APEC Cross Border Privacy Rules (CBPR) and Privacy Recognition for Processors (PRP) System Certifications

WHAT are CROSS BORDER PRIVACY RULES (CBPR) & PRIVACY RECOGNITION FOR PROCESSORS (PRP) SYSTEM CERTIFICATIONS?

By certifying privacy practices to the CBPR and PRP Systems, businesses can demonstrate their adherence to the Asia-Pacific Economic Cooperation (APEC) Privacy framework and facilitate seamless international data transfer while ensuring privacy and security.

ABOUT APEC CBPR CERTIFICATION

Endorsed by APEC for facilitation of personal data among APEC economies, the Cross Border Privacy Rules (CBPR) system is applicable for organisations (data controllers) that control the collection, holding, processing, or use of personal data.

The CBPR certification is based on 9 privacy principles from the APEC Privacy Framework:

• Accountability
• Prevent Harm
• Notice
• Choice
• Collection Limitation
• Use of Personal Information
• Integrity of Personal Information
• Security Safeguards
• Access and Correction

ABOUT APEC PRP CERTIFICATION

The Privacy Recognition for Processors (PRP) system is designed for organisations (data processors) that process data on behalf of client organisations (data controllers), allowing them to demonstrate their compliance with relevant privacy obligations.

The PRP certification is based on 2 privacy principles from the APEC Privacy Framework:

• Accountability
• Security Safeguards 

TÜV SÜD HELPS YOU TO facilitate seamless international data transfer while ensuring privacy

As an assessment body appointed by IMDA, TÜV SÜD PSB can support organisations in assessing if their data protection practices are consistent with the APEC Privacy Framework.

As a leading and internationally recognised Testing, Inspection and Certification (TIC) organisation with over 40 years of experience in certification and well-versed in both PDPA and General Data Protection Regulation (GDPR), we help businesses like yours to validate and strengthen your data protection framework.

With data protection certifications, your business gains trust and fosters confidence among your customers and stakeholders by showing that you have adopted robust and accountable data protection practices.

BENEFITS OF CBPR & PRP CERTIFICATIONS

• Reduce cost and time – with a single, consistent set of privacy standards that facilitate exchange personal data across APEC member economies
• Build trust and confidence – by showing your commitment to data protection with business counterparts and customers
• Provide assurance through third-party certification – that allows your organisation to validate its data protection standards
• Demonstrate compliance – to data protection enforcement authorities

APPLICATION FEE WAIVER & GRANT AVAILABLE FOR ELIGIBLE ORGANISATIONS

Application fee waiver of S$535 (inclusive of GST) available for: 

• SMEs applying for CBPR / PRP certifications
• SMEs applying for CBPR / PRP and DPTM certifications in a single application process
  (Application fee waiver is not applicable if organisations apply for DPTM only)

Enterprise Development Grant (EDG) of up to 80% available till 31 Mar 2022: 

• Enterprise Singapore has raised the maximum support level to 80% for eligible organisations applying for EDG until 31 Mar 2022
• Applicable for all data protection certifications – DPTM, CBPR and PRP certifications

For more information on the application fee waiver and EDG, please visit the IMDA website here.