A-Z of data protection - P is for ...

A-Z of data protection: terms you need to know

P

passive data collection
• the act of collecting data automatically as a user browses a site or uses an app, usually through cookies or web beacons, rather than asking a user to explicitly provide or input his/her data through a form. Passive data collection is often done without the user’s knowledge

persistent cookies
• cookies that exist on a user’s device until a defined expiration date, which could be minutes, months, or even years later

Personal Data Protection Act (PDPA) [SG]
• an Act to govern the collection, use, disclosure and care of personal data by organisations in Singapore
• establishes the Do Not Call (DNC) Registry that allows Singaporeans to opt out of receiving telemarketing messages

Personal Data Protection Commission (PDPC) [SG]
• Singapore’s main authority in matters relating to personal data protection, which administers and enforces the Personal Data Protection Act, and develops Advisory Guidelines to help organisations understand and comply with the PDPA

Personal Information Controller (PIC) [PH]
• refers to a person or organisation who controls* the collection, holding, processing or use of personal information, including a person or organisation that instructs another person or organisation to collect, hold, process, use, transfer or disclose personal information

*”control” means that the person or organisation decides what