Certified Information Privacy Professional – Asia (CIPP/A) — Question 72

In what case would a foreign company NOT be liable for breaches of Singapore's PDPA?

Answer options

• A. If it has a physical office in Singapore.
• B. If it is storing information in Singapore.
• C. If it is collecting personal information in Singapore.
• D. If it collects information from Singaporeans living abroad.

Correct answer: D

Explanation

The correct answer is D because a foreign company is not liable under Singapore's PDPA when it collects information from Singaporeans who are residing outside of Singapore. The other options indicate scenarios where the company has a physical presence or is actively handling data within Singapore, which would establish liability under the PDPA.