May 31, 2018 By Vicki

GDPR: One More Abbreviation Singapore SMEs Need To Know About

Less than a minute Business
Discover Your Brand Story With LEGO®
Starting Your Startup
Starting Your Startup – Making The Transition

The hot buzzword for businesses at the moment is ‘GDPR’.

The General Data Protection Regulation, an EU data privacy ruling, took effect on 25 May 2018.

You’ve probably experienced the flurry of emails in your inbox addressing updates in privacy policies, or asking you to opt-in again to various mailing lists. My inbox is definitely undulated with the like!

Gobbs and I took a look at how the GDPR affects our Singapore-based business. We wanted to be sure that we weren’t committing any data privacy no-nos!

If you’ve yet to make adjustments to your company’s data protection/privacy policy, here are some key takeaways from our research:

  1. The GDPR may apply to your Singapore-based business, even if you’re not located in the EU
    As long as your business is collecting/storing/using data and offering goods or services to individuals in the EU, your company is subject to the GDPR.

  2. Size doesn’t matter, it’s what you’re doing ;)
    On the top of our minds was the question: Does the GDPR apply to SMEs? It’s not so much whether your business is a large corporation or a small medium business, but rather the nature of your activities.

    For example, if your entire business is based on processing personal data and it includes EU citizens, then the full extent of the GDPR obligations needs to be applied.

  3. Being PDPA-compliant does not mean you are GDPR-ready
    There are significant differences between the PDPA and the GDPR, and additional adjustments to your company’s privacy policy will be needed. We came across this handy comparison chart between these two privacy laws for easy understanding.

  4. Data privacy protection doesn’t have to be costly
    Leverage on technology to help with your company’s data privacy protection. Software isn’t just for large enterprises and organisations – there are plenty of reliable technologies that cater to SMEs and don’t have an enterprise-level price tag.

    For example, use a mailing list management platform like MailChimp to securely store your subscriber’s data, and to automate opt-ins and unsubscribes.

  5. Everyone plays a part
    Using technology to protect your data is futile without educating your team about data privacy protection and having an internal rulebook on how to handle/manage data.

This is just a quick summary of how the GDPR affects Singapore businesses, please do find out more to make sure your business is compliant!

* We're no legal experts, so this article is definitely not any form of legal advice!

“I Don’t Want To Make Business Life Easier.”
(Said No One Ever.)
Get FREE articles and tips in your inbox. We’ll share juicy goodness about running a business, design & marketing, plus getting sh*t done.
We’ll keep your information safe, just like our secret beer stash.
Hello there!

If you have a project brief to share, please send it to, or use our handy Project Planner. Should you prefer to chat to a human, simply click on the avatar below.

× Need help?