PDPA Compliance

Commitment to Personal Data Protection

SRIHATI abides by the Malaysian Personal Data Protection Act 2010 (PDPA) and its amendments. We act as a data controller and are responsible for personal data handled through the platform.

Data Controller Identity

The data controller for the SRIHATI platform is CoreLife Training and Consultancy Sdn. Bhd. (Malaysia).

PDPA Principles Compliance
  • General Principle: We process personal data with consent or as permitted by law, for lawful purposes related to CPD services.
  • Notice & Choice: We provide notice regarding data collected, purposes and your rights; you may opt out of optional uses or withdraw consent.
  • Disclosure: Disclosures are for stated purposes or as required by law with appropriate safeguards for processors.
  • Security: We implement technical and organisational measures to protect data, including access controls and encryption where appropriate.
  • Retention: We retain data no longer than necessary and dispose of data no longer required.
  • Data Integrity: We maintain accurate, complete and up-to-date data and correct inaccuracies when identified.
  • Access: You may access and correct your personal data in accordance with PDPA.
Your Rights as a Data Subject
  • Access: Request access to personal data we hold, subject to verification and any prescribed fees.
  • Correct: Request correction or update of inaccurate or outdated data.
  • Withdraw Consent: Withdraw consent at any time for optional processing.
  • Prevent Unwarranted Processing: Request cessation where processing is likely to cause substantial damage or distress or to stop direct marketing.
  • Data Portability: Where effective under PDPA amendments, request machine-readable transfer to another controller where conditions are met.
Data Protection Officer (DPO)

We have appointed a DPO to oversee PDPA compliance and data governance.

Contact and Communication Channels

Email: pdpa@srihati.my

Ongoing Compliance

We review policies, train staff on PDPA requirements and adopt privacy-by-design practices. Last updated: 1 November 2025.

Need help? Contact support.