PERSONAL DATA PROTECTION

COLLECTION OF PERSONAL DATA

Your Best Practices

Make sure you collect and store personal data only when needed.

Be cautious about saving the personal details as image files (metadata)

Check on the accuracy of the data collected

How Reach helps

Reach collects minimal Personal Data

Collects NRIC Numbers only where necessary

Prefers collecting data through Input instead of automatically importing it.

NOTIFICATION OF PURPOSE & DATA PROTECTION & ACCURACY

Your Best Practices

Explain the purpose of the collection

Appoint a DPO who can address your customers doubts on data protection

Ensure data is maintained accurately

Provide the users with an option to update their own data

GETTING CONSENT FOR USERS’ PERSONAL DATA

Your Best Practices

If you intend to use the personal data for marketing messages, take prior consent

Keep a record of the consent given

Allow users to withdraw their consents

How Reach helps

If you are a retail business, You can send an email or SMS from Reach once you add personal details asking content to use his details for future marketing

DATA PROTECTION & ACCESS CONTROL

Your Best Practices

Protect your password from unauthorized access

Do not provide access to personal data to other users unless required.

Change your password frequently

How Reach helps

Uses a Bank level 256 bit encryption

Uses Web Application Firewalls

Scans User Uploaded files for Malware

Stores data in Secure AWS Servers

Limits the number of failed logins

Allows the use of OTP for non-admin logins

Has IP based user access restrictions

Has set password complexity rules

USER DEVICE SECURITY & TESTING

Your Best Practices for employee devices

Having policies to govern device usage

Adopting mobile device management (e.g. remote wiping)

Encrypting data on the device

Implementing secure erasure of data

Using of anti-malware software

Minimizing storage of personal data on the device

Mandating login to the device

Activating screen lock upon inactivity

How Reach helps

Conducts Vulnerability test

Conducts Penetration testing

Avoids loading production data to test environments

DATA EXPORT

Your Best Practices

Monitor Data Export

Take precautions in sending user data over email

How Reach helps

Encrypts exported data

Provides audit trails to monitor data exports

©2020 reachaccountant.my

Log in with your credentials

Forgot your details?