PDPC may accept an undertaking from an organisation that has potentially contravened the Personal Data Protection Act 2012 (“PDPA”). The process is intended to allow organisations to implement a remediation plan that will not only rectify the immediate breach, but also address any systemic shortcomings to ensure compliance with the PDPA on a continual basis. In considering whether to accept an undertaking, PDPC will examine the effectiveness of the remediation plan proposed by the organisation, and the organisation’s readiness to implement it.

For more details, please refer to PDPC’s Guide on Active Enforcement.

No	Undertakings	Published Date
1	Grabcar Pte Ltd	10 Sept 2020
2	Employment & Employability Institute Pte Ltd	10 Sept 2020
3	HSBC Bank (Singapore) Limited	10 Sept 2020
4	NEC Asia Pacific Pte Ltd	14 Jan 2021
5	StarMed Specialist Centre Pte Ltd	18 Feb 2021
6	Manulife (Singapore) Pte Ltd	15 Apr 2021
7	DLI Asia Pacific Pte Ltd	12 May 2021
8	Seafront Support Company Pte Ltd	10 Jun 2021
9	Platinum Yoga Pte Ltd	10 Jun 2021
10	Assisi Hospice	12 Jul 2021
11	Thye Hua Kwan Moral Charities Limited	12 Jul 2021
12	Equity Solution Pte Ltd	12 Aug 2021
13	MindChamps Preschool Limited	21 Sept 2021
14	Fujioh International Trading Pte Ltd	11 Nov 2021
15	JT Legal LLC	14 Jan 2022
16	Jade E-Services Singapore Pte Ltd	21 Apr 2022
17	Singhealth Polyclinics	16 Jun 2022
18	HSL Constructor Pte Ltd	14 Jul 2022
19	Asia Petworld Pte Ltd	14 Jul 2022
20	“K” Line Pte Ltd, "K" Line Ship Management (Singapore) Pte. Ltd., and “K” Line (Singapore) Pte Ltd	11 Aug 2022
21	Inmagine Lab Pte Ltd	11 Aug 2022
22	The National University of Singapore Society	11 Aug 2022