DF18-CSIRT

Privacy Policy

Privacy and Data Usage Policy
Last Updated: May 21, 2025

Welcome to DF18-CSIRT We value your trust and are committed to protecting your personal information. This Privacy and Data Usage Policy describes how we collect, use, store, and protect your personal data when you use our website https://csirt.df18.co.id.

By accessing or using our website, you signify your consent to the practices described in this policy.

1. Legal Basis
This policy is prepared based on:

    • Law Number 11 of 2008 concerning Electronic Information and Transactions (UU ITE) as amended by Law Number 19 of 2016.
    • Law Number 27 of 2022 concerning Personal Data Protection (UU PDP).
    • Other applicable laws and regulations related to personal data protection in Indonesia.

    2. Information We Collect
    We may collect the following types of information when you interact with our website:

      • Personal Data You Voluntarily Provide:
        • Identifying Information: Full name, email address, phone number, physical address, and other contact information that you provide when registering for an account, filling out a form, or contacting us.
        • Demographic Information: Age, gender, preferences, or other data that you voluntarily provide.
        • Payment Information: If you make a transaction through our website, we may collect payment information such as credit/debit card details or bank account information. However, we do not store full credit/debit card information on our servers.
      • Data We Collect Automatically:
        • Usage Data: Information about how you use our website, such as the pages you visit, time spent on the website, the links you click, and other activity.
        • Device Data: Information about the device you use to access our website, such as your IP address, browser type, operating system, unique device identifier, and language settings.
        • Location Data: If you give us permission, we may collect your geographic location information.
        • Cookies and Similar Tracking Technologies: We use cookies and other tracking technologies to collect information about your usage, improve your experience, and analyze trends. You can manage your cookie preferences through your browser settings.

      3. How We Use Your Information
      We use the information we collect for a variety of purposes, including:

        • Providing and Improving the Service: To manage your account, provide services or information you request, process transactions, and improve the functionality of our website.
        • Communications: To send you notifications, updates, newsletters, promotional information, or responses to your inquiries.
        • Personalizing the Experience: To tailor content and offers relevant to your interests.
        • Analytics and Research: To understand how users interact with our website, perform statistical analysis, and develop new products or services.
        • Security and Fraud Prevention: To detect, prevent, and combat fraud, abuse, or other illegal activity, and to maintain the security of our systems and data.
        • Legal Compliance: To comply with applicable legal obligations, including reporting and auditing requirements.

        4. Disclosure of Information to Third Parties
        We will not sell, rent, or trade your personal data to third parties without your consent, except in the following situations:

          Service Providers: We may share information with third-party service providers who assist us in operating our website or providing services, such as hosting providers, payment service providers, or analytics platforms. These third parties are bound by confidentiality obligations and are permitted to use your information only to the extent necessary to provide those services.

          Legal Obligations: We may disclose your information if required to do so by law, court order, or valid governmental request.

          Protection of Rights: We may disclose information to protect the rights, property, or safety of DF18-CSIRT, our users, or the public.

          Business Transfers: In the event of a merger, acquisition, restructuring, or asset sale, your personal data may be transferred as part of the transaction. We will notify you before your personal data is transferred and becomes subject to a different privacy policy.

          With Your Consent: We may disclose your information to third parties with your explicit consent.

          5. Data Storage and Protection
          We implement reasonable technical, organizational, and physical security measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. These include, but are not limited to:

          • Encryption of data during transmission and storage.
          • Strict access controls to personal data.
          • Regular security audits and system monitoring.
          • Security awareness training for our staff.

          While we strive to protect your data, remember that no method of data transmission over the internet, or method of electronic storage, is completely secure. Therefore, we cannot guarantee the absolute security of your data.

          Your personal data will be retained for as long as necessary to fulfill the purposes outlined in this Policy, or as required by applicable law.

          6. Your Rights as a Personal Data Owner
          Under the PDP Act, you have certain rights regarding your personal data, including:

            • Right to Obtain Information: Obtain information about the clarity of your identity, the basis of the legal interest, the purpose of the request and use of the personal data, and the accountability of the party requesting the personal data.
            • Right to Access: Access and obtain a copy of the personal data we hold about you.
            • Right to Rectification: Request correction of any errors or inaccuracies in your personal data.
            • Right to Erasure/Destruction: Request the deletion or destruction of your personal data under certain circumstances.
            • Right to Restrict Processing: Request the restriction of the processing of your personal data under certain circumstances.
            • Right to Withdraw Consent: Withdraw your consent to the processing of your personal data at any time, without prejudice to the lawfulness of processing based on consent prior to withdrawal.
            • Right to Object: Object to the processing of your personal data.
            • Right to Data Portability: Obtain your personal data in a structured, commonly used and machine-readable format, and transfer it to another Data Controller.
            • To exercise these rights, please contact us using the contact information provided at the bottom of this policy. We will process your request in accordance with applicable law.

            7. Third Party Links
            Our website may contain links to third party websites. We are not responsible for the privacy practices or content of those third party websites. We encourage you to read the privacy policies of each website you visit.

              8. Changes to the Privacy Policy
              We may update this Privacy and Data Use Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the most recent version on our website with a revised “Last Updated” date. We encourage you to review this policy periodically.

                9. Contact Us
                If you have any questions, comments, or concerns about this Privacy and Data Use Policy or our data practices, please contact us at:

                email : sirt@csirt.df18.co.id

                    Translate »