APEC PRP

The APEC PRP System was developed by APEC economies to build consumer, business, and regulator trust in cross-border flows of personal data. The APEC PRP System requires participating businesses to implement data privacy policies consistent with the APEC Privacy Framework and helps to bridge differing national privacy laws within the APEC region, reducing barriers to the flow of information for global trade.

The PRP system was designed for organizations (data processors) who process data on behalf of client organizations (data controllers), to demonstrate their ability in complying with relevant privacy obligations.

The APEC PRP certification is based on the APEC Privacy Framework which features two privacy principles: Security Safeguards and Accountability. The framework was endorsed by 21 APEC economies to promote accountable and responsible transfers of personal information between the APEC economies.

Singapore recognizes the APEC CBPR and PRP certifications for overseas transfers of personal data under the PDPA. This means that organizations in Singapore can easily transfer personal data to the overseas certified recipient without meeting additional requirements.

Compliance Directory for PRP can be found here