Privacy and Data Protection

The Privacy and Data Protection practice has been advising both local and multinational organisations since the implementation of the Personal Data Protection Act 2010 in Malaysia in 2013.
We are involved in all aspects regulatory compliance pertaining to data protection, spanning from developing specified compliance programmes for our clients, preparing and drafting all required documentation such as data protection notices, privacy policies, consent forms and data processing agreements to developing internal data security and retention policies hand in hand with our clients. For our multinational clients, we are well versed in conducting reviews of global data protection documents, taking cognizance of the fact that these are global documents used across various jurisdictions with different regimes.
Our team takes pride in understanding each and every of our clients’ data flow and processes in order to provide practical and user-friendly advice that may be used throughout the organisation.  Our advice covers all aspects of personal data processing from customer data to employee data and vendor data.
The lawyers who form our Privacy and Data Protection practice are seasoned presenters who speak at global data protection conferences and they are regularly engaged by clients to carry out internal awareness programmes and ongoing training workshops.
As data breach incidents are increasingly on the rise, our team has been engaged as ‘first responders’ and we work together closely with our clients in terms strategic management of such incidents, including guiding clients through data breach reporting requirements and supporting our clients in order to achieve the best possible outcome in such challenging circumstances. In this respect we have acted for clients from highly regulated industries including those in the banking and insurance sectors.