Dear Valued ADAPTIS Merchants,
Protecting customer information and maintaining trust are extremely important to us. As part of our ongoing commitment to data protection and regulatory compliance, we would like to remind all merchants of their responsibilities under Malaysia’s Personal Data Protection Act 2010 (“PDPA”).
What is considered personal data?
Personal data refers to any information that can identify an individual within a commercial context, either directly or indirectly. Examples include:
Key PDPA Responsibilities for Merchants
When collecting, storing, or using customers’ personal data, merchants are expected to follow the PDPA’s core principles, including:
Customers’ Right to Withdraw Consent
Customers also have the right to withdraw their consent for the processing of their personal data at any time in writing. Upon receiving such a request, merchants are required to cease processing the customers’ personal data unless otherwise permitted under the law.
Data Breach Notification Requirements
In the event of a personal data breach, merchants are required to:
Why This Matters
Non-compliance with the PDPA may result in significant penalties, including a substantial
fine of up to RM1,000,000 (one million ringgit),
imprisonment or both. More importantly, strong data protection practices help safeguard
your customers’ trust and confidence in your business.
We appreciate your continued cooperation and commitment to maintaining responsible data protection practices.
Thank you.