About the PDPO
The protection of users' and customers' personal information is vital to ensure your business continues to operate without running the risk of a data breach.
In Brunei Darussalam, the Personal Data Protection Order (or the PDPO) was introduced in 2025, providing individuals with rights as Data Subjects, and imposing the responsibility on private organisations to protect any personal information they control or process.
At NXPhase, we take this responsibility seriously, and put the privacy of individuals at the forefront of all of our services. Our Data Protection team is qualified through the International Association of Privacy Professionals (IAPP) with the help of the Authority of Info-communications Technology Industry (AITI) of Brunei, our local Data Protection Authority.
How we can help
Achieving compliance does not have to be as complicated as it may seem. Our Data Protection team is ready to assist organisations in developing their own data protection programme to be compliant with the PDPO and other privacy regulations that may apply to businesses. We simplify the process with these key steps:
We believe that combining all three processes provides organisations with the most comprehensive protection of personal data, and mitigation against data breaches. However, businesses that feel the need to prioritise their expenses can select just one or two of our options to begin their journey to compliance.
Fundamentals of the PDPO
For organisations that posess the resources to manage compliance on their own, but may need professional development with regards to the PDPO, we also offer a course explaining the fundamentals, specifically about PDPO Brunei, and the most up-to-date best practices for governance over personal data. Reach out to us for further inquiry to explore options for your organisation to take part in this course.