The Personal Data Protection Act 2010 has come into force in Malaysia. These slides explain the governing principles in order for you to have an overview whether your company is ready to comply.
Personal Data Protection Act - Employee Data PrivacylegalPadmin
Speech by Pn Adlin Abdul Majid, Advocate & Solicitor from Lee Hishamuddin, given in Labour Law Seminar held by Legal Plus Sdn. Bhd (www.legalplus.com.my) on Apr 9, 2015
The Personal Data Protection Act 2010 has come into force in Malaysia. These slides explain the governing principles in order for you to have an overview whether your company is ready to comply.
Personal Data Protection Act - Employee Data PrivacylegalPadmin
Speech by Pn Adlin Abdul Majid, Advocate & Solicitor from Lee Hishamuddin, given in Labour Law Seminar held by Legal Plus Sdn. Bhd (www.legalplus.com.my) on Apr 9, 2015
Applying the Personal Data Protection Act (Singapore)Benjamin Ang
Presented at a workshop for the Internet Society Singapore Chapter in May 2013. Visit techmusicartandlaw.blogspot.com to contact the author, or www.isoc.sg to find out more about the Internet Society in Singapore
MWLUG - 2017
Tim Clark & Stephanie Heit
Tim & Steph explain the basics of GDPR and give some recommendations about what you can do to be ready.
Data sources are in the final slides.
For more information about how BCC can help you get your Domino data ready for GDPR please contact us here.
http://bcchub.com/bcc-domino-protect/
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
An In House Counsel and Privacy Practitioners update on the changed regulatory landscape.
The Privacy and Data Protection Act 2014 received Royal Assent on 2 September 2014.
The new legislation replaces the Information Privacy Act 2000, and the Commissioner for Law Enforcement Data Security Act 2005, with a unified scheme governing the handling of personal information and data by Victorian Public sector agencies.
Norfolk Chamber delivered a morning conference based around the European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. Delegates heared from a variety of GDPR expert speakers from legal, marketing, IT and Data Protection perspectives.
How GDPR works : companies will be expected to be
fully compliant from 25 May 2018. The regulation
is intended to establish one single set of data
protection rules across Europe
Applying the Personal Data Protection Act (Singapore)Benjamin Ang
Presented at a workshop for the Internet Society Singapore Chapter in May 2013. Visit techmusicartandlaw.blogspot.com to contact the author, or www.isoc.sg to find out more about the Internet Society in Singapore
MWLUG - 2017
Tim Clark & Stephanie Heit
Tim & Steph explain the basics of GDPR and give some recommendations about what you can do to be ready.
Data sources are in the final slides.
For more information about how BCC can help you get your Domino data ready for GDPR please contact us here.
http://bcchub.com/bcc-domino-protect/
GDPR is coming for you whether you’re ready or not. Companies must show compliance by May 25, 2018. Take a look at the presentation to learn more about the new law that is going to change the way data is handled across the world. Read about the how it affects you and the steps you can take to make sure you’re GDPR ready!
About Extentia Information Technology:
Extentia is a global technology and services firm that helps clients transform and realize their digital strategies. With a focus on enterprise mobility, cloud computing, and user experiences, Extentia strives to accomplish and surpass your business goals. Our team is differentiated by an emphasis on excellent design skills that we bring to every project. Extentia’s work environment and culture inspire team members to be innovative and creative, and to provide clients with an exceptional partnership experience.
www.extentia.com
An In House Counsel and Privacy Practitioners update on the changed regulatory landscape.
The Privacy and Data Protection Act 2014 received Royal Assent on 2 September 2014.
The new legislation replaces the Information Privacy Act 2000, and the Commissioner for Law Enforcement Data Security Act 2005, with a unified scheme governing the handling of personal information and data by Victorian Public sector agencies.
Norfolk Chamber delivered a morning conference based around the European General Data Protection Regulation (GDPR), which will come into force on May 25 2018. Delegates heared from a variety of GDPR expert speakers from legal, marketing, IT and Data Protection perspectives.
How GDPR works : companies will be expected to be
fully compliant from 25 May 2018. The regulation
is intended to establish one single set of data
protection rules across Europe
The Data Protection Bill has been passed into law this bill will change the way we are required to handle personally identifiable data of all Jamaican citizens.
Symptai Consulting Ltd. is the only certified training partners of the IAPP - International Association of Privacy Professionals in the English speaking Caribbean. Our team of trained professionals can meet all your privacy needs and help you transition to a state of compliance.
5) How charities can protect themselves against data reform - ‘Emerging Digit...Code Computerlove
Steve specialises in compliance for digital marketers, is a member of the DMA Email Council, has authored the DMA email marketing deliverability best practice guide and was recently recognised by Litmus as an email marketing thought leader in the area of deliverability and privacy.
In his Now and Next presentation, Steve will be talking about the EU and UK data protection reforms and what these changes mean now and in the near future for digital marketing within charities.
SMS and GDPR - what you need to know to be compliantEsendex
These slides accompanied a webinar hosted on 11th April, 2018, in which the question of 'can I continue to text my customers after GDPR becomes effective' was answered. We cover off the lawful bases for communicating with customers, prospects and ex-customers; privacy policy changes; data controllers and data processors, and your responsibilities as one or the other of these. We then explore the path Esendex is taking to GDPR-compliance, effectively using ourselves as the case study for this presentation.
On 12 March 2014, Australia’s privacy laws were significantly amended. The amendments go further than merely requiring businesses to update their privacy policy, as the new laws mandate businesses to critically examine how they collect, use and disclose individuals’ personal information. Find out how these changes affect your business.
Personal Information Protection and Electronic Documents Act (PIPEDA) and Imp...Michael Sukachev
In this document, private information (PI) handling rules for software systems are based on the PIPEDA principles and guide analysis.
It's recommended to include these rules as high-level requirements to any framework that implements privacy-by-design principals in Canada.
The Personal Information Protection and Electronic Documents Act (PIPEDA) is the federal privacy law for private-sector organizations in Canada. It sets out the ground rules for how businesses must handle personal information in the course of commercial activity.
What does GDPR actually mean to you as a business, what are the rights of individuals and how do you have to apply them, around Subject Access Request, Right to Erasure / be Forgotten, Consent and Opt In and Out and Personally Identifiable Information and Personal Data
Next Dimension and Siskinds PIPEDA Legislation Updates as of November 1 2018Next Dimension Inc.
Siskinds, a leading Law Firm in Ontario, presented updates on PIPEDA legislation including what you need to know, and what you need to do in order to ensure your company is compliant.
Slides utilisés par Nathalie Ragheno, premier conseiller à la FEB, lors de sa conférence à la tribune du Forum financier du Brabant wallon, le 14 décembre 2017
Responsibilities of the office bearers while registering multi-state cooperat...Finlaw Consultancy Pvt Ltd
Introduction-
The process of register multi-state cooperative society in India is governed by the Multi-State Co-operative Societies Act, 2002. This process requires the office bearers to undertake several crucial responsibilities to ensure compliance with legal and regulatory frameworks. The key office bearers typically include the President, Secretary, and Treasurer, along with other elected members of the managing committee. Their responsibilities encompass administrative, legal, and financial duties essential for the successful registration and operation of the society.
PRECEDENT AS A SOURCE OF LAW (SAIF JAVED).pptxOmGod1
Precedent, or stare decisis, is a cornerstone of common law systems where past judicial decisions guide future cases, ensuring consistency and predictability in the legal system. Binding precedents from higher courts must be followed by lower courts, while persuasive precedents may influence but are not obligatory. This principle promotes fairness and efficiency, allowing for the evolution of the law as higher courts can overrule outdated decisions. Despite criticisms of rigidity and complexity, precedent ensures similar cases are treated alike, balancing stability with flexibility in judicial decision-making.
ASHWINI KUMAR UPADHYAY v/s Union of India.pptxshweeta209
transfer of the P.I.L filed by lawyer Ashwini Kumar Upadhyay in Delhi High Court to Supreme Court.
on the issue of UNIFORM MARRIAGE AGE of men and women.
Introducing New Government Regulation on Toll Road.pdfAHRP Law Firm
For nearly two decades, Government Regulation Number 15 of 2005 on Toll Roads ("GR No. 15/2005") has served as the cornerstone of toll road legislation. However, with the emergence of various new developments and legal requirements, the Government has enacted Government Regulation Number 23 of 2024 on Toll Roads to replace GR No. 15/2005. This new regulation introduces several provisions impacting toll business entities and toll road users. Find out more out insights about this topic in our Legal Brief publication.
RIGHTS OF VICTIM EDITED PRESENTATION(SAIF JAVED).pptxOmGod1
Victims of crime have a range of rights designed to ensure their protection, support, and participation in the justice system. These rights include the right to be treated with dignity and respect, the right to be informed about the progress of their case, and the right to be heard during legal proceedings. Victims are entitled to protection from intimidation and harm, access to support services such as counseling and medical care, and the right to restitution from the offender. Additionally, many jurisdictions provide victims with the right to participate in parole hearings and the right to privacy to protect their personal information from public disclosure. These rights aim to acknowledge the impact of crime on victims and to provide them with the necessary resources and involvement in the judicial process.
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptxanvithaav
These slides helps the student of international law to understand what is the nature of international law? and how international law was originated and developed?.
The slides was well structured along with the highlighted points for better understanding .
A "File Trademark" is a legal term referring to the registration of a unique symbol, logo, or name used to identify and distinguish products or services. This process provides legal protection, granting exclusive rights to the trademark owner, and helps prevent unauthorized use by competitors.
Visit Now: https://www.tumblr.com/trademark-quick/751620857551634432/ensure-legal-protection-file-your-trademark-with?source=share
In 2020, the Ministry of Home Affairs established a committee led by Prof. (Dr.) Ranbir Singh, former Vice Chancellor of National Law University (NLU), Delhi. This committee was tasked with reviewing the three codes of criminal law. The primary objective of the committee was to propose comprehensive reforms to the country’s criminal laws in a manner that is both principled and effective.
The committee’s focus was on ensuring the safety and security of individuals, communities, and the nation as a whole. Throughout its deliberations, the committee aimed to uphold constitutional values such as justice, dignity, and the intrinsic value of each individual. Their goal was to recommend amendments to the criminal laws that align with these values and priorities.
Subsequently, in February, the committee successfully submitted its recommendations regarding amendments to the criminal law. These recommendations are intended to serve as a foundation for enhancing the current legal framework, promoting safety and security, and upholding the constitutional principles of justice, dignity, and the inherent worth of every individual.
3. • What is personal data
• General guidelines for the collection of personal
data
• Your responsibilities with respect to the protection
and management of personal data
• Which major legislation and policies directly relate
to privacy and personal data
WHAT YOU WILL LEARN:
4. Loss of personal data leaves customers and
employees at risk of fraud and personal
identity theft
WHAT YOU WILL LEARN:
Identity Thief -The Scam.mp4
6. To demonstrate the data you are routinely sharing, walk through these next steps. If you are an iPhone user, here's how
you can easily see if you are vulnerable to a data hack:
1.Go to Settings.
2.Tap Privacy.
3.Tap Location Services (If Off, you have nothing to worry about).
4.Scroll down and tap on Systems Services.
5.Scroll down to Frequent Locations (if Off, your privacy is intact).
6.If ON, tap on Frequent Locations.
7.Tap on any of the History details.
Up will pop the last six weeks of your whereabouts, including frequency, time of day and amount of time spent at each
location! Of course, this is not limited to iPhone users.
THE SCARIER FACT IS THAT YOU MIGHT SHARED THE
INFORMATION WITH HACKERS FOR NEFARIOUS
PURPOSE
GOOD NEWS TO POKEMON FANS
10. 3TYPES OF DATA
Data SubjectData Subject
Individual who is subject of personal data
Written / Oral
Data UserData User
Person who processes personal data OR has control over
OR authorises processing of personal data
Data ProcessorData Processor
Person (other than data user’s employee) who processes
personal data solely on behalf of data user
12. PERSONAL DATA
• Home address
• Home telephone
number
• Age, date of birth,
gender
• Blood type
• Ethnicity, nation of
origin, colour of skin
• Religious beliefs
• Health care/medical
history
• Marital status
• Identifying numbers (NRIC)
• Credit card numbers
• Criminal records, fingerprints
• Curriculum vitae
• Educational history
• Financial history
• Employment information
• Exact salary
13. SENSITIVE DATA
Any personal data consisting:
• the physical or mental health of a data subject
• his political opinions
• his religious beliefs
• the commission by him of any offence; or
• any other personal data determined by the
Minister
Note : can only be processed under specific circumstances set out in
PDPA (including explicit consent by data subject)
15. COMMERCIAL DATA
• Any transaction of a commercial nature include matters
relating to:
• Supply or exchange of goods or services
• Agency
• Investments
• Financing
• Banking &
• Insurance
Note: Does not include a credit reporting business (CTOS/CCRIS)
18. EXEMPTIONS TO CONSENT
No Exemption Example
1 Performance of a contract to which
the data subject is a party
Employment contracts
2 the taking of steps at the request of
the data subject with a view to
entering into a contract
Before the sale & purchase of a
house or Hire and Purchase of a car.
3 Compliance with any legal obligation Organisation is under a duty
pursuant to eg. SOCSO/EPF/LHDN,
to provide data of its employees to
authorities
4 Protect the vital interests of the data
subject
Person that is unconscious & needs
medical treatment to save his life
5 Administration of justice Enforcement of a court order
6 Exercise of any functions conferred
on any person by or under any law
If an organisation is tasked to
perform a service by a law eg Police
19. DISCLOSURE IS VERY IMPORTANT
It is vital that the following is disclosed to the owners of
the personal DATA:
• Why this personal DATA is being collected
• How this DATA may be used and if the DATA is
shared, with whom; and
• How and for how long this DATA will be held and
then disposed of
20. Responsibility
MyCEB employees have a duty to
protect and manage personal data
about individuals.
Responsibility
MyCEB employees have a duty to
protect and manage personal data
about individuals.
21. 7 PRINCIPLES OF DATA PROTECTION
Written / Oral
* Disclosure
Principle
*Access
Principle
* Notice &
Choice
Principle
• Data user shall provide a written notice
to the data subject. To include:
• That personal data of the data subject
is being processed by or on behalf of
the data user
• Description of the personal data
• Purpose it is collected & further
processed
• Class of 3rd
parties to whom data user
discloses / may disclose the personal
data
• Whether it is obligatory for the data
subject to provide the personal data
• Must be given as soon as practicable
• In Bahasa & English
22. CHANNELS OF SERVING NOTICE
• Application
forms
• Terms &
conditions
• RFQs / RFPs
• Agreements
• Letters of
employment
• Salary slips
• E-mails
23. PRINCIPLES OF DATA PROTECTION
Written / Oral
* Disclosure
Principle
*Access Principle
* Notice &
Choice
Principle
Personal data shall not without the consent
of the data subject, be disclosed:
•For any purpose other than the purpose
disclosed at the time of collection or related
purpose; or
•To any party other than 3rd
parties of the
class in notice
24. PRINCIPLES OF DATA PROTECTION
Written / Oral
* Disclosure
Principle
*Access Principle
* Notice &
Choice
Principle
• The personal data processed for any purpose shall not be kept
longer than is necessary for the fulfillment of that purpose
• No time limit but if it is not required for its initial purpose, it must
be destroyed
25. PRINCIPLES OF DATA PROTECTION
Written / Oral
* Disclosure
Principle
*Access Principle
* Notice &
Choice
Principle
A data user shall take reasonable steps to ensure that the personal
data is accurate, complete, not misleading & kept up-to-date by having
regard to the purpose, including any directly related purpose, for
which the personal data was collected & further processed
26. PRINCIPLES OF DATA PROTECTION
Written / Oral
* Disclosure
Principle
*Access
Principle
* Notice &
Choice
Principle
• A data subject shall be given access to his personal data held by a
data user
• Able to correct that personal data where the personal data is
inaccurate, incomplete, misleading or not up-to-date
• EXCEPT where compliance with a request to such access or
correction is refused under PDPA
30. Written / Oral
Offence Liability
Contravention of the personal data protection
principles
RM300,000 or imprisonment
of 2 years or both
Failure to register as data user for specified
class of data users
RM500,000 or imprisonment
of 3 years or both
Data users continue to process personal data
after the registration is revoked
RM500,000 or imprisonment
of 3 years or both
Processing of sensitive personal data in
contravention with s40
RM200,000 or imprisonment
of 2 years or both
Failure to comply with the Commissioner's
requirements to cease processing of personal
data likely to cause damage or distress
RM200,000 or imprisonment
of 2 years or both
Unlawful collection or disclosure of personal
data: RM500,000 or imprisonment 3 years or to
both
RM500,000 or imprisonment
of 3 years or both
Transfer of personal data overseas RM300,000 or imprisonment
of 2 years or both
UNDER PDPA 2010 (Act 709)UNDER PDPA 2010 (Act 709)
33. PRIVACY IMPACT ASSESSMENT
LOOK OUT FOR:
Description of personal data
How personal data is collected
Was consent sought? How?
Purpose of processing
How personal data is kept – security?
Procedures to ensure accuracy? Access?
Retention period? Is personal data destroyed?
Disclosure / transfer
34. GUIDELINES:
COLLECTION OF PERSONAL DATA
• Any collection of personal data shall be done in
consultation with legal and corporate service unit.
• No personal data shall be collected unless it relates
directly to an operating program or activity of MyCEB.
35. HR : PDPA POLICY
MALAYSIA CONVENTION & EXHIBITION BUREAU
PERSONAL DATA PROTECTION
Privacy Policy
1. Collection of Personal Data
This Personal Data Protection Notice is issued to all our valued customers/prospective
customers, pursuant to the requirements of the Personal Data Protection Act 2010.
We treat and view your personal data seriously.
In the course of your dealings with Malaysia Convention & Exhibition Bureau (“MyCEB”), as our
valued customer / prospective customer, we will request that you provide data and information
about yourself (“Personal Data”) to enable us to enter into transaction with you or to deliver the
necessary notices, services and/or products.
2. Nature of Personal Data
Such Personal Data may be subject to applicable data protection, privacy and other similar laws
and may include information concerning name, age, identity card number, passport number,
address, gender, date of birth, marital status, occupation, contact information, email address,
race, ethnic origin and nationality.
3. Impact from failure to supply Personal Data
The failure to supply such Personal Data will result in us being unable to :
a. provide you with the notices, services and/or products requested;
b. update you on our latest products, services and promotions.
4. Purpose of Collecting Personal Data
The Personal Data is collected, used and otherwise processed by us for, amongst others, the
following purposes:
a. delivering notices, services, products, updates materials to you;
b. maintaining and improving customer relationship;
c. maintaining and updating internal record keeping; and
d. meeting any legal or regulatory requirements and making disclosure under the
requirements of any applicable law, regulation, direction, court order, by-law,
guideline, circular, code applicable to PSMB
5. Disclosure
The Personal Data provided to us will generally be kept confidential but you hereby consent
and authorize us to provide or disclose your Personal Data to the following categories:-
a. any person to whom we are compelled or required to do so under law ;
b. statutory authorities, government agencies and industry regulators;
c. our consultants, accountants, auditors, lawyers or other financial or professional advisers;
and
d. our service providers for purposes of establishing and maintaining a common database
where we have a legitimate common interest;
6. Safeguards
We shall keep and process your data in a secure manner. We endeavour, where practicable,
to implement the appropriate administrative and security safeguards and procedures in
accordance with the applicable laws and regulations to prevent the unauthorized or unlawful
processing of the Personal Data and the accidental loss or destruction of, or damage to, the
Personal Data.
7. Rights of Access and Correction
You have the right to request for access to and correction of your information held by us and
in this respect, you may:
a. Check whether we hold or use your Personal Data and request access to such data;
b. Request that we correct any of your Personal Data that is inaccurate, incomplete or out-
of-date;
c. Request that your Personal Data is retained by us only as long as necessary for the
fulfilment of the purposes for which it was collected;
d. Request that we specify or explain our policies and procedures in relation to data and
types of Personal Data handled by us;
e. Communicate to us your objection to the use of your Personal Data for marketing
purposes whereupon we will not use your Personal Data for these purposes; and
f. Withdraw, in full or in part, your consent given previously, in each case subject to any
applicable legal restrictions, contractual conditions and a reasonable time period.
36. IN SUMMARY:
• Personal data is information about an individual that is
recorded in any form.
• We must establish a process for the storage and
management of personal data that both enables access
to and protection of the information.
• You must ensure that personal data is correct and you
should practice “just in time” collection of personal
information.
37. CONGRATULATIONS!
You have just completed Privacy and Personal data
(Part 1) under MyCEB Personal Data Protection
2010
THANK YOU
