Data Protection Certifications

Demonstrate accountable data protection practices with DPTM, APEC CBPR & PRP systems certifications

Appointed by Infocomm Media Development Authority (IMDA) as an assessment body for Data Protection Certifications, TÜV SÜD PSB can support organisations in assessing your data protection practices, following approval of application by IMDA.

 

WHAT ARE THE IMDA DATA PROTECTION CERTIFICATIONS?

As personal data protection and privacy become increasingly important and a key concern for consumers, it is vital for organisations that handle and store personal data to have robust data protection practices in place to safeguard such information.

To support organisations in managing & protecting their customers’ data responsibly, IMDA has developed the following Data Protection Certifications to verify their conformance to personal data protection standards and best practices:

DATA PROTECTION TRUSTMARK (DPTM) CERTIFICATION 

Developed based on Singapore’s Personal Data Protection Act (PDPA) and international best practices, the IMDA DPTM certification allows organisations to demonstrate accountable data protection practices.

BENEFITS OF DATA PROTECTION TRUSTMARK CERTIFICATION

  • Increase business competitiveness – by strengthening your reputation, building trust and confidence in your brand that you have robust data protection policies to safeguard customers’ personal data
  • Provide assurance to your organisation – with a third-party certification that helps to validate your data protection regime, allowing you to identify potential weaknesses and take steps to mitigate risks

APEC CROSS BORDER PRIVACY RULES (CBPR) & PRIVACY RECOGNITION FOR PROCESSORS (PRP) SYSTEM CERTIFICATIONS

By certifying privacy practices to the CBPR and PRP Systems, businesses can demonstrate their adherence to the Asia-Pacific Economic Cooperation (APEC) Privacy framework and facilitate seamless international data transfer while ensuring privacy and security.

  • ABOUT APEC CBPR CERTIFICATION

    Endorsed by APEC for facilitation of personal data among APEC economies, the Cross Border Privacy Rules (CBPR) system is applicable for organisations (data controllers) that control the collection, holding, processing, or use of personal data.

    The CBPR certification is based on 9 privacy principles from the APEC Privacy Framework:

    • Accountability
    • Prevent Harm
    • Notice
    • Choice
    • Collection Limitation
    • Use of Personal Information
    • Integrity of Personal Information
    • Security Safeguards
    • Access and Correction
  • ABOUT APEC PRP CERTIFICATION

    The Privacy Recognition for Processors (PRP) system is designed for organisations (data processors) that process data on behalf of client organisations (data controllers), allowing them to demonstrate their compliance with relevant privacy obligations.

    The PRP certification is based on 2 privacy principles from the APEC Privacy Framework:

    • Accountability
    • Security Safeguards
  • BENEFITS OF CBPR & PRP CERTIFICATIONS
    • Reduce cost and time – with a single, consistent set of privacy standards that facilitate exchange personal data across APEC member economies
    • Build trust and confidence – by showing your commitment to data protection with business counterparts and customers
    • Provide assurance through third-party certification – that allows your organisation to validate its data protection standards
    • Demonstrate data protection compliance – to data protection enforcement authorities

 

TÜV SÜD HELPS YOU TO BOOST CUSTOMER CONFIDENCE IN YOUR ORGANISATION’S DATA PROTECTION POLICIES

As an assessment body appointed by IMDA, TÜV SÜD PSB can support organisations in assessing if their data protection practices are aligned to DPTM requirements & consistent with the APEC Privacy Framework.

As a leading and internationally recognised Testing, Inspection and Certification (TIC) organisation with over 40 years of experience in certification and well-versed in both PDPA and General Data Protection Regulation (GDPR), we help businesses like yours to validate and strengthen your data protection framework.

With data protection certifications, your business gains trust and fosters confidence among your customers and stakeholders by showing that you have adopted robust and accountable data protection practices.

DATA PROTECTION CERTIFICATION PROCESS WITH TÜV SÜD

If you are interested to apply for DPTM, CBPR and/or PRP certifications, you may fill in the form on this page and we will be in contact with you shortly to facilitate the process.

Below is an overview of the application process to be assessed by TÜV SÜD PSB:

  • STEP 1: APPLICATION
    • For DPTM: Apply online with IMDA here & make payment for Application Fee
    • For CBPR and/or PRP: Apply online with IMDA here and make payment for the Application Fee
  • STEP 2: SELECTION OF ASSESSMENT BODY
    • IMDA will inform you on whether the application has been accepted or rejected.
    • If accepted, you will receive the Self-Assessment Form from IMDA.
    • Select TÜV SÜD PSB to conduct a data protection assessment of your organisation’s relevant data protection policies and practices.
  • STEP 3: ASSESSMENT WITH TÜV SÜD
    • Documentation review
    • On-site assessment
    • Remediation (if required)
    • Completion of assessment
    • Assessment report to be submitted to IMDA by TÜV SÜD
  • STEP 4: CERTIFICATION

    Eligible organisations will be awarded the relevant data protection certification by IMDA.

    • DPTM certificate: Valid for 3 years – Organisations should apply for the re-certification at least 6 months from the date of expiry of the certification.
    • CBPR and/or PRP certificate: Valid for 1 year – Organisations should apply for the re-certification at least 3 months from the date of expiry of the certification.

 

Grants are available to eligible organisations. Application fee is waived for SMEs and Non-profit Organisations (NPOs) till 31 December 2020. 

CONTACT TÜV SÜD IN SINGAPORE FOR MORE DETAILS

If you have any questions about the Data Protection certifications or available grants and subsidies, you can contact TÜV SÜD PSB by filling up the form on this page.

(Source: IMDA)

IMDA Certifications for Data Protection

Boost customer confidence in your organisation's data protection policies – fill up the form on this page and we will be in touch with more details!

ENQUIRE NOW