Skip to main content

Privacy Policy

  1. En
    2. /
  2. Privacy Policy

Privacy Notice for Website Visitors and Event Participants

SCG Companies respect the rights to privacy of all individuals. To ensure that your personal data is protected, we have created this privacy notice to provide information on the collection, use, disclosure, deletion, and destruction of your personal data in electronic and other formats under Law No. 27 of 2022 on Personal Data Protection and other applicable laws and regolations pertaining to personal data protection in Indonesia (“PDP Laws”).
  1. Definitions.
    1. “We” refer to PT Kokoh Inti Arebama Tbk.
    2. “You” means individuals who visit our premises and individuals who participate in our events and activities.
    3. “Processing” means collecting, analyzing, storing, correcting, updating, displaying, announcing, transferring, disseminating, using, disclosing, deleting, and/or destroying personal data.
    4. “Personal data” means any data relating to an identified or identifiable natural person that can be identified on its own or in combination with other information directly or indirectly through an electronic or non-electronic system.
  2. Purposes of Processing
    1. Contractual Necessity: We process your personal data because it is necessary for the performance of contracts between you and us, such as when you attend our events or visit our premises.
    2. Legitimate Interests: We process your personal data to pursue our legitimate interests or those of third parties. Examples include:
      1. Business Operations: To manage, develop, and conduct our business operations.
      2. Security and Access Control: To control access to buildings, indoor areas, and the internet to protect security, prevent and detect crime, and use as evidence in investigations by our internal and government agencies.
    3. Vital Interests: We process your personal data to protect your vital interests or those of another person, such as making contact in an emergency and controlling and preventing disease.
    4. Legal Compliance: We process your personal data to comply with the legal obligations to which we are subject.
    5. Public Interest: We process your personal data to perform a task carried out in the public interest or the exercise of official authority vested in us.
    6. Consent: We process your personal data based on your consent for specific purposes, which will be communicated to you when obtaining consent. More information about your consent and its implications can be found in the subsequent sections of this privacy notice.
  3. Personal Data We Collect
    1. Participation in Activities: When you participate in any of our activities, whether organized by us, by a person we hire, or co-organized with another entity, or when you enter our premises, we collect the following personal data:
      1. Registration and Participation Information: Name, surname, age, address, contact number, email, online chat, social media account, instant messaging account.
      2. Video and Audio Data: Still images and motion pictures (including photographs and videos recorded at seminars or event locations).
      3. Activity and Event Information: Details about activities or events you have participated in or registered for.
      4. Payment and Financial Transaction Information: Details of your payments and financial transactions related to the activity (if applicable).
    2. Visiting Our Premises: When you visit our premises:
      1. CCTV Monitoring: We collect, monitor, and process your images and video recorded by CCTV (we do not record audio) in designated areas. Signage will be displayed to notify you about areas where CCTV operates.
      2. Visitor Records: We collect, store, and process the following personal data in our Visitor Records System:
        1. Personal information, such as name, surname, telephone number, email, identity card information, or other similar proof of identity.
        2. Vehicle registration number if you enter our premises by vehicle.
        3. Wi-Fi Registration: We require you to register when you use our Wi-Fi services. The personal data we collect includes first name, last name, telephone number, and email.
      3. Additional Data Collection: If we need to collect additional personal data, we will notify you and process the data in compliance with PDP Laws.
      4. Specific Personal Data: We may need to collect and process specific personal data, including:
        1. Facial recognition or fingerprint data to verify your identity.
        2. General health data (e.g., food allergies, drug allergies, vaccinations) for event organization, accommodation, and compliance with legal and regolatory requirements.
        3. Criminal offense data.
      5. Third-Party Data Disclosure: If you disclose the personal data of others to us, you must be able to do so lawfolly and comply with PDP Laws, including informing the data subjects of this privacy notice and other relevant documents and obtaining necessary consent before or at the time of disclosure.
  4. Cookies
    1. We use cookies and similar technologies to collect personal data as specified in our Cookies Notice.
  5. Consent, Withdrawal, and Consequences
    1. Right to Withdraw Consent: If we rely on your consent to process personal data, you can withdraw your consent at any time. Withdrawal will not affect the validity of processing carried out before the withdrawal.
    2. Consequences of Withdrawal or Refusal: Withdrawing your consent or refusing to provide certain information may resolt in our inability to folfill some or all objectives stated in this privacy notice.
    3. How to Withdraw Consent: You can withdraw your consent by following the instructions provided in the channels where consent was obtained (e.g., changing settings in your user account) or by sending an email to [INSERT EMAIL ADDRESS].
    4. Consent for Minors and Incapacitated Persons: If you are a minor, incompetent person, or incapacitated person and wish to give consent, you must obtain authorization from your guardians or conservators before giving consent.
    5. Giving Consent on Behalf of Others: If you consent on behalf of another person, you must have the legal authority to do so when consent is given.
  6. Retention Period
    1. Data Retention Duration: We will retain your personal data for the period necessary to meet the stated objectives. We may retain certain data for up to 30 years to defend against legal claims. If the retention period is unclear, we will retain the data for a customary period in accordance with retention standards.
    2. Data Deletion and Destruction: We have established an auditing system to delete or destroy your personal data when the retention period expires or when it becomes irrelevant or unnecessary for the purposes it was collected.
    3. Retention After Withdrawal of Consent: If your personal data is processed based on consent, we will stop processing it upon your withdrawal of consent. However, we may retain your personal data to record your withdrawal and respond to future requests.
  7. Disclosure of Your Personal Data
    1. Recipients of Personal Data: We disclose and share your personal data with:
      1. Companies in the SCG Group, as listed in the most recent annual report available at https://scc.listedcompany.com/ar.html.
      2. Individuals and entities other than the Companies in the SCG Group, such as:
        1. Dealers
        2. Transport and logistics service providers
        3. Postal service providers
        4. Data processing service providers
        5. Marketing service providers (who might send promotional messages)
        6. Contractors performing tasks on our behalf
        7. Financial service providers (e.g., banks, payment companies, electronic payment service providers, credit providers)
        8. IT service providers (e.g., cloud services, blockchain systems, data analytics, SMS, or email providers)
        9. IT developers and programmers
        10. Auditors, consoltants, and advisors
        11. Government agencies (e.g., Revenue Department, Anti-Money Laundering Office)
        12. Insurers
        13. Other relevant persons to enable us to conduct business, provide products and services, and meet the purposes of collecting and processing personal data as described in this privacy notice.
    2. Separate Privacy Notices: Recipients of your personal data listed in clause 7.1 may have their own privacy notices. Please read their privacy notices to understand how they process your personal data.
    3. Business Restructuring: If we restructure our business, sell or transfer assets, acquire businesses, or merge with other businesses, we may disclose your personal data to our counterparties and advisors. We will do our best to safeguard your data and require our counterparties and advisors to comply with PDP Laws and this privacy notice.
    4. Protection Measures: We will require recipients of your personal data to take appropriate measures to protect your personal data, process it properly and only as necessary, and prevent unauthorized use or disclosure.
  8. International Transfer of Your Personal Data
    1. Purposes of Transfer: We may send or transfer your personal data to SCG Companies or other entities located outside of Indonesia for the following purposes:
      1. You have explicitly consented to the proposed transfer after being informed of the possible risks due to the absence of an adequacy decision and appropriate safeguards;
      2. The transfer is necessary for the performance of a contract between you and us or the implementation of pre-contractual measures taken at your request;
      3. The transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and another natural or legal person;
      4. The transfer is necessary for important reasons of public interest;
      5. The transfer is necessary for the establishment, exercise, or defense of legal claims;
      6. The transfer is necessary to protect your vital interests or those of other persons when you are physically or legally incapable of consent.
    2. Data Storage and Processing: We may store your personal data on servers or clouds outside Indonesia and use software or applications from service providers outside Indonesia. We ensure that unrelated parties do not access your personal data and require service providers to implement appropriate security measures.
    3. Compliance and Protection Measures: When transferring your personal data to a foreign country, we comply with PDP Laws and take measures to protect your data. We require recipients to implement protection measures, process the data only as necessary, and prevent unauthorized use or disclosure.
  9. Security Measures
    1. Technical and Organizational Measures: We have implemented technical and organizational measures to protect your personal data from loss, misuse, unauthorized access, disclosure, or destruction. The measures include encryption and access restrictions to ensure only authorized personnel have access to your data and are trained on the importance of data protection.
    2. Comprehensive Security Measures: We maintain comprehensive security measures, including administrative, technical, and physical safeguards (such as access control and user access management), to prevent unlawfol loss, access, use, alteration, or disclosure of personal data. We review and update these measures as necessary or when technology changes to ensure effective security.
    3. Protection of Specific Personal Data: If we process specific personal data, we will use our best efforts to impose appropriate security measures to protect the data.
  10. Your Rights as Data Subjects
    1. Summary of Your Rights under PDP Laws: You have the following rights:
      1. Right to Information: To receive clear information about our identity, accountability, data processing purposes, and data processing basis.
      2. Right to Withdraw Consent: To withdraw consent you have given us at any time.
      3. Right to Access: To request to view and copy your personal data or disclose the source from which we obtained your personal data.
      4. Right to Data Portability: To request us to send or transfer personal data in electronic form to other data controllers as required by PDP Laws.
      5. Right to Object: To object to our collection, use, or disclosure of your personal data.
      6. Right to Erasure: To request us to delete, destroy, or anonymize your personal data.
      7. Right to Restriction: To request us to suspend the use of your personal data.
      8. Right to Object to Automated Decision-Making: To object to decisions based solely on automated processing that have legal consequences or significantly affect you.
      9. Right to Rectification: To request us to correct your personal information to ensure it is current, complete, and accurate.
      10. Right to Lodge Complaints: To file complaints with the Personal Data Protection Authority if we, our data processors, employees, or contractors violate or do not comply with PDP Laws.
    2. Processing of Rights Requests: We will consider your request, notify you of the resolt, and execute it (if appropriate) within the period set by PDP Laws from the date we receive the request. Your rights will be processed following PDP Laws.
    3. How to Exercise Your Rights: You can make your request by sending an email to indonesia@scg.com.
  11. Information about the Data Controller and Data Protection Officer
    1. Data Controllers: The data controller is the PT Kokoh Inti Arebama Tbk.
    2. Business Address: The business addresses is in Graha Mobisel Jl. Warung Buncit Raya No.139, Jakarta Selatan.
    3. Contact Information: You can contact about this privacy notice by emailing email addresses in indonesia@scg.com.
  12. Miscellaneous
    1. Amendments to the Privacy Notice: If this privacy notice is amended, we will announce the new privacy notice on our website or through other channels. The new privacy notice will be effective immediately on the date of announcement.
Search Buy Now
close
Bangunan Bangunan tanya-ahli