The Singapore Personal Data Protection Act (PDPA) of 2012 went into effect in January 2013. It provides a baseline standard of protection for personal data in Singapore, giving "individuals" (as defined by the law) greater control over the collection, use, and disclosure of personal data by organizations.
The PDPA ensures the following rights:
- The right to be informed: Organizations are subject to several data-protection obligations under the PDPA, which require them to provide notification to the individual data subject under certain circumstances.
- The right to access: An organization must allow an individual to access their personal data in its possession or under its control upon request.
- The right to rectification: An organization must allow an individual to correct their personal data in its possession or under its control upon request.
- The right to erasure: The PDPA does not provide individuals with a standalone right to request for an organization to destroy or delete the personal data in the organization's possession or control. However, under the Retention Limitation Obligation, organizations are required to cease to retain personal data if retention of such personal data is no longer necessary for legal or business purposes.
- The right to object/opt-out: Individuals have the right to withdraw their consent to the collection, use, or disclosure of their personal data at any time by giving reasonable notice.
How Higher Logic helps your organization
- Our platforms provide compliance tools so that your organization can honor privacy-rights inquiries and data-deletion requests. Documentation on how these tools function can be found with our current GDPR resource page HERE.