$show=/search/label/marketing

Digital Marketing Agency - Silver Mouse

$show=/search/label/google

Digital Marketing Agency - Silver Mouse

$show=/search/label/facebook

Digital Marketing Agency - Silver Mouse

$show=/search/label/instagram

Digital Marketing Agency - Silver Mouse

$show=/search/label/line

Digital Marketing Agency - Silver Mouse

$show=/search/label/email

Digital Marketing Agency - Silver Mouse

$show=/search/label/conversion

Digital Marketing Agency - Silver Mouse

Understanding PDPA compliance for e-commerce business in 5 minutes

Personal Data Protection Act 2010 ("PDPA") was enforced in 15 November 2013. Three (3) months grace period (due date: 15 February 2014) are given for all affected parties to comply with PDPA. PDPA regulates any processing of personal data in respect of commercial transaction, including e-commerce.

Personal Data Protection Act

Personal Data Protection Act 2010 ("PDPA") was enforced in 15 November 2013. Three (3) months grace period (due date: 15 February 2014) are given for all affected parties to comply with PDPA. PDPA regulates any processing of personal data in respect of commercial transaction, including e-commerce. Question: How do the e-commerce players comply with PDPA? In this article, we will share some tips…


CONSENT


Rule No.1 is no one shall use any individual's personal data without consent. For processing personal data, e.g. name, telephone contact, email address, or lifestyle preferences you collected from your customers, you need to obtain their consent, either express or implied.

The typical manner to obtain the customer's consent in e-commerce world is allowing the customer to tick the box "I hereby agree to the use of my personal data…." ("PDPA Clause"). You may sell your products or services in an existing marketplace or via your own e-store. If you are selling via existing marketplace, you shall ensure the terms and conditions set by the marketplace operator consists of such similar PDPA Clause.


NOTICE


Your PDPA Notice may be published online. Just insert the link (to the PDPA Notice) in the PDPA Clause. However, make sure the PDPA Notice is complied with all the statutory elements. It is a good practise to issue a fresh PDPA notice instead of incorporating the PDPA Notice into the current privacy policy. Check out this sample of PDPA notice.


DISCLOSURE


Is there any third party you may disclose your customer's or employees' personal data to? Search Engine Optimization (SEO) officer? Marketplace operator? Logistic company? Outsourced database company? If yes, you need to inform your customers on the list of third parties via your PDPA notice and ensure these third parties are equipped with reasonable security features to secure the processing of personal data. Note that if you are disclosing to the third parties outside Malaysia, make sure you state clearly in your PDPA notice!

Read also: New regulations for e-commerce business: Are you ready, or risking huge fines?


SECURITY


Under the regulation of PDPA, you need to maintain a security policy in respect of collecting, using, transferring and destroying personal data. There are two (2) aspects you need to consider, i.e. technical and organizational features. As the standards of security is not stated in PDPA or its regulations, it is advisable to consider the security measures required for your company taking into consideration of the nature of personal data, size of database, operation costs, transfer of personal data locally and cross-border, and risk profile of your company. Make sure all your staffs shall comply with the security policy!


RETENTION


You may keep the personal data so long as you are using it for the purpose stated in your PDPA Notice. In other words, you shall remove the personal data from your database and destroy permanently if you are no longer using the personal data.


ACCESS & DATA INTEGRITY


You shall provide access to your customers for them to access their own personal data in your database. You shall ensure all personal data collected in your database is accurate, complete, not misleading and up-to-date.

If you are e-store owner, you may have an online access and correction system or mechanism for them to access and update their own personal data, e,g: an online Personal Data access and correction form for them to fill up and submit to you. Note you shall reply to the access and/or correction request within 21 days from the date of receipt of access and/or correction request. 


Lastly, on E-MARKETING…


When you are sending Electronic Direct Mail (eDM) or other marketing and promotional emails to all your customers in one email, you shall ensure the email addresses of other customers are not disclosed, e.g. <undisclosed recipients> and always ensure there is a mean for the customers to opt out from the email thread. Do not send them any more emails after they have unsubscribed from your marketing email threads otherwise you may be liable to a fine of RM200,000 max or jail of 2 years max or both.

Compliance to PDPA may cut down your revenue but in a long run, it boosts the customer's confidence in dealing with you as a reliable merchant. If you have any questions on PDPA, do not hesitate to contact us at consult@churassociates.com.

This article is written by Chris Tan, Managing Partner of Chur Associates.

COMMENTS

 
Name

#mycybersale,8,11street,4,99speedmart,1,adidas,1,advertising,12,adwords,1,adyen,1,aegis,1,aeon,3,aeonbig,1,airasia,2,alibaba,4,alldealsleak,1,allstars,1,althea,2,amazon,7,analytics,1,anniversary,3,announcement,1,apple,1,applecrumbyandfish,1,asos,1,astro,2,atoz,2,autoparts,1,avenue86,1,baby,1,babydash,1,babyland,1,banner,2,beauty,2,bellaammara,2,bellroy,1,big,1,bitcoin,1,blibli,1,blogshop,2,blooming,1,book,3,bookcafe,2,buysilvermalaysia,3,caring,2,casestudy,1,cashback,2,cdn,1,cdnnetworks,1,chatime,1,china,4,christyng,4,churassociates,1,cimb,1,cod,3,comparison,3,content,3,conversion,16,counterfeit,1,coupon,2,creative,2,creditcard,5,criteo,1,crm,2,crossborder,7,customization,1,cybersale,9,dasher,2,dsyr,1,easybook,1,ebay,7,ecommerce,151,email,5,ensogo,1,etrade,1,expedia,1,f&b,1,fabulousmum,1,facebook,10,fake,1,fashion,8,fashionvalet,2,fedex,1,financial,2,financing,1,fireflyz,1,fraud,1,fulfillment,8,g3partners,1,gameon,2,gemfive,1,getresponse,2,gmail,1,go-jek,1,goodplace,1,google,8,grocery,2,groupon,8,gshome,1,gst,2,guest,20,guidelines,4,gundam,1,hermo,7,highlights,54,hiring,2,hishop,1,honor,1,howto,14,huawei,3,idea,3,ikea,2,ilovehome,1,imoney,1,indonesia,2,infographic,11,inpost,1,instagram,5,interview,16,inventory,2,ipay88,2,ipmart,1,isis,2,janhungtze,4,job,1,kakaotalk,2,kfc,1,kiasu,1,korea,2,kuihraya,1,lativ,1,lazada,15,lelong,9,line,11,line@,2,linepay,1,littlewhiz,2,livingsocial,3,locker,1,logistics,13,longtail,1,lowyat,1,luvclo,1,luxury,1,mailchimp,1,malaysia,107,malaysiaairlines,2,malindoair,1,marketing,72,marketplace,36,mastercard,2,maswings,1,mataharimall,1,matecs,1,matrade,2,maxaudio,2,maxis,1,maybank,3,mayuki,1,mcdonalds,1,mcommerce,6,mdec,9,measurement,3,merchant,76,messaging,3,milestones,3,milkadeal,2,mobile,30,molpay,1,mrca,1,mrdiy,1,mudah,1,multichannel,10,mybbstore,1,myths,1,nanyang,1,netflix,1,nile,1,omnichannel,9,onebabyworld,1,ookas,1,optimonk,1,oshbaby,1,payment,17,paypal,6,pchome,4,pdpa,2,pharmacy,2,photobook,1,pizzahut,1,poplook,1,popular,1,prado,2,printcious,1,privatelabel,2,product,10,pts,3,qoo10,6,qqbabyshop,1,qrcode,1,rakuten,11,reebonz,1,regulation,10,retailer,15,retargeting,1,return,1,review,5,ringgitplus,1,roadmap,1,rwgenting,1,saas,1,salary,1,sallyfashion,1,samsung,2,sea,31,search,5,searchguru,1,segmentation,2,seo,5,shopback,1,shopee,1,shoppu,1,simplicity,1,sinchew,1,singapore,4,slideshare,3,sme,3,smebank,1,sony,1,soukai,1,speed,1,sponsored,5,startup,20,store4online,1,sugarscarf,2,sumitomo,1,taiwan,9,taobao,3,technical,1,tesco,4,thailand,4,thestar,1,tmall,2,tokopedia,1,toysrus,2,tradegecko,2,tradeworks,1,travel,4,tripadvisor,1,trust,1,tunehotels,1,tvshopping,1,twenty3,2,ubs,1,unctad,1,uniqlo,1,ux,2,vietnam,1,visa,2,vmall,1,voucher,1,warehouse,3,waze,1,wearable,1,website,1,writehanded,1,xiaomi,3,zalora,10,zolace,1,
ltr
item
ecInsider: Understanding PDPA compliance for e-commerce business in 5 minutes
Understanding PDPA compliance for e-commerce business in 5 minutes
Personal Data Protection Act 2010 ("PDPA") was enforced in 15 November 2013. Three (3) months grace period (due date: 15 February 2014) are given for all affected parties to comply with PDPA. PDPA regulates any processing of personal data in respect of commercial transaction, including e-commerce.
https://2.bp.blogspot.com/-p4MBcu3tboA/U8FFxFeMm8I/AAAAAAAAJEM/G9fc8JdRS4g/s1600/personal_data_protection_act.jpg
https://2.bp.blogspot.com/-p4MBcu3tboA/U8FFxFeMm8I/AAAAAAAAJEM/G9fc8JdRS4g/s72-c/personal_data_protection_act.jpg
ecInsider
http://www.ecinsider.my/2014/07/pdpa-compliance-for-ecommerce-business.html
http://www.ecinsider.my/
http://www.ecinsider.my/
http://www.ecinsider.my/2014/07/pdpa-compliance-for-ecommerce-business.html
true
1611279399327275814
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS CONTENT IS PREMIUM Please share to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy