PRIVACY POLICY
This Privacy Policy (hereinafter referred to as the “Policy”) applies to all information that PT ETTO LETTO GROUP, a legal entity registered under the laws of the Republic of Indonesia, domiciled in Badung Regency, Bali Province, whose articles of association are contained in the Deed of Establishment of a Limited Liability Company of PT ETTO LETTO GROUP Number: 57 dated 18-02-2021 with the latest Amendment Deed based on the Circular Resolution Number: 75 dated 27-05-2022 (hereinafter referred to as the "Company"), receives about the User in the process of registration, authorization and other use of the Application, as specified in the User Agreement.
The consent of the User, expressed in accordance with the Policy, to the processing of personal data and other information provided by him to the Company, is considered, at the same time, provided by the User to the third parties specified in the Policy, engaged by the Company to assist in the execution of the User Agreement.
Using the Application and/or website means you acknowledge that you have read, understand and hereby means to give the User unconditional consent to the Policy and all the conditions specified therein to process his personal data and other information; in case of disagreement with the Policy and all its terms, the User must refrain from using the Application or website.
1. Personal Data and Other Information of The User That the Company Receives and Processes
1.1. When registering, authorizing the User in the Application or website, making payments, conducting surveys, sending out informational and promotional messages, and in all other cases provided for by the User Agreement, the Company may request from the User (clause 1.1.1. Policy) and / or receive automatically (1.1.2 of the Policy) the following information about the User:
1.1.1. last name, first name, patronymic, year, month, date and place of birth, gender, passport data, mobile phone number, e-mail address, registration address/actual (postal) address, login and password information for accessing certain functions of the Application or website, data driver's license, data on the presence (absence) of medical contraindications to the use of the vehicle, biometric data (photos), data on the place of work, position, control information, history of using the Application or website;
1.1.2. information that is automatically transmitted to the Company in the process of using the Application or Website using the software installed on the User's device, including IP address, information from cookies and tracking bugs, information about the country and (or) city of the User's location, information about the User's Internet browser (or another program with which the Application or website is accessed, the access time, the address of the requested page about the User's devices through which the Application or website is accessed.
1.2. This Policy applies only to the Application and Website. The Company does not control and is not responsible for the websites and software of third parties to which the User can follow the links available in the Application and Website. On other sites of third parties, other information may be collected or requested from the User, and other actions may be performed for which the Company is not responsible.
1.3. The Company assumes that the User is an adult capable person who meets the requirements of the User Agreement, provides reliable and sufficient information and maintains this information up to date. The Company has the right to verify the information provided by the User in accordance with the provisions of the User Agreement. If the User provides false information, the Company has the right to suspend or cancel the registration and / or refuse the User to provide access to the Application and Website. The Company and/or other third parties are not liable for the provision of false information and the resulting negative consequences. If the Application and website was used by a minor and/or incapacitated person, then the parents, adoptive parents and other legal representatives of the minor and/or incapacitated person are responsible for such use not authorized by the Company.
1.4. The User expresses his consent and does not object to the fact that the Company has the right to engage third parties, including partners and (or) representatives, to collect, process Personal Data, as well as perform other actions necessary to provide access to the Platform and achieve the purposes specified in these Terms.
1.5. The user agrees to the cross-border transfer of his personal data in connection with the services available on the Application or Website in connection with verification, authentication, risk assessment, fraud prevention and Service development and maintenance as the Company may deem necessary prior to providing services.
2. Purposes Of Collecting and Processing Personal Data and Other Information of The User
2.1 The Company uses the User's personal data and other information for the purposes of concluding and executing the User Agreement, providing additional services, improving the quality of service, participating in the User's promotions, surveys, research conducted by the Company (including, but not limited to, conducting surveys, research via electronic, telephone and cellular communication), making decisions or taking other actions that give rise to legal consequences in relation to the User or other persons, providing the User with information about the services provided by the Company, and providing consulting services by the Company. The specified purposes of using personal data apply to all information specified in clause 1.1 of the Policy.
2.2 The purposes of collecting and processing personal data include, without limitation, the following:
2.2.1 registration, identification and authorization of the User in the Application or website;
2.2.2 conclusion and execution of the User Agreement or website;
2.2.3 providing the User with access to the Application, as well as any additional functionality;
2.2.4 processing requests from Users by the Company;
2.2.5 analysis and research of opportunities to improve the Application or website;
2.2.6 sending news and information about products, services, special offers related to the Application;
2.2.7 distribution of service messages;
2.2.8 prevention and detection of fraud and illegal use of the Application or website;
2.2.9 conducting statistical and other research based on depersonalized data.
3. Conditions, Methods and Procedure for Processing Personal Data and Other Personal Information of The User
3.1 The Company uses the personal data and other information of the User only for the purposes specified in the Policy and in accordance with the Policy.
3.2 With respect to personal data and other information of the User, the Company maintains confidentiality.
3.3 The Company will not disclose to third parties, distribute, sell or otherwise dispose of the received personal data and other information, except for the purposes, methods and within the limits provided for in this Policy.
3.4 The processing of personal and other data of the User is carried out by the Company in the amount necessary to achieve each of the goals specified in section 2 of the Policy, in the following possible ways: collection, recording (including on electronic media), systematization, accumulation, storage, compilation of lists , marking, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction, cross-border transfer of personal data, obtaining an image by photographing, as well as performing any other actions with personal data User subject to applicable law. The Company has the right to process the User's personal and other data, as well as their cross-border transfer, both using automated means of processing the User's personal data, and without using automation tools.
3.5 The Company has the right to transfer personal data provided to it by the User for their processing (give an instruction for processing) (to the extent necessary for the Company to fulfill its obligations) to third parties, including organizations that are involved by the Company for informational sending of messages via e-mail / mobile operators, debit / credit funds from / to a bank (s) card (s) / current account - credit institutions (banks), payment systems, mobile operators, courier services, postal organizations, including cross-border transfer personal data of the User in written or electronic form, in the cases and in the manner provided for by the relevant agreements with the specified third parties, the rules of the Company, the applicable law.
3.6 The Company also has the right to transfer personal data provided to it by the User to state bodies, courts, other authorized bodies and organizations, in cases and in the manner when this is required in accordance with the law applicable to the Policy.
3.7 The Company guarantees the conscientious and lawful processing of personal and other data of the User in accordance with the purposes provided for in Section 2 of the Policy.
3.8 The Company guarantees the immediate updating of the User's data in case of providing them with updated data.
3.9 Consent to the processing of personal data, their cross-border transfer and other data is given by the User on an indefinite basis, or until the expiration of the storage period for the relevant information or documents containing the above information, determined in accordance with the law applicable to the Policy. After the specified period, personal data is subject to destruction by the Company.
4 Change Or Removal of Information by The User. Withdrawal Of Consent to The Processing of Personal Data
4.1 The User can at any time change (update, supplement) the personal data and other information provided by him by contacting the Company, for example, through the support service or using contacts, in the Application or website with a request to change (update, supplement) the information provided by him earlier (the Company changes (updates, supplements) the information provided by the User only after carrying out the User identification procedure applied in the Company at the time of the relevant request).
4.2 The User has the right to withdraw his consent to the processing of personal data by sending the appropriate written notice to the Company at least 60 (sixty calendar) days prior to the withdrawal of consent, while the User acknowledges and understands that access to the use of the Application or website will not be provided by the Company from the moment when the Company has lost the ability to process the User's personal data.
5 Protection of User Information
The Company ensures that the necessary and sufficient organizational and technical measures are taken to protect personal data and other information of Users from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties with it.
6 Cookies and Tracking Bugs
6.1 To improve the quality of the Application or website, the Company may use (temporary and permanent) cookies, tracking bugs and / or other technologies for collecting non-personal data (for example, IP address, browser type and Internet Service Provider (ISP) data, as well as (for Users who use the Company's services through a mobile device), a unique device identifier, data on the operating system and coordinates in order to take into account the number of Users and their behavior when using the Application or website. To improve the convenience of Users, the Company has the right to collect and process information on the total number of transactions, pages viewed by the User, referring/originating pages, platform type, date/time of fixing information, number and location of page views, page views and used (search) words.
6.2 Information about cookies and tracking bugs:
6.2.1 A cookie is a small text file sent to the browser of the User's device from the server used by the Company. Cookies contain information that may later be used by the Company. The Browser will store this information and send it back with each request of the User to the Company. Some cookies can only be stored for one session and are deleted after the browser is closed. Others, set for a certain period of time, are recorded in a special file on the hard drive and stored on the User's device. Cookies are used to identify, track sessions (maintain state) and save information about the User, including preferences when using the Application or website. The cookies used by the Company collect only anonymous data.
6.2.2 Tracking bugs are graphic objects embedded in web pages or e-mail messages. Tracking bugs are used for a variety of purposes, including reporting on the number of Users. The tracking bugs used by the Company collect only anonymous data.
6.3 The Company may use cookies and tracking bugs in order to control the use of the Application or webiste, collect non-personal information about the User, store preferences and other information on the User's device in order to save the User's time required for repeated entry of the same information in the Application forms, and also for the purpose of displaying the content during subsequent visits by the User of the Application or webiste. The information obtained through cookies and tracking bugs may also be used by the Company for statistical research aimed at adjusting the content of the Application or website in accordance with the User's preferences.
6.4 The Company may provide the User with the opportunity to change the settings for accepting cookies and tracking bugs in their browser settings or disable them completely, however, in this case, some functions of the Application or website may not work correctly.
7 Changes to the Policy and User Consent to the Policy
7.1 The User acknowledges and agrees that the registration of the User in the Application or website and the subsequent use of the Application or website, any of its services, functionality means the User's unconditional consent to all clauses of this Policy and the unconditional acceptance of its terms.
7.2 The User's continued use of the Application or website after any changes and / or additions to the Policy means his acceptance of such changes and / or additions.
7.3 The User undertakes to regularly familiarize himself with the contents of the Policy in order to timely familiarize himself with its changes/additions.
7.4 The Company reserves the right, at its discretion, to change and (or) supplement the Policy at any time without prior and (or) subsequent notice to the User. The new version of the Policy comes into force from the moment it is posted on the Application or website, unless otherwise provided by the new version of the Policy. The current version of the Policy is always available in the Application or website.
8 Final Provisions
8.1 The law of the Republic of Indonesia shall apply to the Policy and the relations between the Users and the Company arising in connection with the application of the Policy.
8.2 By agreeing to the terms of the Policy, the User agrees to the processing of personal and other data by his own will and in his own interest.
8.3 Refusal to provide personal data and other information necessary for the use of the Application or website entails the impossibility for the Company to provide the User with access to the Application.
8.4 We accept plastic cards of the following international payment systems:
8.4.1 VISA International
8.4.2 MasterCard
All plastic card transactions are carried out using the electronic payment gateway Cloud Payments. Cloud Payments specializes in securing online card payments. When making a payment, Cloud Payments accepts your plastic card details, then this information is transmitted via a secure SSL communication channel to the Cloud Payments authorization server. Your card details are transmitted only in encrypted form. To transfer information, Cloud Payments uses special security technologies for online card payments Verified by Visa and MasterCard Secure Code. All transactions on your card are carried out in full compliance with the requirements of VISA International, MasterCard and other payment systems. The security of processing Internet payments through Cloud Payments is guaranteed by international PCI DSS security certificates.
Cloud Payments activity complies with the requirements of the Laws and Regulations of the Republic of Indonesia and specifically under the Currency Law No. 07 of 2011. In accordance with the requirements of international payment systems, your card details are not stored either in the online store or on the Cloud Payments authorization server after the payment is completed.
The consent of the User, expressed in accordance with the Policy, to the processing of personal data and other information provided by him to the Company, is considered, at the same time, provided by the User to the third parties specified in the Policy, engaged by the Company to assist in the execution of the User Agreement.
Using the Application and/or website means you acknowledge that you have read, understand and hereby means to give the User unconditional consent to the Policy and all the conditions specified therein to process his personal data and other information; in case of disagreement with the Policy and all its terms, the User must refrain from using the Application or website.
1. Personal Data and Other Information of The User That the Company Receives and Processes
1.1. When registering, authorizing the User in the Application or website, making payments, conducting surveys, sending out informational and promotional messages, and in all other cases provided for by the User Agreement, the Company may request from the User (clause 1.1.1. Policy) and / or receive automatically (1.1.2 of the Policy) the following information about the User:
1.1.1. last name, first name, patronymic, year, month, date and place of birth, gender, passport data, mobile phone number, e-mail address, registration address/actual (postal) address, login and password information for accessing certain functions of the Application or website, data driver's license, data on the presence (absence) of medical contraindications to the use of the vehicle, biometric data (photos), data on the place of work, position, control information, history of using the Application or website;
1.1.2. information that is automatically transmitted to the Company in the process of using the Application or Website using the software installed on the User's device, including IP address, information from cookies and tracking bugs, information about the country and (or) city of the User's location, information about the User's Internet browser (or another program with which the Application or website is accessed, the access time, the address of the requested page about the User's devices through which the Application or website is accessed.
1.2. This Policy applies only to the Application and Website. The Company does not control and is not responsible for the websites and software of third parties to which the User can follow the links available in the Application and Website. On other sites of third parties, other information may be collected or requested from the User, and other actions may be performed for which the Company is not responsible.
1.3. The Company assumes that the User is an adult capable person who meets the requirements of the User Agreement, provides reliable and sufficient information and maintains this information up to date. The Company has the right to verify the information provided by the User in accordance with the provisions of the User Agreement. If the User provides false information, the Company has the right to suspend or cancel the registration and / or refuse the User to provide access to the Application and Website. The Company and/or other third parties are not liable for the provision of false information and the resulting negative consequences. If the Application and website was used by a minor and/or incapacitated person, then the parents, adoptive parents and other legal representatives of the minor and/or incapacitated person are responsible for such use not authorized by the Company.
1.4. The User expresses his consent and does not object to the fact that the Company has the right to engage third parties, including partners and (or) representatives, to collect, process Personal Data, as well as perform other actions necessary to provide access to the Platform and achieve the purposes specified in these Terms.
1.5. The user agrees to the cross-border transfer of his personal data in connection with the services available on the Application or Website in connection with verification, authentication, risk assessment, fraud prevention and Service development and maintenance as the Company may deem necessary prior to providing services.
2. Purposes Of Collecting and Processing Personal Data and Other Information of The User
2.1 The Company uses the User's personal data and other information for the purposes of concluding and executing the User Agreement, providing additional services, improving the quality of service, participating in the User's promotions, surveys, research conducted by the Company (including, but not limited to, conducting surveys, research via electronic, telephone and cellular communication), making decisions or taking other actions that give rise to legal consequences in relation to the User or other persons, providing the User with information about the services provided by the Company, and providing consulting services by the Company. The specified purposes of using personal data apply to all information specified in clause 1.1 of the Policy.
2.2 The purposes of collecting and processing personal data include, without limitation, the following:
2.2.1 registration, identification and authorization of the User in the Application or website;
2.2.2 conclusion and execution of the User Agreement or website;
2.2.3 providing the User with access to the Application, as well as any additional functionality;
2.2.4 processing requests from Users by the Company;
2.2.5 analysis and research of opportunities to improve the Application or website;
2.2.6 sending news and information about products, services, special offers related to the Application;
2.2.7 distribution of service messages;
2.2.8 prevention and detection of fraud and illegal use of the Application or website;
2.2.9 conducting statistical and other research based on depersonalized data.
3. Conditions, Methods and Procedure for Processing Personal Data and Other Personal Information of The User
3.1 The Company uses the personal data and other information of the User only for the purposes specified in the Policy and in accordance with the Policy.
3.2 With respect to personal data and other information of the User, the Company maintains confidentiality.
3.3 The Company will not disclose to third parties, distribute, sell or otherwise dispose of the received personal data and other information, except for the purposes, methods and within the limits provided for in this Policy.
3.4 The processing of personal and other data of the User is carried out by the Company in the amount necessary to achieve each of the goals specified in section 2 of the Policy, in the following possible ways: collection, recording (including on electronic media), systematization, accumulation, storage, compilation of lists , marking, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction, cross-border transfer of personal data, obtaining an image by photographing, as well as performing any other actions with personal data User subject to applicable law. The Company has the right to process the User's personal and other data, as well as their cross-border transfer, both using automated means of processing the User's personal data, and without using automation tools.
3.5 The Company has the right to transfer personal data provided to it by the User for their processing (give an instruction for processing) (to the extent necessary for the Company to fulfill its obligations) to third parties, including organizations that are involved by the Company for informational sending of messages via e-mail / mobile operators, debit / credit funds from / to a bank (s) card (s) / current account - credit institutions (banks), payment systems, mobile operators, courier services, postal organizations, including cross-border transfer personal data of the User in written or electronic form, in the cases and in the manner provided for by the relevant agreements with the specified third parties, the rules of the Company, the applicable law.
3.6 The Company also has the right to transfer personal data provided to it by the User to state bodies, courts, other authorized bodies and organizations, in cases and in the manner when this is required in accordance with the law applicable to the Policy.
3.7 The Company guarantees the conscientious and lawful processing of personal and other data of the User in accordance with the purposes provided for in Section 2 of the Policy.
3.8 The Company guarantees the immediate updating of the User's data in case of providing them with updated data.
3.9 Consent to the processing of personal data, their cross-border transfer and other data is given by the User on an indefinite basis, or until the expiration of the storage period for the relevant information or documents containing the above information, determined in accordance with the law applicable to the Policy. After the specified period, personal data is subject to destruction by the Company.
4 Change Or Removal of Information by The User. Withdrawal Of Consent to The Processing of Personal Data
4.1 The User can at any time change (update, supplement) the personal data and other information provided by him by contacting the Company, for example, through the support service or using contacts, in the Application or website with a request to change (update, supplement) the information provided by him earlier (the Company changes (updates, supplements) the information provided by the User only after carrying out the User identification procedure applied in the Company at the time of the relevant request).
4.2 The User has the right to withdraw his consent to the processing of personal data by sending the appropriate written notice to the Company at least 60 (sixty calendar) days prior to the withdrawal of consent, while the User acknowledges and understands that access to the use of the Application or website will not be provided by the Company from the moment when the Company has lost the ability to process the User's personal data.
5 Protection of User Information
The Company ensures that the necessary and sufficient organizational and technical measures are taken to protect personal data and other information of Users from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties with it.
6 Cookies and Tracking Bugs
6.1 To improve the quality of the Application or website, the Company may use (temporary and permanent) cookies, tracking bugs and / or other technologies for collecting non-personal data (for example, IP address, browser type and Internet Service Provider (ISP) data, as well as (for Users who use the Company's services through a mobile device), a unique device identifier, data on the operating system and coordinates in order to take into account the number of Users and their behavior when using the Application or website. To improve the convenience of Users, the Company has the right to collect and process information on the total number of transactions, pages viewed by the User, referring/originating pages, platform type, date/time of fixing information, number and location of page views, page views and used (search) words.
6.2 Information about cookies and tracking bugs:
6.2.1 A cookie is a small text file sent to the browser of the User's device from the server used by the Company. Cookies contain information that may later be used by the Company. The Browser will store this information and send it back with each request of the User to the Company. Some cookies can only be stored for one session and are deleted after the browser is closed. Others, set for a certain period of time, are recorded in a special file on the hard drive and stored on the User's device. Cookies are used to identify, track sessions (maintain state) and save information about the User, including preferences when using the Application or website. The cookies used by the Company collect only anonymous data.
6.2.2 Tracking bugs are graphic objects embedded in web pages or e-mail messages. Tracking bugs are used for a variety of purposes, including reporting on the number of Users. The tracking bugs used by the Company collect only anonymous data.
6.3 The Company may use cookies and tracking bugs in order to control the use of the Application or webiste, collect non-personal information about the User, store preferences and other information on the User's device in order to save the User's time required for repeated entry of the same information in the Application forms, and also for the purpose of displaying the content during subsequent visits by the User of the Application or webiste. The information obtained through cookies and tracking bugs may also be used by the Company for statistical research aimed at adjusting the content of the Application or website in accordance with the User's preferences.
6.4 The Company may provide the User with the opportunity to change the settings for accepting cookies and tracking bugs in their browser settings or disable them completely, however, in this case, some functions of the Application or website may not work correctly.
7 Changes to the Policy and User Consent to the Policy
7.1 The User acknowledges and agrees that the registration of the User in the Application or website and the subsequent use of the Application or website, any of its services, functionality means the User's unconditional consent to all clauses of this Policy and the unconditional acceptance of its terms.
7.2 The User's continued use of the Application or website after any changes and / or additions to the Policy means his acceptance of such changes and / or additions.
7.3 The User undertakes to regularly familiarize himself with the contents of the Policy in order to timely familiarize himself with its changes/additions.
7.4 The Company reserves the right, at its discretion, to change and (or) supplement the Policy at any time without prior and (or) subsequent notice to the User. The new version of the Policy comes into force from the moment it is posted on the Application or website, unless otherwise provided by the new version of the Policy. The current version of the Policy is always available in the Application or website.
8 Final Provisions
8.1 The law of the Republic of Indonesia shall apply to the Policy and the relations between the Users and the Company arising in connection with the application of the Policy.
8.2 By agreeing to the terms of the Policy, the User agrees to the processing of personal and other data by his own will and in his own interest.
8.3 Refusal to provide personal data and other information necessary for the use of the Application or website entails the impossibility for the Company to provide the User with access to the Application.
8.4 We accept plastic cards of the following international payment systems:
8.4.1 VISA International
8.4.2 MasterCard
All plastic card transactions are carried out using the electronic payment gateway Cloud Payments. Cloud Payments specializes in securing online card payments. When making a payment, Cloud Payments accepts your plastic card details, then this information is transmitted via a secure SSL communication channel to the Cloud Payments authorization server. Your card details are transmitted only in encrypted form. To transfer information, Cloud Payments uses special security technologies for online card payments Verified by Visa and MasterCard Secure Code. All transactions on your card are carried out in full compliance with the requirements of VISA International, MasterCard and other payment systems. The security of processing Internet payments through Cloud Payments is guaranteed by international PCI DSS security certificates.
Cloud Payments activity complies with the requirements of the Laws and Regulations of the Republic of Indonesia and specifically under the Currency Law No. 07 of 2011. In accordance with the requirements of international payment systems, your card details are not stored either in the online store or on the Cloud Payments authorization server after the payment is completed.
