PDPA 2012: Main framework for data protection in Singapore that governs the collection, use, disclosure, and care of personal data, including Do Not Call (DNC) provisions

PDPA Regulations 2021: Subsidiary legislation providing detailed requirements for PDPA compliance

Data Breach Regulations 2021: Specific regulations detailing requirements for notification and handling of data breaches

PDPC Advisory Guidelines: Official guidelines from Personal Data Protection Commission covering key concepts and sector-specific requirements

APEC CBPR: APEC Cross-Border Privacy Rules System for international data transfers within APEC region

EU GDPR Considerations: European Union's General Data Protection Regulation requirements if dealing with EU residents

Consent Obligations: Requirements for obtaining valid consent before collecting, using, or disclosing personal data

Purpose Limitation: Obligation to collect, use or disclose personal data only for purposes that a reasonable person would consider appropriate

Notification Obligations: Requirements to inform individuals of the purpose for collecting, using, and disclosing their personal data

Access and Correction Rights: Individual rights to request access to and correction of their personal data held by organizations

Protection Obligations: Requirements to maintain appropriate security measures to protect personal data

Retention Limitation: Obligation to cease retention of personal data when no longer necessary for legal or business purposes

Transfer Limitation: Requirements for transferring personal data outside of Singapore

Data Breach Requirements: Obligations for handling and reporting data breaches to affected individuals and authorities

DNC Registry Requirements: Obligations related to Singapore's Do Not Call Registry for marketing communications