General Data Protection Regulation (GDPR)
As individuals, many of us will have seen emails from the likes of Google, EBay, Paypal etc advising us of their commitment to the new “GDPR”. The GDPR is the General Data Protection Regulation and is being introduced across the EU from 25 May 2018.
The Personal Data Protection Commission has released a document outlining the key requirements of the GDPR and its implications on Singapore businesses.
In summary, the GDPR applies to any organisation that processes personal data of individuals in the EU, including organisations established outside of the EU, where the processing relates to:
- offer of goods or services to individuals in the EU (regardless of whether payment is required); or
- monitoring of the behaviours of individuals in the EU.
If you fall into either of the above criteria and collect or obtain any information relating to an identified (or identifiable) natural person you should seek advice on this from your legal advisors. More information from the whole document can be found here.