Data Protection

Personal Data Protection Act 2012 (PDPA 2012) defines personal data as “… data, whether true or not, about an individual who can be identified from that data, or from that data or other information to which the organisation has or is likely to have access”.

Personal Data Protection 

Personal Data is any data where the identity of a person can be ascertained. It can be any information that relates to the identity of a person. This information can be direct or indirect or it can be a collection of data which leads to the identification of a specific person. All factors in the data should lead to the identification of an individual to constitute to be personal data.

Technology these days generate a great amount of data about any individual through online transactions like credit card payments or account opening, and a business will need the consent to collect, use or disclose personal data.

Where personal data is anonymised, encrypted, de-identified, pseudonymised or hidden in any way but a person can still be identified, it is still considered personal data. However, if the personal data has been anonymised such that the anonymization is irreversible and the individual is no longer identifiable, such data is no longer personal data.

In Singapore, the Personal Data Protection Act 2012 (PDPA 2012) defines personal data as “… data, whether true or not, about an individual who can be identified from that data, or from that data or other information to which the organisation has or is likely to have access”.

In neighbouring countries, similar legislations have been enacted.

  • Malaysia – The Personal Data Protection Act 2010 (Act 709)
  • Hong Kong – The Personal Data (Privacy) Ordinance (Cap. 486) (Ordinance)
  • Thailand – The Personal Data Protection Act, B.E. 2562 (2019)
  • Philippines – Data Privacy Act of 2012
  • Vietnam – Law on Cybersecurity
  • Indonesia’s data privacy legislation is a combination of the Electronic Information and Transactions (EIT) Law (Law No. 11 of 2008), Amendment (Law No. 19 of 2016), Regulation No. 82 of 2012 (Reg. 82) and Regulation No. 20 of 2016 (the MOCI Regulation) 
 
Advisorly’s Data Specialist

Advisorly’s data specialist have the highest certifications and experience required to assist with your organisation’s requirements to comply with The Personal Data Protection Act 2012 in Singapore (PDPA 2012) and all other data privacy legislations in the region. 
Our data specialist currently advises on a wide spectrum of countries including:
Singapore; Malaysia; Philippines; Indonesia; Thailand; Vietnam; Hong Kong; Australia

Advisorly's data protection compliance services include:

  • Review of business flow and processes
  • Drafting and implementation of internal manuals and policies
  • Data privacy audits
  • General consultancy and training

Let our experience be your company’s guide 

Get your first consultation

WhatsApp WhatsApp us