Personal Data Protection Act

The Personal Data Protection Act 2012 (PDPA) establishes a data protection law that comprises various rules governing the collection, use, disclosure and care of personal data. It recognises both the rights of individuals to protect their personal data, including rights of access and correction, and the needs of organisations to collect, use or disclose personal data for legitimate and reasonable purposes.

What is the function of PDPC?

The Personal Data Protection Commission (PDPC) was established on 2 January 2013 to administer and enforce the Personal Data Protection Act 2012 (PDPA).

The PDPC will also review organisational actions in relation to data protection rules and issue decisions or directions for compliance where necessary. As the PDPA is a baseline legislation, the PDPC will work with relevant sector regulators in exercising its functions.

Beyond regulating data protection issues, the PDPC also undertakes public and sector-specific educational and outreach activities to help organisations adopt good data protection practices and to help individuals to better understand how they may protect their own personal data from misuse.

Objectives of the Personal Data Protection Act

Today, vast amounts of personal data are collected, used and even transferred to third party organisations for a variety of reasons. This trend is expected to grow exponentially as the processing and analysis of large amounts of personal data becomes possible with increasingly sophisticated technology.

With such a trend comes growing concerns from individuals about how their personal data is being used. Hence, a data protection regime to govern the collection, use and disclosure of personal data is necessary to address these concerns and to maintain individuals’ trust in organisations that manage data.

By regulating the flow of personal data among organisations, the PDPA also aims to strengthen and entrench Singapore’s competitiveness and position as a trusted, world-class hub for businesses.

What is Hansoken Cloud doing for PDPA?

Our Personal Data Inventory

We’ve mapped out company policies and guidelines to protect our subscribers’ personal data in its care.


Some implementations we have done for data protection

Our data protection officers will review the followings in our privacy policy and align them with the PDPA:

– Collection, Use and Disclosure

– Access & Correction

– Care for Personal Data


We’ve updated our privacy policy to reflect the compliance requirements of PDPA. You can find Hansoken Cloud Privacy Policy at:

Where can I find out more?