Does the data protection officer need to be an employee of a Singapore company?

The Data Protection Officer's (DPO) base of operations is not specified by the PDPA. The DPO does not have to work for the organisation; instead, it can be contracted out to a different party. To be in compliance with the PDPA standards, the DPO whose business contact information is disclosed must be approachable whenever a member of the public in Singapore tries to contact him.

Updated on: 15/05/2024