SB Telecom Singapore | ICT & Digital Marketing

Bahasa Indonesia
Personal Data Protection Policy

PT. SBTelecom Indonesia Corp (the “Company”, “we”, “our” or “us”) realizes the importance of protecting your personal data.

This document contains the personal data protection policy (“Policy”) adopted by the Company to manage your personal data in accordance with Law No. 27 of 2022 on Personal Data Protection and/or other relevant laws including the Ministry of Communication and Informatics Regulation No. 20 of 2016 on Personal Data Protection In Electronic Systems (“MoCI 20/2016”), and other applicable laws and regulations (collectively, the “Law”). Please take a moment to read this policy to understand the purposes for which we acquire and collect, process and analyze, store, fix and update; display, announce, transfer, disseminate or disclose; and/or delete or destroy your personal data (collectively referred to as “Personal Data Processing”). The term “Personal Data” we use herein refers to data regarding individuals who are identified or can be identified separately or in combination with other information, either directly or indirectly, through an electronic or non-electronic system and has the same meaning as defined in the PDP Law.

1. Observance of Laws and Standards

1.1.The Company respects the Privacy of individuals and recognizes the need to treat Personal Data in an appropriate and lawful manner, and is committed to comply with its obligations in this regard, in respect of all Personal Data it handles.

1.2.The Company may change some parts or all of the contents of this policy from time to time to ensure that this policy is in line with the legal and regulatory requirements, as well as the regulations and constitutive documents of the Company. Hence, we advise you to check regularly for updated information on the handling of your Personal Data.

1.3.If you consider that this Policy does not follow the Law with respect to the Personal Data about you or others, you should raise the matter with our contact person as soon as possible.

2. Application

2.1.This Policy shall apply to every individual whose Personal Data is processed by us, including but not limited to employees, employee family (such as spouse, children, parents or relatives), candidates of employee and any other individuals who the Company have or may have business relationships including employees of our customers or suppliers.

2.2.This Policy shall cover the Personal Data which is in the Company’s possession or under its control, which the Company is appointed to manage, and which the Company appoints any other party to manage.

3. Personal Data Processing

3.1.In general, we collect your Personal Data in several ways, including but not limited to the following:

3.1.1. When you contact us for our services or enquiries via your selected mode of communication;

3.1.2. When you request us to contact you; and

3.1.3. When you submit your Personal Data to us for employment purposes.

3.2.Personal Data that is collected by the Company may include some or all of the following personal information.

3.2.1. Name;

3.2.2. Nationality;

3.2.3. Marital status;

3.2.4. Date of birth;

3.2.5. Gender;

3.2.6. Contact information such as email addresses and telephone numbers;

3.2.7. Demographic information such as address, postal code, preferences and interests;

3.2.8. Thumbprint;

3.2.9. Signature;

3.2.10. Photographs, audio/video recordings and digital images; and

3.2.11. Any other Personal Data necessary due to the employment relationship.

Notwithstanding the above, the Company will not collect your identity card/passport number unless permitted by the Laws or any other applicable laws or regulations.

3.3.Generally, the Company conducts Personal Data Processing for the following purposes:

3.3.1. Conducting the Company’s business and any other relevant activities;

3.3.2. Considering and processing your proposal on or application for our services;

3.3.3. Providing you with our services;

3.3.4. Responding to your queries and requests;

3.3.5. Resolving complaints, and handling requests of and enquiries;

3.3.6. Communication and marketing purposes;

3.3.7. Internal record keeping;

3.3.8. Fulfilling contractual obligations;

3.3.9. Employment and recruitment related purposes (including but not limited to salary, personal income tax, work pass and residential);

3.3.10. Reaching out to family members in case of emergencies; or

3.3.11. Complying with relevant regulations such as but not limited to Personal Data protection, corporate, social security and tax laws.

3.4.Your Personal Data will be retained by the Company for as long as necessary according to our internal policy for the fulfilment of the purposes stated in Article 3.3 or is required to satisfy any legal or business purposes.

4. Sharing Personal Data with Third Parties

4.1.The Company will take reasonable steps to protect your Personal Data against unauthorized collection, use and/or disclosure. Subject to the provisions of any applicable law or regulations, your Personal Data may be collected, used and/or disclosed for any purposes listed in Article 3.3, to the following:

4.1.1. the Company’s staff;

4.1.2. researchers, agents, contractors or third-party service providers who provide services to the Company;

4.1.3. our professional advisers such as auditors and lawyers;

4.1.4. relevant government regulators, statutory boards or authorities, or law enforcement agencies to comply with any laws, rules, guidelines, regulations or schemes imposed by any governmental authority; and

4.1.5. any other party to whom you authorize us to disclose your Personal Data.

4.2.In addition to Article 4.1, the Company will transfer your Personal Data to entities outside Indonesia (i.e. Japan and other overseas group entity(ies)) for any purposes listed in Article 3.3.

4.3.In order to provide the best service possible, the Company may engage a data intermediary to process and handle Personal Data on its behalf. In these cases, we will only work with recognized Personal Data management firms and shall enter into contracts with these data intermediaries to include provisions that clearly set out the data intermediaries’ responsibilities and obligations to ensure compliance with the laws.

4.4.All our third-party service providers are required to implement appropriate security measures to protect your Personal Data in line with our policies. We do not allow them to use your Personal Data for their own purposes, permitting them only to process it for specified purposes and in accordance with our instructions.

5. Consent for Processing Personal Data

5.1.By submitting your Personal Data to the Company, you agree and consent to the Company to conduct the Processing Personal Data for a part or all of the purposes set out in Article 3.3.

5.2.If at any time we decide to collect, use or disclose your Personal Data in a different manner to the purposes set out above, we will request your consent to the additional purpose(s) in writing, which you may refuse to give at your discretion.

5.3.If you provide us with Personal Data relating to a third party, if they are Personal Data of your underage children, you represent to us that you have obtained the consent of such third party to provide us with their Personal Data for the relevant purposes; while we will obtain the written consent before processing Personal Data if it is the Personal Data of other third party (e.g. information about your spouse, parents, or relatives).

5.4.You may at any time withdraw any consent given in respect of the collection, use or disclosure of your Personal Data by giving prior notice in the form of a formal written request addressed to the contact person.

5.5.In the event that you withdraw your consent to the Company in relation to the purposes mentioned above, the Company shall cease to collect, use and/or disclose your Personal Data no later than 3 x 24 (three times twenty-four) hours upon receiving your withdrawal request. Please note that once consent is withdrawn, it may not be possible for us to accomplish the purposes as set out in Article 3.3, and hence, we may be unable to continue providing the requisite services to you.

6. Personal Data Subject Rights

You have the following rights regarding Personal Data obtained and processed by us. 
 

-Right to obtain information regarding identity clarity, the basis of legal interest, the purpose of requesting and using Personal Data, and accountability of parties that request Personal Data.

-Right to complete, update and/or correct errors and/or inaccuracies in Personal Data regarding themselves in accordance with the purpose of the Personal Data Processing.

-Right to withdraw consent at any time by the method separately designated by us at the time of obtaining your consent, except if the consent provided is necessary to perform legal obligations or contractual obligations. However, your withdrawal of consent will not affect the legality of processing conducted based on your consent before its withdrawal.

-Right to access and obtain a copy of the processed Personal Data concerning you and to ask us to disclose where we obtained such Personal Data.

-Right-to-end processing, deleting, and/or destroying Personal Data regarding themselves in accordance with provisions of laws and regulations.

-Right to obtain or transfer your Personal Data in a structured, commonly used, and machine-readable format that can be automatically accessed or disclosed and the right to transfer those data to another controller.

-Right to sue and receive compensation for violations of the Personal Data Processing regarding you in accordance with provisions of laws and regulations.

-Right to delay and restrict the processing of Personal Data proportionally with the purpose of Personal Data Processing.

-Right to object decision-making action based solely on automated processing, including profiling, which has legal consequences or has a significant impact on you and your family.

If you intend to exercise any of the aforementioned rights, please inquire using the contact details at the end of this Privacy.

7. Personal Data Management and Security Measures

The Company will take reasonable measures to protect your Personal Data from unauthorized access or modification, improper collection, use or disclosure, unlawful destruction or accidental loss. You should be aware, however, that no method of transmission over the internet or electronic storage is 100% secure. While security cannot be guaranteed, we strive to protect the security of the Personal Data and will constantly review and enhance our information security measures. In the event that we have credible grounds to believe that an incident of Personal Data breach has occurred, we will take reasonable and expeditious steps in accordance with the laws including notification to you of such incident in writing to your physical address, or electronically to your email address in case you have given prior consent to such electronic notification.

8. Access, Correction and Accuracy of Personal Data

8.1.You may apply for a copy of your Personal Data held by the Company, or request for your Personal Data to be updated or corrected, by sending a formal written request to our data protection officer. Please be informed that we are entitled to charge a fee to recover the costs directly related to the access of the Personal Data for the time and effort spent by us in responding to the same, and will let you know the amount accordingly.

8.2.No later than 3 x 24 (three times twenty-four) hours upon receiving your request, the Company shall:

8.2.1. provide you with a copy of your Personal Data under our custody and/or other relevant information in accordance with the laws therein;

8.2.2. correct your Personal Data as soon as practicable and inform you that the relevant correction has been made; or

8.2.3. inform you that your request for access or correction of your Personal Data is rejected, if the request was made in circumstances predefined by the laws where such access or correction is prohibited or not required.

8.3.You should ensure that all Personal Data submitted to us is complete and accurate. Failure to do so may result in our inability to provide you with the information or services you requested.
The Company shall make a reasonable effort to ensure that the Personal Data collected by or on behalf of the Company is accurate.

8.4.You may also request that your Personal Data is transferred to another person (data portability).

9. Transfer of Personal Data Outside of Indonesia

The Personal Data we collect from you may be transferred to multiple destinations outside Indonesia for the fulfilment of the purposes stated in Article 3. The Company will ensure that any transfers of your Personal Data to a territory outside of Indonesia will be in accordance with the PDP Law so as to ensure a standard of protection to Personal Data so transferred that is comparable to the protection under the PDP Law.

10. Establishment and Continual Improvement of a Management System for Personal Data Protection

In order to appropriately manage Personal Data, the Company shall continually work towards improving the development of our data management system and internal company regulations.

11. Contact information

Should you have a complaint or require more information about how we manage your Personal Data, please contact us through the inquiry form.