Regulations around protecting existing personal data
Personal Data Protection requirements: online publication/newsletter with access to subscribers contact information
You are required under the PDPA to protect personal data which are in your possession or control through the provision of reasonable security arrangements. Security arrangements can take various form such as administrative, physical and technical measures or a combination of these.
If you intend to use the contact information of your subscribers for purposes other than the sending of updates in relation to the online cryptoblog/newsletter, you need to notify your subscribers of the additional purposes and obtain their consent for this new use of their contact information.
Should a subscriber indicate that they want to unsubscribe to updates on your online cryptoblog / newsletter and/or that they wish to withdraw consent to your use of their contact information, you must remove their contact information from your database as soon as possible (unless you are required to retain the same for other legal or business purposes for which retention of the contact information is necessary, e.g., ongoing legal action, compliance with other laws, etc.).