Our website uses  cookies for statistical purposes.

  • 23 New Industrial Road, #04-08 Solstice Business Center, Singapore
  • clients(at)opencompanysingapore.com
  • +65 88364489
Our Articles

Steps for GDPR Compliance in Singapore

Steps for GDPR Compliance in Singapore

The new comprehensive law on the protection of personal information enabled by the European Union in May 2018 will also impact companies in Singapore. Known as the GDPR – the General Data Protection Regulation provides for how individuals submitting personal information with economic operators should benefit from the enhanced protection of their data.

Most companies in Singapore have European customers, therefore they must also comply with the GDPR when it comes to handling sensitive information about them.

Below, our company formation agents in Singapore explain the steps local companies must take in order to comply with the GDPR.

We also invite you to watch our video on GDPR compliance in Singapore:

The Singapore Data Protection Law – presented by our company formation agents in Singapore

Singapore has its own Data Protection Law called the Personal Data Protection Act which is as comprehensive as the GDPR, however, there are many differences between the two regulations and local companies must comply with the GDPR when handling personal information submitted by EU customers.

Who must comply with the GDPR in Singapore?

The GDPR apply to the following categories of economic operators in Singapore:

  • online companies selling goods or services to clients in EU countries;
  • – Singapore companies monitoring and gathering data of clients in EU countries;
  • – local companies processing payments from clients in EU countries;
  • – other types of companies collecting personal information on individuals in EU states.

Our Singapore company formation advisors can also help foreign investors who want to do business in this country.

How to comply with the GDPR in Singapore

Singapore companies offering services or selling goods in the EU must comply with the following requirements of the GDPR:

  • – inform clients about the fact that their personal data will be collected in a clear manner;
  • – clients must be given the option of refusing the collection of personal information;
  • – customers must be able to withdraw their consent for the storage of their personal information at any time;
  • – any breach of personal information must be reported in maximum 72 hours with the Infocomm Media Development Authority in Singapore.

In order to comply with the GDPR, companies in Singapore are advised to identify the potential threats related to the breach of personal information, draft new policies and agreements related to the processing of personal data and prepare the employees for handling any request related to the GDPR.

For full information on GDPR compliance, please feel free to contact our company registration consultants in Singapore.