Skip to main content




Singapore's Personal Data Protection Act (PDPA) regulates the collection, use and disclosure of personal data in Singapore by giving enforceable rights to users, placing the responsibility of lawful data processing on the shoulders of websites, companies and organizations. The version used in this section is PDPA 2020.


3_12. Policies and practices
331. Guarantee legal compliance
4_13. Consent required
189. Specify the purpose of data collection
310. Request user consent
4_14. Provision of consent
189. Specify the purpose of data collection
4_16. Withdrawal of consent
312. Allow user consent revocation
4_20. Notification of purpose
189. Specify the purpose of data collection
315. Provide processed data information
5_21. Access to personal data
185. Encrypt sensitive information
229. Request access credentials
5_22. Correction of personal data
316. Allow rectification requests
6_24. Protection of personal data
185. Encrypt sensitive information
261. Avoid exposing sensitive information
329. Keep client-side storage without sensitive data
339. Avoid storing sensitive files in the web root
360. Remove unnecessary sensitive information
6_25. Retention of personal data
183. Delete sensitive data securely
360. Remove unnecessary sensitive information
6A_26B. Notifiable data breaches
301. Notify configuration changes
313. Inform inability to identify users
6A_26D. Duty to notify occurrence of notifiable data breach
301. Notify configuration changes
376. Register severity level
6A_26E. Obligations of data intermediary of public agency
318. Notify third parties of changes
9B_48D. Unauthorized disclosure of personal data
176. Restrict system objects
9B_48E. Improper use of personal data
046. Manage the integrity of critical files
062. Define standard configurations
178. Use digital signatures
9B_48F. Unauthorized re‑identification of anonymized information
030. Avoid object reutilization
free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.