A. Introduction
PT Astra Graphia Tbk and/or its affiliates (hereinafter individually and collectively referred to as “Astragraphia” or “We”) understand the importance of protecting Personal Data as regulated by Law No. 27 of 2022 concerning Personal Data Protection along with its implementing regulations applicable to Astragraphia, which may be enacted from time to time (hereinafter referred to as the “UU PDP”). Therefore, Astragraphia is committed to implementing the provisions of the UU PDP and related regulations and their implementation in order to maintain confidentiality and ensure the protection of your Personal Data in accordance with applicable laws and regulations.
In the context of this Privacy Notice, “Personal Data” refers to data about an identified or identifiable individual, either on its own or in combination with other information, both directly and indirectly, through electronic or non-electronic systems as defined in the UU PDP.
This Privacy Notice, along with any changes made from time to time (“Privacy Notice”), explains how we process Personal Data, which includes the acquisition, collection, processing, analysis, storage, correction, updating, display, announcement, transfer, dissemination, disclosure, and deletion (hereinafter referred to as “Personal Data Processing”) through the use of websites, applications, and/or systems (if any), participation in specific programs or promotional activities by us and/or third parties who collaborate or have a legal relationship with us (“Third Parties”), both online and offline, as well as through activities and services, including product services and other features provided on the website, applications, and/or systems (if any) (collectively referred to as “Products and/or Services”)
This Privacy Notice applies to any Personal Data Processing we conduct when you:
(Collectively referred to as “You”).
B. Your Representations and Warranties in Relation to the Provision of Personal Data
By using this site or application, or by using our Products and/or Services, or by providing your Personal Data to us or to the service providers we designate, either directly or through your representative, you declare and warrant that:
In certain circumstances, you may provide Personal Data of other individuals (such as Personal Data from your lawful spouse, family members, or other parties, including those you represent) to us. You declare and warrant that you have obtained explicit and lawful consent from those individuals as Personal Data subjects, and you understand that we rely on your statements and warranties to carry out the Personal Data Processing of the relevant individuals/parties. We are not responsible if the Personal Data you provide, especially the Personal Data of other individuals, is obtained unlawfully. We may request proof of such consent from you at any time as needed.
C. Types of Your Personal Data Collected and Methods of Collection
We collect the Personal Data that you provide to us when you use our Products and/or Services. The Personal Data collected includes, but is not limited to:
With the Personal Data we collect, we may create, use, or disclose:
(hereinafter referred to as “Transaction Data”),
where Transaction Data will not be considered Personal Data because this data will not directly or indirectly reveal the Personal Data you provided, as (i) this data cannot be linked to or identify any individual, or (ii) this data is then combined with similar data so that the original data forms part of a larger data set.
For specific purposes, you may be asked to provide your Personal Data and/or Transaction Data to meet legal obligations or to fulfill a contract. Failure to provide Personal Data for these purposes may be deemed a failure to fulfill legal obligations or an inability to enter into a contract with us.
If not requested, please do not provide or disclose sensitive Personal Data (such as health data, biometric data, children's data, etc.) to us. We may collect information from various sources in accordance with applicable laws, including Personal Data and/or Transaction Data collected by Third Parties and/or public sources, both new and historical data, as part of our efforts to continually provide you with the best Products and/or Services.
D. Purpose of Processing Your Personal Data
We use your Personal Data to conduct our business and operational activities, including but not limited to the following purposes:
We may process the Personal Data you provide for these purposes. We will convey other processing to you first, as required by applicable laws and regulations.
E. Basis for Processing Your Personal Data
We process your Personal Data for the purposes stated above above using one of the following processing bases:
F. Processing of Your Personal Data by Third Parties
We may provide access and/or disclose your Personal Data with Parties Certain third parties are related to your use of our products and/or services. These third parties include but are not limited to:
G. Storage
Unless prohibited by the provisions of applicable laws and regulations and with referring to this Privacy Notice, We will store and use your Personal Data you provide as long as we need it to carry out the objectives of Processing of Personal Data that We have submitted, including other purposes to fulfil Our legal obligations, resolve disputes, and implement agreements.
If the relationship between Us and You has ended, We will retain Personal Data that you provide for a certain period, with the aim of:
You understand and agree that we can delete the Personal Data that you provide if the Personal Data is no longer needed for the purposes mentioned above.
H. Storage of Personal Data and Transfer of Personal Data Abroad
We store and process the Personal Data that you provide at our facilities or location of other service providers abroad. By using our products and/or services, You understand and agree that your information may be transferred outside the country where you live, including Indonesia, which may have data protection regulations different from your country. Under certain circumstances, courts, enforcement agencies laws, regulatory bodies or security authorities in such other countries may have the right to access the Personal Data you provide.
You hereby understand and agree that We may send, store, use, and process your Personal Data on servers located in data centers appointed by us. The data center may be managed by a Third Party and/or located at outside the territory of the Republic of Indonesia. Notwithstanding the foregoing, Processing of Your Personal Data in connection with the use of our products and/or services will continue to be regulated by this Privacy Notice complies with applicable laws and regulations.
We will endeavor to comply with applicable regulations and use all actions reasonably necessary, such as obtaining your consent (we can request your consent when you provide your Personal Data) or other basis permitted by applicable regulations.
I. Your Rights as a Personal Data Subject
You as the subject of Personal Data have rights regulated by regulations applicable laws regarding the protection of Personal Data and Us always commits to enable you to exercise your rights in connection with Processing Personal Data, subject to applicable laws and regulations (including limitations and exceptions), as follows:
If you wish to submit a request to exercise your rights as stated above, you are encouraged to communicate it through the channels/contacts listed in Section L of this Privacy Notice. We will carry out a verification and screening process for all your requests to exercise your rights as a personal data subject. In order to do so regarding your authority to submit a request, we may ask you to provide information or supporting documentation to substantiate the request. Once verified, we will inform you regarding the consequences for the exercise of your rights. After getting your agreement on the consequences We will implement your request within the specified time limit by applicable laws and regulations. However, please understand that based on applicable laws and regulations and under certain conditions, We have the right to refuse your request to exercise your rights as such described above, including to delete or destroy part or all your Personal Data that We control, if this is required or permitted based on applicable laws and regulations.
We may charge an administration fee for each request you make exercise your rights as a subject of Personal Data in accordance with regulatory provisions applicable legislation.
J. Cookies, Pixel Tags, and Other Technologies
By using Our Products and/or Services, you may use cookies, pixel tags, and/or other technologies or you may disable these features by stopping your use of Our Products and/or Services or adjusting the settings on your device, such as disabling, controlling, or deleting cookies, pixel tags, and/or other technologies if you so choose. However, you should note that if you choose to do so, it may impact the quality of your experience using Our Products and/or Services.
K. Personal Data Security
We highly value your Personal Data and make reasonable efforts to protect any Personal Data. We continually strive to improve the standards of protection of your Personal Data.
However, you understand that the transmission of information through online means is not completely secure and We are not responsible for any losses arising from damage or loss of Your Personal Data that occurs beyond Our control. Therefore, We strongly recommend that You always update the security of the access that You create and have in connection with the use of Our Products and/or Services or Your software and do not disclose the account password on Your Products and/or Services to any party.
If there is an incident related to the protection of Personal Data, you understand and agree that We may send an electronic notification letter regarding the incident to You.
L. Contact Us
If you have any questions or complaints regarding the Privacy Notice and the Personal Data Processing activities that We conduct, including if you intend to exercise your rights as a Personal Data subject, you can contact us at:
PT Astra Graphia Tbk
Jl. Kramat Raya No. 43 Jakarta 10450 Indonesia
Telephone : +6221 3909190; +6221 3909444
Fax : +6221 3909181; +6221 3909388
E-mail : info@astragraphia.co.id
Corporate Communications
E-mail: corcomm@astragraphia.co.id
Corporate Secretary
E-mail: corporate.secretary@astragraphia.co.id
M. Language
This Privacy Notice may be translated into languages other than Indonesian. If there is any inconsistency between the Indonesian language version of this Privacy Notice and other language versions, the Indonesian language version shall apply.
N. Applicable Law
This Privacy Notice is governed by the laws of the Republic of Indonesia.
O. Changes or Updates to the Privacy Notice
We may change, supplement, and/or replace this Privacy Notice from time to time (with notice to you) to ensure that Notice this privacy is in line with the procedures and practices carried out by us in carrying out Processing of Personal Data, including to comply with legal and regulatory requirements valid invitation.