FREE Shipping on orders above RM100 | Buyer Protection on Every Order | Easy 15-Day Returns | Daily Flash Sales — Up to 90% OFF | Verified Factory Sellers Only | FREE Shipping on orders above RM100 | Buyer Protection on Every Order | Easy 15-Day Returns | Daily Flash Sales — Up to 90% OFF
FO2U - Factory Outlet To You
English Bahasa Malaysia 简体中文
Sign In Sign Up
Become a Seller
All 🇹🇭 Thailand 🇻🇳 Vietnam 🇮🇩 Indonesia

PDPA Compliance

How FO2U complies with Malaysia's Personal Data Protection Act 2010.

Last updated: 2026-05-26

About this page

FO2U Marketplace Sdn Bhd is a data user under Malaysia's Personal Data Protection Act 2010 ("PDPA"). This page explains how we comply with the seven PDPA principles and how you can exercise the rights the Act gives you. For the full data-handling detail, read our Privacy Policy.

The seven PDPA principles

1. General Principle

We process personal data only with your consent, or where another lawful ground applies (contractual necessity, legal obligation, legitimate interest). We do not process more data than needed for the stated purpose.

2. Notice and Choice

We tell you, in clear language and at the point of collection, what data we are taking and why. Our Privacy Policy is the master notice — sign-up and checkout forms repeat the relevant excerpts.

3. Disclosure

We do not disclose personal data to third parties for purposes other than those stated in the Privacy Policy without your fresh consent. Sellers, payment processors, and shipping carriers receive only the data needed to fulfil your order.

4. Security

We use SSL/TLS in transit, bcrypt-hashed passwords, least-privilege database access, and PCI-DSS-compliant payment processors. We restrict access to personal data to employees who need it to do their job.

5. Retention

We keep personal data only as long as needed. Account and order records are retained for seven years after account closure to meet Malaysian tax and accounting requirements, then anonymised or deleted.

6. Data Integrity

We take reasonable steps to keep data accurate, complete, and up-to-date. You can correct your own profile and addresses at any time through your dashboard.

7. Access

You can ask us for a copy of the personal data we hold about you. We respond within 21 days of a verified request, as required by PDPA.

Your rights — and how to exercise them

You have the right to access, correct, or request limitation/withdrawal of consent for the processing of your personal data, and to make a complaint.

Access request

Email privacy@fo2u.com with the subject line "PDPA access request" and a copy of your government-issued ID for verification. We respond within 21 days.

Correction

Most fields can be corrected directly in your dashboard. For data you cannot edit yourself (e.g. a transaction record), email us with the correction you'd like applied.

Withdrawal of consent

You can withdraw consent for marketing communications at any time using the unsubscribe link in our emails. Withdrawing consent for processing required by an active order or by Malaysian law is not always possible — we will explain in our reply if that's the case.

Account deletion

Email us or message via WhatsApp to request deletion of your account. We complete deletions within 30 days, retaining only the minimum records needed for legal compliance (tax, accounting).

Complaints

If you believe we have mishandled your personal data, write to our Data Protection Officer first — we want to fix it. If you remain unsatisfied, you can complain to:

Personal Data Protection Commissioner
Department of Personal Data Protection
Ministry of Communications and Digital, Malaysia
Website: www.pdp.gov.my

Contact our Data Protection Officer

FO2U Marketplace Sdn Bhd
Email: privacy@fo2u.com
WhatsApp: +60 12-345 6789

FO2U

Select Your Language

Choose how you want to shop