PDPA Compliance

TargetCRM is committed to full compliance with regulations. As a CRM used by SMEs across Malaysia, we understand the critical importance of protecting personal and corporate data.

1. Key PDPA Principles

Notice & Choice

Users are informed about data collection and consent is obtained.

Disclosure

Data is shared only with authorized parties.

Security

Implemented technical and organizational measures to prevent unauthorized access.

Retention

Data is retained only as long as necessary for business operations.

Access & Correction

Users can access and correct their personal data.

Accuracy

Ensuring the data stored is accurate and complete.

Accountability

Xantec Solutions is responsible for data protection compliance.

2. Security Measures

Role-based access control ensures employees only access data relevant to their role
Encrypted storage and secure communication channels (SSL/TLS)
Continuous monitoring and regular security audits

3. Employee & Third-Party Compliance

All Xantec Solutions staff are trained in PDPA requirements to ensure your data is handled with the utmost care.

Third-Party Integrations: Software providers like AutoCount, Xero, and SMS gateways are contractually bound to strictly comply with PDPA regulations.

4. Data Breach Protocol

In the unlikely event of a data breach, TargetCRM has a strict notification and remediation plan in line with PDPA guidelines. This includes alerting affected users promptly and taking immediate action to secure the system.

5. SME Guidance

TargetCRM not only ensures our system complies with PDPA but also provides guidance for SME users to handle their own data responsibly within the platform.

Contact Data Protection Officer View Security Guides