Technical Measures
  • Enforcement Case Study  
  • Retention Limitation Obligation
  • Ceasing to Retain Personal Data
  • Enforcement Case Study    
  • Transfer Limitation Obligation
  • Requirements for Transfer of Data Overseas
  • Enforcement Case Study      
  • Access Obligation
  • Processing a Access Request
  • When Not to Provide Access
  • Correction Obligation 
  • When Not to Provide Correction
  • Formalizing a Process  
  • Accountability Obligation
  • DPO Role & Responsibilities
  • Registering your DPO with PDPC
  • Enforcement Case Study      
  • Do Not Call Provisions
  • Specific Message
  • Clear & Unambiguous Consent
  • Do Not Call Registry
  • Checking the DNC Registry
  • Sender of Specified Message
  • Requirements When Sending a Specified Message
  • Exemption Order in Brief
  • Enforcement Case Study     
  • How Data Can Be Compromised
  • Measures
  • Access Controls
  • Devices
  • Networks
  • Websites
  • Why Secured Disposal is Important
  • Disposing Electronic Data
  • Securely Disposing Electronic Data
  • Securely Disposing Physical Copies of Data
  • Live Hacking Demonstration
  • Malicious Downloads
  • Recommended Browser Settings
  • 10 Fundamental Cyber Hygiene Practices
  • Dangers of “Free” Wifi Hotspots
  • Useful Links
  • PDPA Assessment Tool for Organisations (PATO)
  • Self Assessment Report
  • Highlighting Potential Gaps
  • Recommendations & Action Plan
  • Data Protection Notice Generator
  • Generating Data Protection Notices
  • Data Inventory Map 
  • Data Flow Diagram
  • Pros & Con
  • A.R.E
  • Contain
  • Assess
  • Report
  • Evaluate
  • Notifying Relevant Stakeholders
  • Introduction
  • When to conduct a DPIA
  • Stakeholders
  • DPIA Lifecycle
  • Access
  • Planning
  • Identify Personal Data & Flows
  • Risk Assessment Framework
  • Create an Action Plan
  • Monitor Outcomes
  • Sample DPIA Questionnaire
  • What is a DPMP
  • Policy
  • People
  • Process
  • Maintenance 

Trainer Profile

Andy Prakash - OSINT Practitioner & Trainer

Andy Prakash​

Andy Prakash co-founded, Singapore’s first bug bounty platform, working with the top community of white hat hackers to identify and report vulnerabilities in businesses’ websites, mobile applications and systems.

As the Chief Information Officer, he has given speeches and conducted masterclasses for ACE startups, co-working spaces, Echelon by e27 (2019), Chamber of Commerce and even Interpol 2019.

Seeing a lapse in the Data Protection industry, he started Privacy Ninja, providing PDPA Consultancy, training, audit and Outsourced DPO services. He is the designated Data Protection Officer for numerous companies in Singapore and handles Data Protection matters on a day to day basis.

Andy is the the outsourced DPO for ongoing notable clients like Marina Bay Holdings Group, Adam Khoo Learning Technologies, Curtin University, GrandBanks and more.

He has also been featured on numerous media outlets like Channel News Asia, Channel 8 and Berita Harian, on data privacy, cyber security and its various associated topics.

Contact our sales team

Drop us your details and our sales Ninjas will get in touch in 24 hours


Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us