Effective Date: January 1, 2025
Last Updated: January 1, 2025
1. Introduction
1.1 Net Onboard Sdn Bhd is committed to ensuring that all cross-border transfers of personal data comply with Malaysia’s Personal Data Protection Act (PDPA) 2010, the General Data Protection Regulation (GDPR) (if applicable to EU users), and other global data protection laws.
1.2 This policy applies to customers, partners, vendors, and third-party processors who transfer, store, or process data outside Malaysia using Net Onboard’s services.
1.3 By using our services, you agree to this Cross-Border Data Transfer Policy and consent to your data being processed in compliance with the outlined requirements.
2. Scope & Applicability
2.1 This policy applies to:
– Personal data collected, processed, and transferred across international borders by Net Onboard.
– Third-party vendors, affiliates, and partners handling data on behalf of Net Onboard.
– Customers utilizing our cloud services who may store or access data outside Malaysia.
2.2 This policy ensures that cross-border data transfers meet legal and security standards to protect personal and corporate data.
3. Legal Basis for Cross-Border Data Transfers
3.1 Net Onboard transfers personal data internationally under the following legal frameworks:
– Contractual Necessity – If the transfer is required to fulfill a contractual agreement.
– Explicit User Consent – When users provide informed and voluntary consent to transfer their data.
– Regulatory Compliance – When required to comply with legal, financial, or governmental obligations.
– Standard Contractual Clauses (SCCs) – Where applicable, we implement SCCs approved by the European Commission for GDPR compliance.
4. Data Protection Measures for Cross-Border Transfers
4.1 Net Onboard ensures that transferred data is secured and protected using the following methods:
– Encryption Standards: Data is encrypted using AES-256 encryption before transmission.
– Access Controls: Data access is restricted to authorized personnel based on role-based permissions.
– Security Certifications: Our cloud infrastructure complies with ISO 27001, SOC 2, and other international security standards.
– Third-Party Vendor Compliance: We ensure that all third-party data processors adhere to equivalent data protection laws.
5. Approved Countries & Third-Party Processors
5.1 Data stored and processed within Malaysia is subject to PDPA regulations.
5.2 When transferring data to countries outside Malaysia, Net Onboard ensures that:
– The receiving country has adequate data protection laws (recognized under GDPR & PDPA).
– Contracts with third-party vendors include data protection agreements (DPA).
– Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs) are in place.
5.3 A list of approved third-party processors and international data transfer locations is available upon request.
6. User Rights & Control Over Data Transfers
6.1 Users have the following rights regarding cross-border data transfers:
– Right to Transparency – Users can request details on how and where their data is transferred.
– Right to Object – Users can withdraw consent for international data transfers (except where required by law).
– Right to Access & Correction – Users can request a copy of transferred data and correct any inaccuracies.
6.2 To exercise these rights, users should contact [email protected].
7. Data Breach Notification & Compliance
7.1 In case of an unauthorized cross-border data breach, Net Onboard will:
– Assess the risk impact and contain the breach.
– Notify affected users and relevant authorities within 72 hours, as required under PDPA & GDPR.
– Implement remedial measures to prevent future incidents.
8. Governing Law & Dispute Resolution
8.1 This policy is governed by Malaysian law and applies to all cross-border data transfers made by Net Onboard.
8.2 Any disputes arising from international data transfers will be resolved through negotiation and mediation before arbitration or litigation.
9. Amendments & Updates
9.1 Net Onboard reserves the right to update this policy at any time.
9.2 Users will be notified of material changes via email or system notifications.
For further inquiries about cross-border data transfers, contact [email protected].
We know that every business is unique, and so are its challenges. That’s why we invite you to a personalized virtual consultation where we listen to your needs, understand your goals, and explore how we can help you achieve them.
1. Assess your current situation – Gain a clear understanding of where you stand.
2. Determine the possible direction – Explore the possible pathways forward.
3. Develop a strategy (Only If Time Permits) – Create an actionable plan to achieve your goals effectively.
Schedule your consultation today!
© Net Onboard Sdn Bhd (796213-D)