PDPA Compliance

Personal Data Protection Act 2010 (Malaysia)

Our Commitment to PDPA Compliance

DEVR TECH ENTERPRISE (SSM: KT0522294-P), operating JomCoach, is committed to protecting your personal data in accordance with the Personal Data Protection Act 2010 (PDPA) of Malaysia. We take our responsibilities under PDPA seriously and have implemented comprehensive measures to ensure compliance.

What is PDPA?

The Personal Data Protection Act 2010 (PDPA) is Malaysia's primary data protection law that regulates the processing of personal data in commercial transactions. The PDPA aims to:

  • Protect the privacy of individuals' personal data
  • Regulate the collection, holding, processing, and use of personal data
  • Provide individuals with rights over their personal data
  • Establish obligations for organizations handling personal data

The 7 PDPA Principles

JomCoach adheres to the seven principles outlined in the PDPA:

1. General Principle

Personal data shall not be processed unless the individual has given consent or processing is necessary for a lawful purpose. We obtain your explicit consent before collecting and processing your personal data.

2. Notice and Choice Principle

You have the right to be informed about the collection and processing of your personal data. We provide clear notices about how we collect, use, and disclose your data, and you have the choice to provide or withhold consent.

3. Disclosure Principle

We will not disclose your personal data without your consent unless required by law. We clearly inform you about any third parties with whom we may share your data.

4. Security Principle

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, modification, or disclosure.

5. Retention Principle

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. When no longer needed, we securely delete or anonymize your data.

6. Data Integrity Principle

We take reasonable steps to ensure that your personal data is accurate, complete, up-to-date, and relevant to the purposes for which it is collected and used.

7. Access Principle

You have the right to access and correct your personal data held by us. We provide mechanisms for you to review and update your information.

Your Rights Under PDPA

As a data subject under PDPA, you have the following rights:

1

Right to be Informed

You have the right to know how your personal data is being processed and for what purposes.

2

Right to Access

You can request a copy of the personal data we hold about you.

3

Right to Correction

You can request that we correct any inaccurate or incomplete personal data.

4

Right to Withdraw Consent

You can withdraw your consent for us to process your personal data at any time.

5

Right to Data Portability

You can request to receive your personal data in a structured, commonly used format.

6

Right to Prevent Processing

You can request to limit how we use your personal data.

7

Right to Complain

You have the right to lodge a complaint with the Personal Data Protection Commissioner if you believe your rights have been violated.

How JomCoach Complies with PDPA

Data Collection

We collect personal data only when necessary for our services and with your consent. We clearly inform you about what data we collect and why.

Data Security

We implement industry-standard security measures including encryption, secure servers, access controls, and regular security audits to protect your data.

Data Processing

We process your personal data only for the purposes stated in our Privacy Policy and with your consent. We do not use your data for purposes incompatible with those disclosed.

Third-Party Sharing

We only share your personal data with third parties when necessary for service provision and only with your consent or as required by law. All third parties are contractually bound to protect your data.

Data Retention

We have established retention schedules and securely delete or anonymize personal data when it is no longer needed.

User Access and Control

We provide you with tools to access, update, and manage your personal data through your account settings.

Data Breach Response

In the unlikely event of a data breach that may pose a risk to your rights and freedoms, we will:

  • Notify the Personal Data Protection Commissioner within 72 hours
  • Inform affected individuals without undue delay
  • Take immediate steps to contain and remedy the breach
  • Implement additional measures to prevent future breaches
  • Document the breach and our response actions

How to Exercise Your Rights

To exercise any of your rights under PDPA or if you have questions about our data practices, please contact us:

Data Protection Officer

DEVR TECH ENTERPRISE

SSM: KT0522294-P

Email: support@jomcoach.com

Phone: +6010 3435 452

We will respond to your requests within 21 days as required by PDPA.

Lodge a Complaint

If you believe we have not handled your personal data in compliance with PDPA, you may lodge a complaint with:

Personal Data Protection Department

Ministry of Communications and Digital

Level 5, Menara MCMC, Off Persiaran Multimedia,

63000 Cyberjaya, Selangor

Email: pdpa@communications.gov.my

Website: www.pdp.gov.my

Updates to This Statement

We may update this PDPA Compliance statement from time to time to reflect changes in our practices or legal requirements. The current version will always be available on our website with the date of last update.