(Inglese version – coming soon)

This Data Protection Notice ("Notice") sets out the basis on which ICT Watch Indonesia ("we") can collect, use, disclose or process personal data from prospective service users, service users, authorized representatives using our services in accordance with Indonesian law. This notice applies to personal data in our possession or under our control, including personal data belonging to institutions we engage to collect, use, disclose or process personal data for our purposes.

PERSONAL DATA

1. As used in this Notice:
   “Personal data” means data, whether true or not, about an individual (whether a potential user of the service, user of the service, an authorized representative of the service user or other) who can be identified: (a) from that data; or (b) from that data and other information to which we have or may have access.
2. Depending on the nature of your interactions with us, some examples of personal data we may collect from you include your name, contact information such as city of residence, zip code, email address or telephone number, nationality, gender, age, employment information and educational background.

COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA

3. We generally do not collect your personal data unless (a) it is voluntarily provided to us by you directly or through a third party who has been authorized by you to disclose your personal data to us (your “authorized representative”) after (i) you ( or your authorized representative) have been informed of the purposes for which the data was collected, and (ii) you (or your authorized representative) have provided written consent for the collection and use of your personal data for such purposes, or (B) the collection and use of personal data without consent is permitted or required by law. We will ask for your consent before collecting additional personal data and before using your personal data for purposes that have not been notified to you (unless permitted or permitted by law).
4. We may collect and use your personal data for any or all of the following purposes:
   • establish or manage your relationship with us. This includes:
     • If you are a potential user of the service:
       • process and evaluate your application for our services
     • If you are a service user:
       • monitor, evaluate and/or audit the services provided. This may include an assessment of the quality of the services provided and the effects of the services provided (both in the short and long term, and after you have stopped using the services).
     • If you are an authorized representative of the service user:
       • process and evaluate service user applications for our services
       • provide you with information about our upcoming events or activities, where you have specifically requested to receive such information; respond to, handle and process your inquiries, requests, applications, complaints and feedback
       • comply with any applicable laws, regulations, codes of practice, guidelines or rules, or to assist law enforcement and investigations conducted by governmental and/or regulatory authorities
       • other purposes for which you provide the information.
5. We may disclose your personal data:
   • where such disclosure is necessary for, or in connection with, the provision of the service you have requested
   • to comply with any applicable laws, regulations, codes of practice, guidelines, rules or requests by public bodies, or to assist law enforcement and investigations
   • other parties that you authorize us to disclose your personal data, or if necessary to take any action requested by you.

CANCEL YOUR CONSENT

6. The consent you give to the collection, use and disclosure of your personal data will remain valid until such time as is withdrawn by you or your authorized representative in writing. You or your authorized representative may withdraw consent and ask us to stop collecting, using and/or disclosing your personal data for any or all of the purposes listed above by sending your request via email or otherwise in writing to the Data Protection Officer (Data Protection Officer / DPO) at our contact details provided below. If you are unable to submit your request in writing or if you need assistance with submitting your request, you may ask to speak or meet with Data Protection Officer we.
7. Upon receipt of your written request to withdraw your consent, we may require a reasonable amount of time (depending on the complexity of the request and the impact on our relationship with you) for your request to be processed and for us to notify you of the consequences from us. accede to the same, including any legal consequences that may affect your rights and obligations to us. In general, we will endeavor to process your request within three (3) working days of receiving it.
8. While we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we will, in such circumstances, notify you prior to finalizing processing of your request. If you decide to withdraw your consent, please inform us in the manner described in paragraph 6 above.
9. Please note that consent to withdrawal does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclosure without permission is permitted or required by applicable law.

ACCESS TO AND CORRECTION OF PERSONAL DATA

10. If you wish to make (a) an access request for access to a copy of the personal data we hold about you or information about how we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data we hold about you, you can send your request by e-mail or otherwise in writing, to Data Protection Officer us in the contact details provided below. If you need assistance with submitting your request, you can ask to speak or meet with Data Protection Officer we.
11. Please note that a reasonable fee may be charged for access requests. If so, we will inform you of the fee prior to processing your request.
12. We will respond to your request as soon as possible. In general, our response will be within three (3) working days. If we are unable to respond to your request within thirty (30) days of receiving your request, we will notify you in writing within thirty (30) days of such time that we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we will usually notify you of the reason why we are unable to do so (unless we are not required to do so under Indonesian law).

PROTECTION OF PERSONAL DATA

13. To protect your personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption, use of privacy filters, and data disclosure. personally both internally and to our authorized third-party service providers and agents only on a need-to-know basis.
14. You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. Although security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and improving our information security measures.

PERSONAL DATA ACCURACY

15. We generally rely on the personal data that you provide (or your authorized representative). To ensure that your personal data is current, complete and accurate, please update us if there are any changes to your personal data by informing our Data Protection Officer on the contact details provided below.

PERSONAL DATA RETENTION

16. We may retain your personal data for as long as necessary to fulfill the purposes for which it was collected, or as required or permitted by applicable law.
17. We will stop storing your personal data, or remove the means by which it can be associated with you, as soon as it is reasonable to presume that such retention no longer fulfills the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.

PERSONAL DATA TRANSFER OUT OF INDONESIA

18. We generally do not transfer your personal data to countries outside Indonesia. However, if we do, we will pass on the information to you for the transfer to take place and we will take steps to ensure that your personal data continues to receive a standard of protection at least comparable to that provided under Indonesian law.

DATA PROTECTION OFFICER

19. You can contact the Data Protection Officer (Data Protection Officer / DPO) if you have questions or feedback regarding our personal data protection policies and procedures, or if you wish to submit a request, in the following ways:
    • Name of DPO: Donny BU
    • Email address: privacy [at] ictwatch.id
    • Address: Jl. Tebet Timur Dalam Raya 1C no.4, Jakarta 12810, Indonesia

INFLUENCE OF NOTICES AND CHANGES TO NOTIFICATIONS

20. This notice applies in conjunction with other notices, contractual clauses and consent clauses that apply to our collection, use and disclosure of your personal data.
21. We may revise this Notice from time to time without prior notice. You can determine whether such revisions have occurred by referring to the date on which this Notice was last updated. Your continued use of our services constitutes your acknowledgment and acceptance of these changes.

Effective Date : 05/02/2020
Last updated: 25/03/2020