The PDPC has amended the Personal Data Protection Regulations to recognise the Asia Pacific Economic Cooperation (APEC) Cross Border Privacy Rules (CBPR) System and Privacy Recognition for Processors (PRP) System certifications as one of the modes for transfers of data overseas.

An overseas recipient that is CBPR- or PRP-certified is considered legally bound to provide comparable protection for the transferred personal data to the PDPA. Organisations in Singapore can thus easily transfer personal data to the overseas recipient without meeting additional requirements.

Singapore has also developed a template contract clause that transferring organisations could include in their contract with recipients. 

Get a quick overview here or find out more from our Advisory Guidelines.