Skip to main content

PDPA Compliance

Our compliance with Malaysia's Personal Data Protection Act 2010

What is PDPA?

The Personal Data Protection Act 2010 (PDPA) is Malaysia's law governing the processing of personal data in commercial transactions. As a Malaysian company, Tamu is fully committed to PDPA compliance.

Data We Collect

We collect personal data only as necessary to provide our booking platform services:

  • Property owner: name, email, phone, business registration (if applicable)
  • Guest: name, email, phone, booking dates
  • Payment: transaction reference (not card numbers)

How We Use Your Data

Personal data collected is used solely to: process bookings, send confirmation and reminder emails, provide customer support, and improve our platform. We do not sell personal data to third parties.

Your Rights Under PDPA

You have the right to:

  • Access personal data we hold about you
  • Correct inaccurate personal data
  • Withdraw consent for data processing
  • Request deletion of your account and associated data

To exercise these rights, contact us at privacy@tamuhq.com

Data Retention

We retain booking records for 7 years as required by Malaysian accounting regulations. Guest personal data is deleted upon account closure request, except where retention is required by law.

Contact Our Data Protection Officer

For PDPA-related enquiries, contact us at privacy@tamuhq.com or write to our registered address. We respond to all data protection enquiries within 14 days.