In Singapore, CCTV footage that captures identifiable individuals is personal data under the PDPA, so the right provider treats compliant deployment as seriously as camera resolution. Use this checklist to test for privacy, storage, and maintenance discipline before you sign.
How to evaluate a video surveillance / CCTV provider in Singapore
- Make PDPA the first agenda item: confirm the vendor will deliver prominent signage at every camera zone, a documented retention period (commonly 30-90 days), purpose-limitation in your privacy notice, and a working Data Access Request process before any camera goes live.
- Size storage against your actual retention window and resolution, not the brochure: get a written calculation showing how many days of footage each camera will hold at the proposed frame rate so you don't discover you can only keep 7 days after handover.
- Decide on-prem NVR vs cloud VMS on data residency and total cost over 5-7 years, and have the vendor put TCO, backup responsibility, and where footage is hosted in writing rather than just naming a brand.
- Pressure-test video analytics for proportionality: ask the vendor to document the purpose of any people-counting, licence-plate, or facial features and configure capture to the minimum needed, since more identifiable data means stricter PDPA obligations.
- Probe camera and firmware cybersecurity: confirm default passwords are changed, firmware is patched on a stated schedule, the recorder is segmented from your main network, and check whether any model carries trade or sourcing restrictions relevant to you.
- Lock down maintenance and approvals before signing: get written response times, warranty terms, and as-built documentation, confirm the vendor handles MCST or building-management approvals, and read any lease reinstatement clause into your budget.
Verify for Dahua Technology
- Confirm key details directly with the vendor — this listing isn't vendor-managed yet.
- Ask for two recent Singapore client references you can speak with.
- Ask for a written scope of services before comparing quotes.
- Request evidence of relevant certifications and their current validity.
Questions to ask
- What signage, retention policy, and Data Access Request process will you put in place so we are PDPA-compliant from day one?
- Can you show a written storage-sizing calculation for our camera count, resolution, and retention window?
- What is your firmware-patching schedule, and how do you secure and network-segment the recorder and cameras?
- What are your maintenance response times and warranty terms, and do you handle the required building or MCST approvals?