---
name: bosskuai-malaysia-pdpa-privacy
description: Use this for Malaysia PDPA-aware privacy review, data minimization, consent, retention, user rights, vendor processors, and privacy-safe SaaS operations.
---

# Bosskuai Malaysia Pdpa Privacy

Use this for Malaysia PDPA-aware privacy review, data minimization, consent, retention, user rights, vendor processors, and privacy-safe SaaS operations.

## Fast Path

1. Minimize personal data collected and stored.
2. Document purpose, consent/notice, access controls, retention, deletion, and processor/vendor handling.
3. Avoid storing sensitive personal data unless clearly needed.
4. Create export/delete correction workflow before scaling.

## Default Checks

- Minimize personal data collected and stored.
- Document purpose, consent/notice, access controls, retention, deletion, and processor/vendor handling.
- Avoid storing sensitive personal data unless clearly needed.
- Create export/delete correction workflow before scaling.
- Use this as product/security guidance, not legal advice.

## When To Open The Playbook

Open `../../references/playbooks/bosskuai-malaysia-pdpa-privacy-playbook.md` only when the task needs detailed workflow, implementation examples, or release-grade depth.

## Output Quality

- Start with the verdict or action.
- Separate confirmed facts, assumptions, and risks.
- Include exact files, commands, tests, metrics, or rollback triggers when relevant.
- Do not claim legal, security, or cost certainty without evidence.

## References

- `../../references/playbooks/bosskuai-malaysia-pdpa-privacy-playbook.md`
- `../../references/checklists/malaysia-pdpa-privacy-checklist.md`