Fluid Attacks Database

PDPA

Last updated: 2023/09/18

Singapore's Personal Data Protection Act (PDPA) regulates the collection, use and disclosure of personal data in Singapore by giving enforceable rights to users, placing the responsibility of lawful data processing on the shoulders of websites, companies and organizations. The version used in this section is PDPA 2020.

Control-Requirement Mapping

Definition	Requirements
3_12. Policies and practices	331. Guarantee legal compliance
4_13. Consent required	189. Specify the purpose of data collection 310. Request user consent
4_14. Provision of consent	189. Specify the purpose of data collection
4_16. Withdrawal of consent	312. Allow user consent revocation
4_20. Notification of purpose	189. Specify the purpose of data collection 315. Provide processed data information
5_21. Access to personal data	185. Encrypt sensitive information 229. Request access credentials
5_22. Correction of personal data	316. Allow rectification requests
6_24. Protection of personal data	185. Encrypt sensitive information 261. Avoid exposing sensitive information 329. Keep client-side storage without sensitive data 339. Avoid storing sensitive files in the web root 360. Remove unnecessary sensitive information
6_25. Retention of personal data	183. Delete sensitive data securely 360. Remove unnecessary sensitive information
6A_26B. Notifiable data breaches	301. Notify configuration changes 313. Inform inability to identify users
6A_26D. Duty to notify occurrence of notifiable data breach	301. Notify configuration changes 376. Register severity level
6A_26E. Obligations of data intermediary of public agency	318. Notify third parties of changes
9B_48D. Unauthorized disclosure of personal data	176. Restrict system objects
9B_48E. Improper use of personal data	178. Use digital signatures 046. Manage the integrity of critical files 062. Define standard configurations
9B_48F. Unauthorized re‑identification of anonymized information	030. Avoid object reutilization

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.