Personal Data Protection Act (PDPA) Services

In our quickly digitalising economy, defending your customers' data against breaches has become more pertinent than ever. Begin your journey to attain a PDPA Trustmark certified organisation through our qualified DPO and PDPA Advisory Services.


What is PDPA?

The Personal Data Protection Act (2012) - otherwise and most popularly known as "PDPA" - sets out the law on data protection in Singapore. Apart from establishing a general data protection regime, it also regulates telemarketing practices.

Affinite Solutions offers one of the most comprehensive PDPA and data protection policy advisory service in Singapore. We prepare our clients to not only have a concrete data security framework, but to also create trusted relationships with their customers.

These fundamentals are essential for the Data Protection Trustmark (DPTM) certification - awarded by IMDA.

Features Of Our PDPA Advisory Services

Data Protection Roadmap

Developed internally by our certified PDPA and Legal Advisor, Affinite offers a robust roadmap to assist our clients in understanding PDPA and strengthening their data protection policies and processes.


As part of our Data-Protection-as-a-Service, gain an additional edge with our certified and full-time Data Protection Officers. Expect regular PDPA audits and training that will ensure a solid PDPA foundation.

Learn more

Data Protection Training

What is data? How can organisations use data responsibly? What are the implications of a data breach? Receive in-depth training and understanding of how PDPA affects organisations from our own PDPA Legal Officer.

Audits & On-site Inspections

Identify vulnerabilities, reveal weaknesses and correct them. Minimise the risk of data leaks and security gaps by having your organisation reviewed thorough the PDPA transformation journey.

Affinite Secure Security & Anti-Phising Training

Equip your employees with the ability to detect and deal with digital threats via Affinite Secure - a specialised training and test programme developed in-house to cultivate a workplace culture that protects the company and all its stakeholders.

Cybersecurity Solutions

Deter perpetrators with an additional layer of technical security on your company devices and online infrastructure with military-grade anti-malware systems.

Our PDPA solutions are eligible for 80% funding by the EDG

Our Clients

Resorts World Sentosa.png
SP Group.png
Auto Zoom.png
Shangri-La Singapore.png
Living Print & Mail Hub.png
Yaw Yen Thaw Affinite PDPA.jpeg

Our Chief PDPA Trainer

Yang Yen Thaw is a common law qualified lawyer with extensive private practice and in-house counsel experience. As a veteran for 28 years in the law industry, Mr Yang has held senior positions in management and law in listed as well as private limited companies with businesses spanning Australia, China, France, India, Japan, Malaysia, New Zealand, Singapore, Thailand, UK, USA and most South East Asian countries before founding his own eponymous law firm.

As a corporate PDPA Compliance Advisor, Mr Yang has trained well beyond 1000 individuals and aided more than 100 companies in their pursuit of achieving industry-leading PDPA standards.

Mr Yang also conducts regular PDPA seminars as part of Affinite's PDPA training and compliance services.

Read his article here.



The Data Protection Trustmark

As part of advancing the digital economy strategy to allow Singapore to stand out as a trusted data hub with a well-developed data ecosystem that supports competition and innovation as well as the cross border data flow, PDPC and IMDA have developed the Data Protection Trustmark (DPTM) Certification to help organisations verify their compliance to personal data protection standards and best practices.

Data Protection Trustmark Affinite Solut
DPTM Journey with Affinite Solutions
Guidance on DPTM

Receive full professional assistance, start to end, on the entire DPTM certification process from a qualified PDPA team.

Introduction to QUESTS Journey

Developed internally by our certified PDPA and Legal Advisor, Affinite offers a unique approach to data protection to help organisations make the most of their data safely.

Advisory Services

Receive PDPA training for staff, implementations of data protection and handling frameworks, and other essential organisational protocols to tighten data security.

Final Reviews & Checks

Our PDPA team will conduct a thorough final audit to ensure that your organisation's data protection standards are up to the latest guidelines before application.

DPTM Registration with Assessment Body

Submission of your organisation's DPTM application to a licensed assessment body of your choice, will be fully handled by us.

DPTM Certification

Congratulations, your organisation is now recognised as part of the list of DPTM certified companies in Singapore!

Frequently Asked Questions (FAQs) about DPTM

Why should my organisation attain the Data Protection Trustmark (DPTM) certification?

  • Going through the rigorous process of a DPTM assessment further provides the organisation insights into its own data security lapses, and the opportunity to make steady progress on improving them. It is especially beneficial for businesses and organisations who handle large amounts of data on a daily basis (e.g consultancies, retail, F&B, technology products, etc.)

  • Locally and in more practical applications, the DPTM creates additional company value, allowing businesses to more easily negotiate and benefit from collective data schemes with partners (such as mall loyalty and referral programmes).

What are the benefits of attaining the Data Protection Trustmark (DPTM) certification?

  • Organisations with DPTM certifications can rest assure their customers that their personal data will be put through proper data handling protocols and systems. In other words, having a DPTM certification will help solidify customer confidence. The DPTM also provides additional recognition as it adheres to international standards and best practices of the OECD guidelines on the Protection of Privacy and Transborder Flows of Personal Data and the APEC Privacy Framework. The DPTM provides international recognition for companies setting their sights on overseas ventures or investments.

Is it compulsory to have the Data Protection Trustmark (DPTM) certification?

  • The DPTM is voluntary and only awarded to organisations who display firm commitments to safeguarding personal data. Organisations are still required by law to appoint a Data Protection Officer, whose responsibility is to implement and enforce formalised personal data protection policies and practices under the Personal Data Protection Act (2012) - regardless of DPTM accreditation.

Assumption: The Data Protection Trustmark (DPTM) certification is only suitable for large organisations who handle a significant amount of customer data.

  • False. Any company with the suitable PDPA and data security frameworks may apply for the DPTM. Additionally, the Singapore Government offers a grant covering up to 80% for PDPA & DPTM services. Contact us to see if your organisation is eligible.


Start your PDPA journey with Affinite.

Building trust and confidence is the key to any successful and growing business and/or organisation. Strengthen your Personal Data Protection efforts with our dedicated and certified consultants today! We look forward to connecting with you soon.