GDPR and PDPA: What's the Difference?
Are you ready for GDPR, or the EU’s General Data Protection Regulation? After all the adjustments you may have already made for Singapore’s Personal Data Protection Act (PDPA) in 2014, you may think that you already have your customers’ personal data protected. But the GDPR is quite different from the PDPA.
We’ve come up with comparative charts below to give you a quick glance into the similarities and differences of each, so you can see how this will affect your organisation.
Fast Facts on Singapore’s PDPA and the EU’s GDPR
PDPA | GDPR | |
|---|---|---|
Took/will take effect on | Do Not Call registry: 2 Jan 2014 Data protection obligations: 2 Jul 2014 | 25 May 2018 |
Who are governed by these policies? | Covers virtually all businesses in Singapore | Applies to any organisation established within and outside of the EU, so long as:
|
What is it about? | “The [Personal Data Protection Act (PDPA) of Singapore governs] the collection, use and disclosure of individuals’ personal data by organisations in a manner that recognises both the right of individuals to protect their personal data and the need of organisations to collect, use and disclose personal data for purposes that a reasonable person would consider appropriate in the circumstances.”
| “The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonise the data privacy laws across Europe, to protect and empower all EU citizens’ data privacy, and to reshape the way organisations across the regions approach data privacy.” “The aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world that is vastly different from the time in which the 1995 directive was established.”
|
Assess Your IMPACT
Try our IMPACT scorecard to discover how your marketing stacks up across our six-pillar framework. Get a data-driven scorecard that identifies gaps and opportunities for measurable growth.