🌏 Singapore / Thailand

PDPA compliance with ConsentX

Personal Data Protection Act

In short

Personal Data Protection Acts in markets such as Singapore and Thailand require consent and clear notification before collecting and using personal data.

Region

Singapore / Thailand

Status

In force

Group

Asia & Africa

Who it applies to

Organizations collecting, using or disclosing personal data of individuals in the relevant jurisdiction.

Penalties

Varies by jurisdiction, up to significant percentage-of-turnover or fixed-sum fines.

Key obligations

Notify purposes and obtain consent
Allow withdrawal of consent
Provide access and correction
Appoint a data protection officer
Protect and retain data appropriately

How ConsentX helps

Notification-first consent banner

Withdrawal controls

Access and correction intake

Configurable retention

Get PDPA ready with ConsentX

Start free, or book a walkthrough with our team.

Get started free Book a demo

This page is a plain-English summary for general information and is not legal advice. Confirm your obligations with qualified counsel.

Frequently asked questions

Does PDPA require consent before collecting data?+

Yes. You must notify the purpose and obtain consent before collecting or using personal data, and allow withdrawal.

Other frameworks

🇪🇺 GDPR 🇬🇧 UK GDPR 🇺🇸 CCPA / CPRA 🇺🇸 VCDPA 🇺🇸 Colorado CPA 🇺🇸 CTDPA 🇺🇸 UCPA 🇺🇸 TDPSA 🇺🇸 Oregon OCPA 🇺🇸 Montana MCDPA 🇺🇸 Florida FDBR 🇧🇷 LGPD 🇨🇦 PIPEDA 🇮🇳 DPDPA 🇿🇦 POPIA