PDPA Compliance
How NEXUS complies with Malaysia's Personal Data Protection Act 2010
General Principle
Personal data is processed only with the data subject's consent, unless an exception applies under the PDPA.
Notice & Choice
We inform you of the purpose of data collection and provide opt-out options for non-essential processing.
Security Principle
We implement technical and organizational measures to protect personal data against loss, misuse, and unauthorized access.
Retention Principle
Personal data is retained only as long as necessary for the purpose it was collected. Data is securely deleted upon account termination.
AI Voice Calls & Consent
All AI-initiated calls through NEXUS include proper identification of the automated nature of the call. Recipients are informed they are speaking with an AI agent and given the option to opt out or request a human callback at any point during the conversation.
Cross-Border Data Transfers
Where data is processed outside Malaysia (e.g., cloud infrastructure), we ensure adequate safeguards are in place through standard contractual clauses and data processing agreements compliant with Section 129 of the PDPA.
Data Subject Rights
Under the PDPA, you have the right to access your personal data, request corrections, and withdraw consent for processing. Submit requests to dpo@iamnexus.ai and we will respond within 21 days.
Compliance Officer
NEXUS has appointed a dedicated Data Protection Officer to oversee PDPA compliance. For any data protection concerns, contact dpo@iamnexus.ai.