Data Processing Agreement

This Data Processing Agreement ("DPA") is entered into between CWorks (CWorks Technologies Sdn. Bhd.; 1066488-A), referred to as the "Data Controller/Processor" collectively referred to as the "Parties".

1. Definitions

2. Purpose and Scope

The Data Controller/Processor processes the Personal Data for the purpose of setting up and providing the CMMS SaaS service and internal marketing, as described in the agreement between the Data Controller/Processor and the visitor.

3. Data Protection Obligations

The Data Controller/Processor shall implement appropriate technical and organizational measures to protect the Personal Data against unauthorized or unlawful processing and accidental loss, destruction, or damage. The personnel involved in processing the Personal Data shall be subject to appropriate confidentiality obligations.

4. Data Retention and Deletion

The Data Controller/Processor shall retain the Personal Data only for as long as necessary to fulfill the purposes of providing the CMMS SaaS service and internal marketing or as required by applicable laws. Incomplete submissions and expired subscribers' Personal Data shall be automatically deleted after 90 days.

5. Data Subject Rights

The Data Controller/Processor shall provide reasonable assistance to individuals in exercising their rights under applicable data protection laws, including but not limited to access, rectification, erasure, and restriction of processing.

6. Security Breach Notification

The Data Controller/Processor shall notify the relevant authorities and affected individuals without undue delay upon becoming aware of any security breaches involving the Personal Data.

7. Governing Law and Jurisdiction

This DPA shall be governed by and construed in accordance with Malaysia Personal Data Protection Act (PDPA). Any disputes arising out of or in connection with this DPA shall be subject to the exclusive jurisdiction of the courts of Malaysia.

CWorks

Data Controller/Processor