What Is PDPA And What Are The 5 Things You Should Know About

What Is PDPA And What Are The 5 Things You Should Know About

Starting from 2 July 2014, the data protection obligations under the Personal Data Protection Act 2012 (PDPA) will allow you to protect your personal data collected, used, and disclosed by private organizations.

A national Do Not Call (DNC) Registry has also been set up for you to register your Singapore telephone number if you do not wish to receive telemarketing messages from organizations.

What is PDPA’s benefits?

1. Gives you more control over your personal data.
2. Allows you to access and correct your personal data.
3. Lets you reduce unwanted telemarketing messages received.

What is Personal Data?

Any data that is about you may be considered personal data.

Personal data under the what is PDPA may include the following:

• Full name
• NRIC, or passport number
• Photograph or video image of an individual
• Mobile telephone number
• Personal email address
• Thumbprint
• Name and

Do note that contact information you provide for business purposes (also known as business contact information) is not covered under the data protection obligations. This can include your name, designation, business telephone number/ address/email address/fax number and any other similar information about you.

Also read: Unsolicited Electronic Messages Act Means for Businesses

How does what is PDPA apply to you?

With the introduction of what is PDPA, you can decide which organisation can collect your data, how it is to be used and whether it can be disclosed. What is PDPA covers all electronic and non-electronic personal data, regardless of whether the personal data is true or false.

You, too, have a responsibility to protect your own personal data. By being careful in managing your personal data, you can reduce the risks of misuse of your personal data.

Here are some things you should consider:

Providing Consent: Organisations will have to let you know why they are asking you for your personal data and obtain your consent before collecting, using, or disclosing your personal data. If you willingly provide your personal data for a particular purpose, you may also be allowing organizations to collect, use, or disclose your personal data. This is known as “deemed consent”.

Knowing What Personal Data to Provide: Sometimes, it may not be necessary for you to provide your personal data. Organizations cannot force you to agree to the collection, use, or disclosure of personal data beyond what is reasonable to provide a product or service to you.

Withdrawing Consent: You may tell an organisation to stop collecting, using or disclosing your personal data. The organisation should inform you of the likely consequences of your withdrawal before processing the request. However, the organisation is not required to delete or destroy your personal data and may retain it for as long as there are business or legal needs.

Requesting Access: You may request to see the personal data that an organization has about you. You can also check how your personal data has or may have been used or disclosed in the past year. Do note that organizations may levy an administrative fee for each access request or reject the request if it is considered frivolous.

Organisations also cannot grant access if giving you the personal data could:

• Cause immediate or serious harm to your safety or physical/mental health;
• Threaten the safety or physical/mental health of someone else;
• Reveal someone else’s personal data;
• Reveal the identity of the person who provided your personal data; or
• Be contrary to the national interest.

Requesting Correction: You may request to correct an error or omission in your personal data held by the organization. Unless the organization has a valid reason not to make the correction, it should correct the data and send it to organizations that have received it in the past year or if you agree, only to specific organizations to which the personal data was disclosed.

How can you find out more information about what is PDPA?

Please visit the Personal Data Protection Commission (PDPC) website at www.pdpc.gov.sg for more information about what is PDPA and how you can protect your personal data.

Also read: 5 Simple Instructions on How to Access Request Form PDF