Malaysia - Personal Data Protection Act 2010

By refering to the Personal Data Protection Act 2010 which came into force on 15 November 2013, its main purpose is to regulate all processed personal data of individuals during commercial transactions.

For More info, please visit

For iSMS Users

Based on the recent announcement by Ministry of Communications and Multimedia Malaysia, the ministry has made it clear that anyone who processes personal data in terms of commercial transactions will be covered under PDPA's act. A data user that belongs to any class of users specified in the "Class of Data Users" schedule will be required to register under the act. Following are the class of users affected:
  • Communications
  • Banking and financial institutions
  • Insurance
  • Health
  • Tourism & Hospitality
  • Transportation (All local Malaysia airliners)
  • Education
  • Direct Selling
  • Services (Legal, Audit, Accountancy, Engineering, Architecture)
  • Real Estate
  • Utilities

(4) A person who belongs to the class of data users as specified in the order made under subsection 14(1) and who processes personal data without a certificate of registration issued in pursuance of paragraph 16(1)(a) commits an offence and shall, on conviction, be liable to a fine not exceeding five hundred thousand ringgit or to imprisonment for a term not exceeding three years or to both.

Laws of Malaysia Act 709 - Personal Data Protection pg.23
Personal Data Protection (Class of Data Users) Order 2013 | Laws of Malaysia Act 709 (PDPA 2010)


A "data user" (person who entered into partnership under the Partnership Act 1961 is a data user that belongs to a class of data users.) is required to register under the PDPA with the Personal Data Protection Commissioner. The form is readily available HERE.

The Ministry of Communications and Multimedia Malaysia has confirmed

  1. Clause 9(a)(i) is intended to apply to a partnership as a legal person, as opposed to individual partners;
  2. The requirement for a letter of confirmation from the Bar Council to verify the firm's status as a partnership has been waived. You are advised to proceed with the registration without the need to provide a letter of confirmation from the Bar Council; and
  3. Sole proprietors do not have to register with the Commissioner for the moment.

Liability Issues

All bulk SMS blasting activities can be traced to your iSMS account. This action will be deemed performed by you and therefore you will be held solely responsible your message content as well as mobile contact database, in accordance with Personal Data Protection Act 2010. iSMS will not accept any liability for your sent messages to the mobile numbers of your uploaded contact database. iSMS will be exempted by you from possible third party claims arises from your SMS content. iSMS has the right to deny you from using iSMS bulk SMS services.

Notice to iSMS User's Related to Personal Data Protection Act 2010

iSMS treats all of our user's personal data and privacy matters seriously. Therefore, iSMS issues this notice to all users pertaining to the announced Data Protection Act 2010.

Customers could have supplied iSMS with their personal data and information from time to time, relating to matters such as continuance of iSMS's Bulk SMS service, establish new accounts, record keeping and billing purposes. iSMS will take appropriate (physical or electronic) measures to safeguard all personal data provided. In addition to that, iSMS may also verify information concering your personal details when necessary.

Mobile Database Upload

Contact data that has been uploaded to iSMS database will be stored with high level of security to protect your interests. iSMS does not engage in any illegal selling of mobile or email databases. Uploaded mobile database is solely used to blast out bulk SMS to the mobile numbers you specified and activity log is kept for record purposes. No mobile database will be disclosed to any third party.

Legal Disclaimer

iSMS is strictly against sending unsolicited bulk SMS messages. As a prevention measure, iSMS has integrated multiple functions to check, filter and block such messages. Abusing iSMS bulk SMS service will result in immediate iSMS account suspension and you will be liable for all consequences of your misconduct. As iSMS user, you are required to comply with our outlined iSMS privacy policy and Malaysian Communications and Multimedia Commission (MCMC) law.

Any legislation and requirements of the authorities in connection with distribution of SMS advertising must be adhered to at all times. We assume no editorial responsibility for the Content, which shall remain entirely your responsibility and must adhere to the current laws and regulations of Malaysia.

If you need to contact us, please feel free to do so. You will find our address, and phone numbers there.



SMS Coverage for All Countries Worldwide