Data Protection Compliance
PDPA 2010 (Malaysia) & PDPA 2012 (Singapore)
Our Commitment to Data Protection
JomCoach is committed to protecting your personal data in accordance with applicable data protection laws. We operate in:
- Malaysia: DEVR TECH ENTERPRISE (SSM: 202203125824) - compliant with PDPA 2010
- Singapore: DEVR TECH (UEN: 53505958B) - compliant with PDPA 2012
We take our responsibilities under both jurisdictions' data protection laws seriously and have implemented comprehensive measures to ensure compliance.
What is PDPA?
π²πΎ Malaysia - PDPA 2010
The Personal Data Protection Act 2010 is Malaysia's primary data protection law that regulates the processing of personal data in commercial transactions.
πΈπ¬ Singapore - PDPA 2012
The Personal Data Protection Act 2012 is Singapore's data protection law that governs the collection, use, disclosure and care of personal data by organizations.
Both laws aim to:
- Protect the privacy of individuals' personal data
- Regulate the collection, holding, processing, and use of personal data
- Provide individuals with rights over their personal data
- Establish obligations for organizations handling personal data
The 7 PDPA Principles
JomCoach adheres to the seven principles outlined in the PDPA:
1. General Principle
Personal data shall not be processed unless the individual has given consent or processing is necessary for a lawful purpose. We obtain your explicit consent before collecting and processing your personal data.
2. Notice and Choice Principle
You have the right to be informed about the collection and processing of your personal data. We provide clear notices about how we collect, use, and disclose your data, and you have the choice to provide or withhold consent.
3. Disclosure Principle
We will not disclose your personal data without your consent unless required by law. We clearly inform you about any third parties with whom we may share your data.
4. Security Principle
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, modification, or disclosure.
5. Retention Principle
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. When no longer needed, we securely delete or anonymize your data.
6. Data Integrity Principle
We take reasonable steps to ensure that your personal data is accurate, complete, up-to-date, and relevant to the purposes for which it is collected and used.
7. Access Principle
You have the right to access and correct your personal data held by us. We provide mechanisms for you to review and update your information.
Your Rights Under PDPA
As a data subject under PDPA, you have the following rights:
Right to be Informed
You have the right to know how your personal data is being processed and for what purposes.
Right to Access
You can request a copy of the personal data we hold about you.
Right to Correction
You can request that we correct any inaccurate or incomplete personal data.
Right to Withdraw Consent
You can withdraw your consent for us to process your personal data at any time.
Right to Data Portability
You can request to receive your personal data in a structured, commonly used format.
Right to Prevent Processing
You can request to limit how we use your personal data.
Right to Complain
You have the right to lodge a complaint with the Personal Data Protection Commissioner if you believe your rights have been violated.
How JomCoach Complies with PDPA
Data Collection
We collect personal data only when necessary for our services and with your consent. We clearly inform you about what data we collect and why.
Data Security
We implement industry-standard security measures including encryption, secure servers, access controls, and regular security audits to protect your data.
Data Processing
We process your personal data only for the purposes stated in our Privacy Policy and with your consent. We do not use your data for purposes incompatible with those disclosed.
Third-Party Sharing
We only share your personal data with third parties when necessary for service provision and only with your consent or as required by law. All third parties are contractually bound to protect your data.
Data Retention
We have established retention schedules and securely delete or anonymize personal data when it is no longer needed.
User Access and Control
We provide you with tools to access, update, and manage your personal data through your account settings.
Data Breach Response
In the unlikely event of a data breach that may pose a risk to your rights and freedoms, we will:
- Notify the Personal Data Protection Commissioner within 72 hours
- Inform affected individuals without undue delay
- Take immediate steps to contain and remedy the breach
- Implement additional measures to prevent future breaches
- Document the breach and our response actions
How to Exercise Your Rights
To exercise any of your rights under PDPA or if you have questions about our data practices, please contact us:
π²πΎ Malaysia
DEVR TECH ENTERPRISE
SSM: 202203125824
Email: support@jomcoach.com
Phone: +6010 3435 452
We will respond to your requests within 21 days (Malaysia) or 30 days (Singapore) as required by the respective PDPA.
Lodge a Complaint
If you believe we have not handled your personal data in compliance with PDPA, you may lodge a complaint with the relevant authority:
π²πΎ Malaysia
Personal Data Protection Department
Ministry of Communications and Digital
Level 5, Menara MCMC, Off Persiaran Multimedia,
63000 Cyberjaya, Selangor
Email: pdpa@communications.gov.my
Website: www.pdp.gov.my
πΈπ¬ Singapore
Personal Data Protection Commission
Infocomm Media Development Authority
10 Pasir Panjang Road,
#03-01 Mapletree Business City, Singapore 117438
Hotline: +65 6377 3131
Website: www.pdpc.gov.sg
Updates to This Statement
We may update this PDPA Compliance statement from time to time to reflect changes in our practices or legal requirements. The current version will always be available on our website with the date of last update.