top of page

Privacy Policy

This Privacy Policy sets out the basis on which PT Insight Inovasi Indonesia ("Ayoinsight" or "We" or “Our”) may collect, use, disclose, and/or process the personal data of Our users ("Service Users" or "You") when accessing our website at https://www.ayoinsights.id/ ("Services") in accordance with the Law on Personal Data Protection (“PDP”); Ministry of Communication and Information Technology Regulation No. 20 of 2016 concerning Protection of Personal Data in Electronic Systems; Government Regulation Number 71 of 2019 concerning the Implementation of Electronic Systems and Transactions; and other applicable regulations related to personal data in Indonesia ("PDP Regulations"). This Privacy Policy applies to personal data that We have or under Our control, including personal data owned by organizations that We have engaged to collect, use, disclose, and/or process personal data for Our purposes (“Data Processing”).

 

The purpose of this Privacy Policy is to define the main processes necessary to ensure the confidentiality of data held by and/or on behalf of Ayoinsight. It also aims to describe good PDP principles and practices. The overall purpose of this Privacy Policy is to ensure that we:

 

a. Process personal Data in a legally responsible manner that protects the confidentiality of Service Users;

b. Generate valid data and comply with the PDP Regulations;

c. Carry out effective and efficient procedures.

 

By using Our Services or registering an account, you agree to this Privacy Policy as set out further below. Please read this Privacy Policy carefully. 

 

In this Privacy Policy, unless the context requires otherwise, the following terms will have the definitions, as follows:

 

a. Personal Data is data about individuals who are identified or can be identified separately or in combination with other information either directly or indirectly through electronic or non-electronic systems.

 

Personal Data consists of: (i) Specific Personal Data; and (ii) General Personal Data. The details are as follows:

​

(i) Specific Personal Data:

  • health data and information;

  • biometric data;

  • genetic data;

  • criminal records;

  • child data;

  • personal financial data; and/or

  • other data in accordance with the provisions of the legislation.

​

(ii) General Personal Data:

  • full name;

  • gender;

  • citizenship;

  • religion;

  • marital status; and/or

  • personal Data combined to identify a person.

 

b. Service users are individuals/companies who: (a) have registered and/or used an account through our website in connection with the Service, or (b) have cooperated and signed a contract with us.

 

Data that We can perform Data Processing, including but not limited to:

  • Full name;

  • Mobile phone number;

  • Identification Number (NIK);

  • Taxpayer Identification Number (NPWP);

  • Bank account number;

  • Date of birth; and

  • Other information that we may need or you can input into related services.

​
 

  1. Personal Data


In the event of a failure of the PDP stored in the Ayoinsight system (database), We will provide a written notification no later than 3x24 hours (three times twenty-four hours) to Service Users containing adequate information as required by the PDP Regulations. This is a quick step that will be implemented by Ayoinsight to reduce the risk of loss to the affected parties.

 

The general principle of PDP is to maintain data confidentiality, secure data, and obtain approval from data owners before Data Processing can be carried out.

 

1.1. Confidentiality

Confidentiality must be described in the terms and conditions shared with Service Users. Ayoinsight's electronic systems must have different access levels that are approved and recorded in the delegate log.

 

1.2. Data Access Procedure

The Ayoinsight system only allows access to data in two ways:

 

a. Through a secure VPN connection to connect the database server. The VPN is further secured using a tunnel connection with a high level of encryption;

 

b. Through Ayoinsight's core microservices with authentication.

 

All data collected by the Ayoinsight system, whether electronic or paper trails, must be supported by a security system and updated regularly. Proper techniques need to be taken to ensure this data is not corrupted or lost.

 

All IT personnel must immediately notify their supervisor if they are concerned that they have, or may have, committed a data security breach. Staff members must keep a written record of details and any actions taken to limit further disclosure of data. After carrying out the necessary inspections, the Director is notified without undue delay. If a data security breach has or may have occurred, the company must then notify the regulatory agency which will consider what further action is required including informing the Service Customer (if required). Data security breaches must be reported according to the procedural documents created.

 

Ayoinsight will ensure that before processing Data for the purposes of the Ayoinsight Service, we will obtain prior approval from the Service User. Such consent must be given explicitly and without coercion in any form. If the Service User withdraws his consent, then any ongoing access to Ayoinsight products must be terminated immediately.

​

1.3. Data Protection and Security

​

1.3.1. Overall management

Responsibilities for overall data management and control, database software management, data backup procedures, access control to consumer data and handling of possible breaches of confidentiality must be clearly defined in accordance with the guidelines in the Ayoinsight Privacy Policy and database.

​

1.3.2. Specific Personal Data

Specific Personal Data is data that must be protected which allows certain individuals or groups of individuals to be identified with sensitive information. Identification of Specific Personal Data is carried out by the System Admin as appropriate. Appropriate consent from the respective authorities is required to ensure that no Specific Personal Data is released that can identify an individual specifically.

​

1.3.3. Data Access Level

The number of Ayoinsight staff with access to documents, computer records and other data storage media must be limited according to system-specific requirements. The different data access levels for staff will be clearly defined. Any personnel with access to Specific Personal Data must be kept to a strict minimum. Operational staff who have access to data must be clearly identified and must follow safeguards provisions.

​

1.3.4. Personal Data Storage

In order to maintain Customer confidentiality, Personal Data must be stored in a database in a secure and encrypted manner. Any Personal Data must be maintained on a password protected computer. Application data must be associated with Customer details using a unique anonymous identifier that does not consist of personal details (for example, initials or date of birth). Personal identifiers may only be retained for as long as necessary for Data Processing purposes. After Data Processing is complete, the personal identifier must be deleted. Documents that allow access to Customer's Personal Data should not be left unattended. Document archives must be stored in a lockable cabinet in a lockable office and accessible only to those directly involved in the application process.

 

1.3.5. Personal Data Disclosure

All Ayoinsight staff with access to Personal Data should be aware of the PDP procedures. They must be able to identify the Customer's Personal Data, know to whom and under what circumstances the Personal Data may be disclosed.

​

1.3.6. Training Planning

All Ayoinsight staff involved with Data Processing must carry out appropriate data processing activities, and have received security training to ensure that they meet best practices for handling Customer Personal Data. New staff must undergo a training process to understand the procedures and/or Privacy Policy for Customer PDPs. Active staff must undergo a retraining process regularly to ensure procedures and/or Privacy Policy are clear and have been followed thoroughly.

​

2. Contact Information and Official Grievance Line

 

If you have any questions about the Privacy policy, any concerns or complaints regarding your privacy treatment or you know or suspect a possible violation of the privacy of a Customer or another staff member, please contact us via info@ayoinsights.id. If the Customer raises a question or complaint, Our representatives will contact them within a reasonable time after receiving the complaint to discuss the problem and outline options on how the related issue can be resolved. We strive to ensure that all complaints are resolved in a timely manner.

Insight_Inovasi_LogoWhite (1).png

Email: partnerships@insightinovasi.id

Telephone: (021) 5080 4589

Privacy Policy

 

©2023 by Insight Inovasi

 

Address: 

​

PT. Insight Inovasi Indonesia

Equity Tower, 35th & 37th Floor, Jl. Jend. Sudirman Kav. 52-53 (SCBD), Jakarta 12190, Indonesia

 
bottom of page