top of page

Privacy Policy

This Privacy Policy describes how Kemakmuran Hijau Lestari ("we," "us," or "our") collects, uses, processes, and protects your personal data when you visit our website ptkhl.co.id  (the "Site") and use our services. By accessing our Site, you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy.

 1. LEGAL BASIS FOR PROCESSING

 

In accordance with Indonesian Law No. 27 of 2022 on Personal Data Protection ("PDP Law"), we process your personal data based on one or more of the following legal grounds:

 

  • Explicit Consent: You have given us clear consent to process your data for specific purposes.

  • Contractual Necessity: Processing is necessary to perform a contract with you (e.g., fulfilling an order).

  • Legal Obligation: Processing is necessary for compliance with Indonesian laws and regulations.

  • Legitimate Interests: Processing is necessary for our legitimate business interests, provided they do not override your fundamental rights.

2. CATEGORIES OF DATA COLLECTED

We collect information that identifies, relates to, or could reasonably be linked to you ("Personal Data"):

  • Identity Data: Full name, date of birth, gender, and ID card number (NIK) where legally required.

  • Contact Data: Email address, telephone/WhatsApp number, and physical billing or shipping addresses.

  • Technical Data: IP address, login data, browser type and version, time zone setting, browser plug-in types, operating system, and platform.

  • Usage Data: Information about how you navigate our Site, products viewed, and page response times.

  • Financial Data: Bank account and payment card details (processed via secure third-party payment gateways).

3. HOW WE USE YOUR DATA

We use your data for the following purposes:

  • To register you as a new customer or user.

  • To process and deliver your orders, including managing payments, fees, and charges.

  • To manage our relationship with you (notifying you about changes to our terms or privacy policy).

  • To administer and protect our business and this Site (including troubleshooting, data analysis, and system testing).

  • To use data analytics to improve our website, products/services, and marketing.

4. DATA DISCLOSURE AND THIRD PARTIES

We may share your personal data with the following parties:

  • Service Providers: Third-party vendors providing IT and system administration, payment processing, and delivery services.

  • Professional Advisers: Including lawyers, bankers, auditors, and insurers in Indonesia.

  • Government Bodies: Regulators and other authorities (such as Kominfo) who require reporting of processing activities in certain circumstances.

  • Business Transfers: Third parties to whom we may choose to sell, transfer, or merge parts of our business.

5. INTERNATIONAL DATA TRANSFERS

Your data may be transferred to and stored on servers located outside of the Republic of Indonesia. In such cases, we ensure a similar degree of protection by ensuring that:

  1. The destination country has a personal data protection level equivalent to or higher than the Indonesian PDP Law; and/or

  2. We use specific binding contracts approved by Indonesian authorities that give personal data the same protection it has in Indonesia.

6. DATA SECURITY

We have put in place appropriate security measures (including SSL encryption and firewalls) to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. We limit access to your personal data to those employees and partners who have a business "need to know."

7. DATA RETENTION

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for. Under Indonesian law, we typically retain transaction-related data for a minimum of 5 (five) years to comply with tax and electronic transaction regulations (Government Regulation No. 71/2019).

8. YOUR LEGAL RIGHTS

Under the PDP Law, you have the following rights:

  • Right to Access: Request a copy of the personal data we hold about you.

  • Right to Rectification: Request correction of incomplete or inaccurate data.

  • Right to Erasure: Request deletion of your data when there is no good reason for us to continue processing it.

  • Right to Object: Object to processing for direct marketing or automated decision-making.

  • Right to Data Portability: Request the transfer of your data to you or a third party in a structured, machine-readable format.

  • Right to Withdraw Consent: Withdraw consent at any time where we are relying on consent to process your data.

9. DATA BREACH NOTIFICATION

In the event of a breach of personal data, we will notify you as soon as we become aware of the breach, providing details regarding the nature of the breach and the steps taken to mitigate it.

10. CONTACT INFORMATION

To exercise any of your rights or ask questions about this policy, please contact our Data Protection Officer (DPO):

Email

info@ptkhl.co.id

Address

EightyEight @ Kasablanka

20th Floor Unit C

Jl. Casablanca Raya Kav. 88

Jakarta 12870

bottom of page