fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

6 Simple guides on PDPA clause for agreements of personal data

pdpa clause
In Singapore, personal data is protected under the PDPA Clause. This Act has various rules governing the collection, use, disclosure and care of individuals’ personal data.

6 Simple guides on PDPA clause for agreements of personal data

In today’s digitally driven world, organizations routinely collect a plethora of data that individuals submit – be it to extend product offers or to keep their customers informed about a topic of personal interest. It is the right of the individuals who submit this personal data to expect its ethical management. Since organizations can leverage this data in many ways – whether for lead generation or targeted marketing based on profiles – it is important for them to ensure that it is legitimately used.

In Singapore, personal data is protected under the Personal Data Protection Act 2012 (PDPA). This Act has various rules governing the collection, use, disclosure, and care of individuals’ personal data.

For small and medium-sized businesses, creating awareness about your product or service is vital for growth. But with the PDPA, you will need to heed its various stipulations so that you do not tread on customers’ (or potential customers’) privacy. This may seem like a hindrance, but few realize that the PDPA can actually be a blessing in disguise. It actually gives companies the opportunity to allay concerns of data mismanagement, which in turn helps to build customer trust. 

Also read: 12 brief explanation about the benefits of data protection for business success

It is the right of the individuals who submit this personal data to expect its ethical management.

Below are the 6 Simple guides on PDPA clause for agreements of personal data

  1. An organization may engage another organization to provide services relating to the processing of personal data (such as hosting or storage of data, payroll processing etc.). In this Guide, the organization purchasing services will be known as the “Customer,” while the organization providing services will be known as the “Contractor.” A Customer and a Contractor will usually enter into a written agreement to set out the services provided and the parties’ obligations (“Service Agreement”).

2. This Guide provides sample data protection clauses that Customers may include in their Service Agreements with Contractors, for general reference. The sample clauses should be adapted to suit the Customer’s particular circumstances and needs. For example, the sample clauses may be modified to take into account the Customer’s operational and business requirements, the context of the Service Agreement, and the other clauses of the Service Agreement dealing with similar or related issues (e.g., confidentiality clauses). Please read the explanatory notes in the next section of this Guide before using the sample clauses.

3. A Contractor who processes personal data on behalf of, and for the purposes of, a Customer will likely be considered as a data intermediary of the Customer under the Personal Data Protection Act 2012 (“PDPA”). Where the Contractor is processing personal data as a data intermediary pursuant to a contract in writing, the Contractor will not be subject to the obligations set out in Parts III to VI of the PDPA clause (“Data Protection Obligations”) except for the obligations relating to protection and retention of personal data.

Organizations can leverage this data in many ways – whether for lead generation or targeted marketing based on profiles – it is important for them to ensure that it is legitimately used.

4. A Customer will be liable for any act done, or omission, by the Contractor in the course of processing personal data on behalf of the Customer where such Act or omission amounts to a breach of any Data Protection Obligation. When engaging Contractors to process personal data on their behalf and for their purposes, Customers should therefore ensure that their Service Agreements with the Contractors impose sufficient obligations on the Contractors so as to ensure the Customer’s own compliance with the PDPA clause.

5. For more information about the Data Protection Obligations, please refer to Parts III to VI of the PDPA clause and the advisory guidelines issued by the Personal Data Protection Commission (“Commission”). In particular, the Commission’s Advisory Guidelines on Key Concepts in the PDPA clause (“Key Concepts Guidelines”) elaborate on the key terms in the PDPA clause relating to data intermediaries and explain the general issues surrounding various obligations which organizations have to comply with under the PDPA clause. Note, however, that each advisory guideline should always be read in conjunction with any other relevant advisory guidelines that the Commission has issued or may from time to time issue.

6. Use of the sample clauses does not mean that you would be in compliance with the PDPA clause or any other law. You should seek professional legal advice if you are uncertain of your legal position or obligations under the law or require assistance with the drafting of any Service Agreement (including the use of the sample clauses).

Also read: How Being Data Protection Trained Can Help With Job Retention

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us