Advomi Logo
Search
Close this search box.

How Does the GDPR Compare To the Singapore PDPA?

The General Data Protection Regulation and the Personal Data Protection Act are essentially similar, but still quite different in some aspects. In general the GDPR can be considered stricter than the PDPA. the Regulation emphasizes more on the rights of data subjects and provides significant fines for companies which fail to comply with it. It is crucial to understand that strictly applying the rules of the PDPA helps but doesn’t make your business compliant with the GDPR. If you sell goods or services to customers in the EU, regardless of their citizenship, you should comply with the GDPR and not the PDPA.

  • The right to be forgotten (the right for a data subject to request from a data processor to erase his personal information) is included in the GDPR but not recognized by the PDPA. The PDPA recognizes the right of correction of personal data which is also included in the GDPR but essentially different from the right of erasure of the data.
  • Under the GDPR, data subjects have the right to access all their personal data collected by a company free of charge while in Singapore companies may impose a reasonable fee.
  • Data subjects in the EU have the right to request that their personal data be presented to them in a machine-readable format which can easily be transferred to another data processor. The important aspect here is the transfer of data which makes it easier for data subjects to change one service provider with another.
  • The GDPR requires companies in Singapore to appoint representatives in the EU and under certain circumstances Data Protection Officers (DPOs) when processing private data. In Singapore companies must also designate individuals to be responsible for ensuring that the organisation complies with the PDPA compliance but they should be established in Singapore and not in the EU.
  • Receiving consent from the data subjects under the two acts is slightly different (Acquiring consent has been one of the hottest topics of discussion after the adoption of the GDPR). One of the main differences is that the GDPR doesn’t recognize deemed consent.
  • The GDPR implies a procedure for personal data breach notification to a supervisory authority and communicating the breach with the data subjects. No such procedure is provided by the PDPA.

These are just outlines of the most important differences between the GDPR and the PDPA. In general, the GDPR can be considered stricter than the PDPA. Fines imposed under the GDPR are also quite significant and are often calculated as percentage of the annual commercial turnover of the company. However, imprisonment is not among the punishments provided for in the GDPR while individuals guilty of offenses may be liable on conviction to imprisonment for a term not exceeding 12 months.

More resources

FinTech

Tokenisation of real world assets (RWAs)

Introduction Tokenisation of real world assets refers to breaking down high-value properties, whether tangible (such as art pieces) or intangible (such as financial instruments and…

eugene-golovesov-b2mTG-5y6KA-unsplash

Gambling Control Act

Introduction The Gambling Control Act 2022 (GCA) is a consolidation and update of previous gambling legislation including the Betting Act 1960, the Common Gaming Houses…

jean-beller-4Hn4ulNcpJ4-unsplash

Retrenchment

Introduction Retrenchment refers to the termination of an employee’s employment due to redundancy, restructuring or for cost saving reasons, as opposed to termination for poor…

marten-bjork-6dW3xyQvcYE-unsplash

Restraint of Trade Clauses in Employment Contracts

When drafting an employment contract, employers often include a restraint of trade clause in order to restrict what an ex-employee may do post-employment. As defined…

patrick-konior-6ZTV8CflgcY-unsplash

Understanding Crypto Fraud, Investigations and Asset Tracing part 3

After exploring the diverse landscape of blockchain and cryptocurrency frauds in our first article, and delving into the array of disputes in our second installment,…

istockphoto-1471527204-1024x1024-transformed

Understanding Crypto Fraud, Investigations and Asset Tracing part 2

In continuation of our 3-part series unraveling the complexities of blockchain and cryptocurrency, our second installment will delve into the spectrum of Blockchain and Cryptocurrency…