PDPA 2012: Main framework for data protection in Singapore that governs the collection, use, disclosure, and care of personal data, including Do Not Call (DNC) provisions
PDPA Regulations 2021: Subsidiary legislation providing detailed requirements for PDPA compliance
Data Breach Regulations 2021: Specific regulations detailing requirements for notification and handling of data breaches
PDPC Advisory Guidelines: Official guidelines from Personal Data Protection Commission covering key concepts and sector-specific requirements
APEC CBPR: APEC Cross-Border Privacy Rules System for international data transfers within APEC region
EU GDPR Considerations: European Union's General Data Protection Regulation requirements if dealing with EU residents
Consent Obligations: Requirements for obtaining valid consent before collecting, using, or disclosing personal data
Purpose Limitation: Obligation to collect, use or disclose personal data only for purposes that a reasonable person would consider appropriate
Notification Obligations: Requirements to inform individuals of the purpose for collecting, using, and disclosing their personal data
Access and Correction Rights: Individual rights to request access to and correction of their personal data held by organizations
Protection Obligations: Requirements to maintain appropriate security measures to protect personal data
Retention Limitation: Obligation to cease retention of personal data when no longer necessary for legal or business purposes
Transfer Limitation: Requirements for transferring personal data outside of Singapore
Data Breach Requirements: Obligations for handling and reporting data breaches to affected individuals and authorities
DNC Registry Requirements: Obligations related to Singapore's Do Not Call Registry for marketing communications
