INTRODUCTION

In general, the Personal Data Protection Act 2010 [Act 709] applies to any individual, company, or organization that processes and has control over the processing of personal data in commercial transactions in Malaysia.

Individuals, companies, or organizations that process and control the processing of personal data in commercial transactions are known as Data Controllers.

As a Data Controller, you are required to comply with all regulations set forth in this Act, particularly related to the following matters:

  1. The 7 Principles of Personal Data Protection
  2. Personal Data Protection Standard
  3. Registration as a Data Controller
  4. Registration of Personal Data Protection Officer
  5. Data Breach Notification