In an era where personal information is constantly exchanged and privacy concerns are escalating, businesses must prioritise data protection to address privacy concern. One effective way to demonstrate this commitment is through a well-written privacy notice. According to the Personal Data Protection Act 2010 (“PDPA”), all businesses, regardless of type and size, that process personal data in commercial transactions are required to prepare a privacy notice.
Understanding the Privacy Notice:
A privacy notice, also referred to as a privacy policy or personal data protection notice, is a document that explains how businesses collect, use, and process customers’ personal data. It covers important details such as the types of data collected, purposes of data processing, retention periods, rights of individuals, and contact information for inquiries or complaints. Non-compliance with the PDPA can lead to severe consequences for businesses, including fines up to RM300,000 and imprisonment not exceeding 2 years or both.
Tips For an Effective Privacy Notice:
To create a reader-friendly privacy notice, businesses can consider the following tips:
- communicate in a way that is easily understandable and avoid using long sentence. The notice should be prepared in both English and Bahasa Malaysia languages.
- clearly explain the types of personal data you collect, how it will be used, and any third parties with whom it may be shared.
- assure your customers that you have implemented security measures to protect their personal data.
- inform your customers about their rights and choices regarding their personal information, including how to opt out of marketing communications or correct their personal data.
Practical Examples of Privacy Notice Implementation:
Implementing a privacy notice is more than just ticking a box; it’s about effectively communicating your data protection practices to your customers. Here are some practical examples of how businesses can display privacy notices:
- Website Privacy Notice: place a prominently visible privacy notice on your website’s homepage or include a link in the footer for customers to access the full privacy notice.
- Mobile Applications: present users with a privacy notice during the app installation process or within the app itself. Ensure it is easily accessible in the settings, allowing users to review it at their convenience.
- Email Communications: include a link to your privacy notice in the email footer if you collect personal information through email sign-ups or subscription forms.
Resource for Businesses:
The Personal Data Protection Department of Malaysia issues a guideline on preparing a privacy notice along with a sample privacy notice. This resource serves as valuable reference for businesses. By following the guideline, businesses can ensure their privacy notices align with best practices and comply with legal requirements. (You can access the resource at:
https://www.pdp.gov.my/jpdpv2/assets/2022/01/Panduan-Penyediaan-Notis-PDP-2022-compressed.pdf).
A well-crafted and customised privacy notice not only fulfills legal obligations but also sends a strong message to customers that their privacy is your top priority. This fosters trust and loyalty in business-customer relationships, and ultimately building customer confidence.
*****
About the author:
This article was written by Wong Shen Ming, Corporate Associate – law firm in Kuala Lumpur, Malaysia.
The view expressed in this article is intended to provide a general guide to the subject matter and does not constitute professional legal advice. You are advised to seek proper legal advice for your specific situation.
Shen Ming is a corporate and commercial lawyer who is deeply committed to supporting her clients in achieving their business goals. Specialising in commercial and employment law, she demonstrates her expertise by crafting and reviewing various types of commercial agreements.
View her full profile here.