Facebook Linkedin X-twitter Tiktok Instagram

Personal Data Protection Notice

PERSONAL DATA PROTECTION NOTICE (PDP)

 

This notice serves to inform you of the manner in which your personal data is collected, processed, stored, disclosed, and protected in accordance with the Personal Data Protection Act 2010 [Act 709].

  

1. TYPES OF PERSONAL DATA COLLECTED

Personal Data Protection Department (JPDP) collects various types of personal data from you in order to fulfil its regulatory and enforcement functions under Act 709, including but not limited to: 

a) personal identification information such as full name, date of birth, gender, identification card/passport number and marital status; 

b) contact information such as residential address, telephone number and email address; 

c)    financial or payment-related information; 

d)    employment or business-related information such as company registration number and business sector; 

e)    technical information such as ip address, browser type and cookies from online interactions; 

f)     other information necessary for the performance of JPDP’s regulatory and enforcement duties.

 

Failure to provide the required data may affect the effectiveness of JPDP in discharging its responsibilities under Act 709.

  

2. PURPOSES OF PERSONAL DATA COLLECTION AND PROCESSING

 The personal data collected will be processed for the following purposes: 

a)    processing registration applications for Data Controllers; 

b)    handling complaints and investigations of violations under Act 709; 

c)    conducting inspections and monitoring compliance; 

d)    disseminating information, advocacy, training and public awareness campaigns related to personal data protection; 

e)    engaging in official communication with you via letters, emails or telephone calls; 

f)     providing customer service and internal administrative management; 

g)    fulfilling legal and regulatory obligations; 

h)    conducting research, policy evaluation, and statistical analysis.

 

3. SOURCES OF DATA COLLECTION

 JPDP collects your personal data through direct or indirect interactions, including but not limited to: 

a)    information you provide to JPDP via forms, emails, or physical meetings; 

b)    participation in surveys, public consultation papers, or JPDP organised programmes/activities; 

c)    usage of JPDP’s website or digital platforms.

  

4. SECURITY OF PERSONAL DATA 

JPDP is committed to ensuring the secure storage of your personal data. Technical and organisational security measures are implemented to protect your data from loss, misuse, alteration, unauthorised access or disclosure. Only authorised individuals are allowed access to the data and regular security audits are conducted.

5. RETENTION OF PERSONAL DATA

Your personal data will only be retained for as long as necessary to fulfil the purposes for which it was collected or as required by law. Upon the expiry of the retention period or when the data is no longer required, it will be permanently destroyed.

6. DISCLOSURE OF PERSONAL DATA

Personal data processed by JPDP will not be shared with any other party unless such disclosure is permitted under Section 39 of Act 709. Your personal data will only be processed for the purposes stated above and may be disclosed to:

 

a)    external service providers appointed by JPDP for the provision of technology services, support, and online payment systems; 

b)    public authorities or regulatory bodies as permitted or required by law.

7.  YOUR RIGHTS AS A DATA SUBJECT

Under Act 709, you are entitled to the following rights: 

a)    Right of Access – You have the right to request a copy of your personal data held by JPDP. 

b)    Right to Correction – You have the right to request that JPDP correct any inaccurate, incomplete, or outdated personal data.

c)    Right to Withdraw Consent – You have the right to withdraw your consent for the processing of your personal data, subject to applicable laws. However, this may affect JPDP’s ability to fulfil its obligations to you.

d)    Right to Prevent Processing – You have the right to request that JPDP stop processing your personal data for a specific purpose.

e)    Right to Data Portability – You have the right to request that JPDP transfer the personal data you have provided to another organisation.

8. USE OF COOKIES

JPDP’s websites and digital platforms may use cookies to enhance user experience. Cookies are small files stored on your device that help websites function more efficiently and retain user browsing information. Cookie management is subject to your browser settings. You may choose to block or delete cookies, but this may affect the functionality of JPDP’s website. By using this site, you consent to the use of cookies as described.

 

9. AMENDMENTS TO THIS NOTICE

JPDP reserves the right to amend or update this Personal Data Protection Notice at any time. Any changes will be published on JPDP’s official website along with the updated date. You are encouraged to review this notice periodically.

  

10. CONTACT INFORMATION

 If you have any questions, complaints or wish to make a request regarding the processing of your personal data, please contact:

 Personal Data Protection Department (JPDP)

Galeria PJH, Level 8
Presint 4, Persiaran Perdana
Federal Government Administrative Centre
62100 Putrajaya, Malaysia

Phone: 03-8861 4200

Email: comms@pdp.gov.my


Last Updated: 15 May 2025

About PPDP

Level 8, Galeria PjH, Jalan P4W, Persiaran Perdana,
Precinct 4, Federal Government Administration Center
62100 Putrajaya, Malaysia.

This page is best viewed using the Google Chrome web browser

Best Display at high resolution 1920×1080

Introduction

Whats is PPDP?

Commissioner PDP

Directory

Registration

Personal Data Protection System

Copyright 2024 © Personal Data Protection Commissioner

Security Policy      PDP Notice      Disclaimer

Accessibility by WAH