# Key Principles **Requesting for Data** 1. **Request only what you need** * Do not over-collect data, where this is not required for business purposes or legal reasons. * Each request must support only a single purpose. 2. **PDPA & Applicable Regulations/Legislation** * Protect, retain, transfer and dispose of data retrieved according to the rules of the Personal Data Protection Act (PDPA), relevant industry regulations and applicable legislation. * Use data in a manner consistent with the purpose of user’s consent. 3. **Use for lawful purposes** * Use the data items retrieved for lawful purposes only. *** **Designing your User Journey (UJ)** 1. **Display As-Is** * Data items retrieved from our APIs should be displayed as-is on digital forms, so as to assure users that the correct data items have been retrieved. * This minimises clarifications on the data retrieved and encourage users to update the relevant Government data source agency if any information is outdated. 2. **Store only if submitted** * Data should be purged if form is not successfully submitted. * If ‘Save-as-draft’ feature is available, unsubmitted data should be purged periodically. 3. **Provide non-Myinfo alternative** * Partners are encouraged to support customers who prefer to use a non-Myinfo alternative. 4. **Showing customers the benefits of using Myinfo** * Indicate that Myinfo service is available for your application and clearly state the target users (e.g. for SC/PR and/or Foreigners). * Present the benefits of using Myinfo option (e.g. time saving, less document uploads or instant provisioning). 5. **Reduce supporting document upload** * Data from Government sources which are un-editable on your form should be assessed for suitability as an alternative to collecting documents for verification (e.g. NRIC, CPF Contribution History, Notice of Assessment). *** #### **Using Myinfo Personal Data** 1. **Display all retrieved personal data** * All Myinfo Personal data retrieved shall be displayed as-is on your digital forms. * Government-originated data on digital service forms should be un-editable, to preserve data integrity for verification. * User-provided data should remain editable.