Singapore PDPA (personal data protection act) went into effect in 2014
On 25th May 2018, Europe’s GDPR (general data protection regulation) laws were put into effect, to help guard users’ personal data which companies must store, process, and share, as and when needed.
Singapore had passed a similar law to accomplish the same in 2012 known as PDPA (personal data protection act), which went into full effect in 2014. Both laws bear some similarities and certain distinctions and were set out with similar personal and extraterritorial scopes.
However, it must be kept in mind that GDPR applies to private and public bodies, while Singapore’s Personal Data Protection Act does not include public agencies and organizations that represent public agencies within the scope. Furthermore, GDPR defines specific personal data categories while in PDPA, there is no such distinction between specific personal data categories, or between automated and non-automated data processing methods, for that matter.
GDPR vs. PDPA: Understanding Key Differences
For the most part, the Personal Data Protection Act has stricter laws as it emphasizes more on data subjects’ rights and levies heavy fines on companies that fall under non-compliance. So it is crucial to understand as a business that complying with PDPA rules will certainly help, but doesn’t make you GDPR-compliant – if you’re selling goods/services to EU customers (and vice versa), irrespective of where those customers are based originally. read more