PDPC may accept an undertaking from an organisation that has potentially contravened the Personal Data Protection Act 2012 (“PDPA”). The process is intended to allow organisations to implement a remediation plan that will not only rectify the immediate breach, but also address any systemic shortcomings to ensure compliance with the PDPA on a continual basis. In considering whether to accept an undertaking, PDPC will examine the effectiveness of the remediation plan proposed by the organisation, and the organisation’s readiness to implement it.

For more details, please refer to PDPC’s Guide on Active Enforcement.

 No Undertakings  Published Date
1 Grabcar Pte Ltd  10 Sept 2020
2 Employment & Employability Institute Pte Ltd  10 Sept 2020
3 HSBC Bank (Singapore) Limited  10 Sept 2020
4 NEC Asia Pacific Pte Ltd  14 Jan 2021
5 StarMed Specialist Centre Pte Ltd  18 Feb 2021
6 Manulife (Singapore) Pte Ltd  15 Apr 2021
7 DLI Asia Pacific Pte Ltd  12 May 2021
8 Seafront Support Company Pte Ltd  10 Jun 2021
9 Platinum Yoga Pte Ltd  10 Jun 2021
10 Assisi Hospice  12 Jul 2021
11 Thye Hua Kwan Moral Charities Limited  12 Jul 2021
12 Equity Solution Pte Ltd  12 Aug 2021 
13 MindChamps Preschool Limited   21 Sept 2021