Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

A guide to Singapore’s Do Not Call Registry

Do not call registry
A guide to Singapore’s Do Not Call Registry for Organizations

The Do Not Call Registry of Singapore

In 2020, it has been estimated that there are 4.65 million smartphone users in Singapore or more than 90% of its population. With this number, as a means of prospecting customers, Singapore companies continue to rely on cold calling and telemarketing strategies to boost their sales and reach as many people as possible. With companies using phone or telephone numbers to do this, organizations are directed to pay attention to subsisting data protection laws regulating the use of these personal data for marketing purposes or face a hefty fine. 

This article is a guide for businesses to comply with relevant regulations, especially when using personal data to employ telemarketing strategies for marketing and promotion of a product or service. 

Also Read: Data Protection Act of Singapore: Validity in the Post-pandemic World

Do Not Call Registry in Singapore, explained

The Do Not Call (DNC) Registry in Singapore is a database where people input their telephone numbers and mobile numbers to opt them out from telemarketing gimmicks and other unsolicited marketing calls and messages.

These marketing messages generally refer to messages used for advertising or promoting goods, services, suppliers, or suppliers of such goods and services. This further extends to the advertising and promotion of interests in land or business and investment. 

With the DNC registry, organizations are no longer allowed to send marketing messages to registered mobile and phone numbers. This provision also applies to sending telemarketing strategies to smartphone applications such as WhatsApp and other messaging platforms. 

There is an exception, however, to this rule. When messages are sent for market research surveys, charity drives, and religious purposes with whom the receiver has an ongoing relationship, an organization can send a message through personal numbers even though it is registered in the DNC registry. 

Furthermore, business-to-business marketing calls and messages is not covered by the DNC provisions. If an individual uses his mobile number as his personal and business phone number, he may still legally receive B2B marketing calls and messages from businesses. 

do not call registry
Do Not Call Registry compliance for Organizations

When do organizations need to check the DNC Registry?

Under the Personal Data Protection Act (PDPA), organizations must check their call lists with those registered under the DNC registry prior to any marketing activities. There are three separate DNC registries for Singapore telephone numbers: text messages, voice calls, and fax. Depending on the organization’s method, such organizations need to skim through the registry to check if any of their call lists are registered in the registry. 

To do this, organizations in Singapore need to create an account for the DNC Registry, which has a one-time fee of SGD 30 for Singaporean Organizations and SGD 60 for overseas companies. 

What are the penalties for sending telemarketing messages to numbers listed on the DNC Registry?

Sending telemarketing messages to those numbers listed on the DNC Registry without the receiver’s consent is an offense. It may be liable for fines up to SGD 1,000,000 per offense. 

As an example, the Start Zest Tuition agency and its director were made to pay a fine of fined $39,000 each after pleading guilty to 13 out of 37 charges upon sending out unsolicited telemarketing messages to those numbers listed in the DNC registry and was considered a breach on the DNC Registry provisions in the PDPA. 

The need to check the registry is considered additional compliance for Organizations that engage in B2C promotions and marketing strategies through text messages, phone calls, and even fax. With this, organizations need to conduct training for their telemarketing and sales teams to avoid breaches and pay a whopping fine. 

Also Read: National Cybersecurity Awareness Campaign of Singapore: Better Cyber Safe than Sorry



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us