PRIVACY POLICY DANA USER ACCOUNT
Valid from August 13th 2020
- Announcement to DANA User
- Acquisition and Collection of Personal Data
- Use of Personal Data
- Disclosure of Personal Data
- Direct Marketing
- Security Measures and Retention
- Third-Party Services and Websites
- Changes to this Privacy Policy
- E-mail Unsubscription
- Miscellaneous
- Acknowledgement
- Maintaining the Security of Your Data
- Retention and Deletion of Your Data
- Further Information
Hi! Thank you for being DANA User!
At DANA, we want to give you the best experience possible in enjoying every financial services that we provide both now and in the future. Your Privacy and security of Personal Data will always be very important to us. Therefore, we describe transparently on how we may collect, retain and use your Personal Data as set out below.
General
This Privacy Policy applies to services provided by PT Espay Debit Indonesia Koe (“PT EDIK”) (otherwise known as “DANA”, “we/us”, “ours”) and sets out on how we may collect, use, retain, transfer, protect, and disclose User’s “personal data”, “personally identifiable information” or other personal information (collectively, “Personal Data”) in connection with User’s access to and use of DANA mobile application (“Dana App”).
As described further in the Terms and Conditions for DANA User (“Terms and Conditions”), DANA App is an integrated life-style services app designed by PT EDIK for Users. DANA App provides a gateway for registered User to use payment system services in the form of electronic money, electronic wallet, and fund transfers, as well as participating in a variety of activities, including interacting with friends, accessing information or promotions, and making payments.
DANA App is provided free of charge for registered User. Anyone can sign up for an account on DANA App (“DANA Account”) with PT EDIK which is a non-bank institution that has obtained a license as an electronic money issuer (stored value facility), electronic wallet, and fund transfer organizer under supervision of Bank Indonesia as the authorized authority to supervise the implementation of the payment system.
From time to time, it is necessary for User to provides us User’s Personal Data updates regarding the access and use of DANA App by the User. By agreeing to this Privacy Policies, User states that he/she has understood and agreed to the terms in this notification in connection with the collection, use, retention, and disclosure of User’s Personal Data as set out in this Privacy Policy.
If the User does not provide such Personal Data to us, it may cause us being unable to provide DANA App services to User or to comply with any laws or guidelines issued by the regulator or relevant authorities.
The word “including” shall not be limiting.
Personal Data including but not limited to name, address, place of birth, occupation, telephone number, facsimile number, bank account, credit and/or debit card information (including direct debit), gender, identity number issued by authorized institution or authority (Including KTP (ID Card), SIM (Driving License), and Passport) or other government-issued identification, photos, nationality, telephone numbers of DANA User’s and non-User’s enlisted in contacts list of DANA User’s mobile phone, and biometric information (including but not limited to face recognition), as well as other information that is directly or indirectly, either separately or collectively with other information, can be used to identify User.
Please read this Privacy Policy carefully to ensure that as a User, you understand and approve the way we obtain, process, use, store, and disclose User’s Personal Data well.
Unless defined otherwise in this Privacy Policy, terms written in capital letters have the same meaning as provided in Terms and Condition.
Acquisition and Collection of Personal Data
DANA may obtain User’s Personal Data from various sources (e.g. from User or third parties) at any time, including but not limited to, when User accessing DANA App or make transactions using DANA App, including data related to:
- Information obtained (directly or indirectly) when User accesses DANA App, in connection with computer information, telephone device, parts of another hardware, software, and telecommunications networks used by User to access and use DANA App (including User’s IP address, geographical location, browser/platform type and version, internet service provider, operating system, referral source/exit pages, length of visit/usage, page views and any search terms that User use) (Device Information).
- Information obtained (directly or indirectly) when User signs up with DANA Account to create DANA Account, including User’s name, date of birth, address, telephone number, e-mail address, photos, and ID Card (Including KTP, SIM, and Passport) (“Registration Information”).
- Information obtained (directly or indirectly) when User uses DANA App, including User’s bank account numbers, billing and delivery information, transaction data, credit/debit card numbers and expiration dates, and other information from checks or money orders (“Account Information”)
- Information obtained when the User updates the information or at other times as may be requested by DANA to User, if needed, from time to time.
- Device Information, Registration Information, and Account Information above as well as other information may be accessed or collected (automatically or manually) at the time during User’s registration with DANA Account as DANA App User and/or during the course of User’s use of the DANA App and DANA Account. The above information obtained by us may constitute User’s Personal Data. We have taken steps to ensure that we do not collect information (regardless of whether such information constitutes Personal Data or not) from User more than what we need to provide our services to User, to perform the functions set out in Part 3 of this Privacy Policy, to protect DANA User Account, comply with our legal obligations, protect our legal rights, and to operate our business.
DANA may collect User’s Personal Data from third parties (including agents, vendors, suppliers, contractors, partners, and other parties who provide services to DANA or other partners cooperating with DANA. In that case, the third party is responsible to obtain approval from the authorized parties required in the collection and disclosure of User's Personal Data to DANA, and DANA will process the Personal Data by depending on the approval that has been obtained by the third party. In this case, DANA will utilize User's Personal Data for cooperation purposes of DANA with the third party.
Use of Personal Data
We may process, analyze and/or use the Personal Data that we obtained about User for the following purposes as well as other purposes permitted by applicable laws and regulations, including:
- Verifying User’s Data eligibility and/or suitability to use features and functions of DANA App or any verification that according to the DANA’s consideration is required before providing services to User or before DANA registers the User including but not limited to the Know Your Customer process.
- Identifying and processing DANA User Account registration, as well as maintaining and managing User’s
- Processing and managing User’s DANA Balance
- Providing User with services and customer services related to the use of DANA User Account including collaborating with DANA to facilitate purchase payment of goods and services, deliveries and other related services for purchases, charge-back, sending notifications about User’s transactions and bills as well as answering questions, input, complaints, claims, or disputes from User.
- Providing User with services related to the use of the DANA App by the User, which is to facilitate the User in identifying other DANA App Users when the User sees his/her mobile phone address book through DANA App.
- Improving and expanding our offerings by way of research and development of new functions of the DANA App or other new products and services that we may offer from time to time.
- Conducting research, statistical analysis or surveys, whether verbally or in writing, in order to manage and protect our business including information technology infrastructure, to measure the performance of DANA App and other services that we offer and to ensure your satisfaction of our services.
- Analyzing trends, usages, and other behaviors (whether individually or as a whole), that help us to understand better of how User and our collective user access and use the DANA App and commercial activities carried out through the DANA App, including for purposes of improving services and responses to customer’s questions and preferences.
- Referring to having obtained User’s consent in accordance with applicable law as contemplated in Part 4 below, we may use Personal Data to provide direct marketing information to User in connection with the services that we offer and our affiliates as well as selected third parties using User’s Personal Data to contact the User, by telephone, text message (SMS), e-mail, post, and facsimile.
- Managing risk, performing credit worthiness and solvency checks, or assessing, detecting, investigating, preventing and/or solving fraud or other activities that potentially infringe or violate the laws and interest of DANA, or protecting the integrity of our information technology platform.
- Detecting, investigating, preventing or remediating violations of the Terms and Conditions, Privacy Policy, any applicable internal DANA policies from time to time, industry standards, guidelines, related laws or regulations.
- Making such disclosures as may be required by any law or regulation of any country applicable to us or our affiliates, government official or third party, including any card association or other payment network as well as other relevant industry associations. Disclosures may also be made pursuant to any subpoena, verdict and/or court orders, orders of the law enforcement authorities in the course of an investigation or other legal process or a requirement in any country that applies to us or our affiliates (including anti-money laundering and counter-terrorism funding reporting requirements).
- Making any disclosure to prevent any harm or financial loss, to report any suspected illegal activity or to deal with any claim or potential claim brought against us or our affiliates.
- Conduct due diligence and other assessments or evaluations of actual or proposed merger, acquisition, financing transactions or joint ventures.
- Notifies the User of any updates on DANA App or changes on DANA services.
- Developing and improving the quality of applications to meet the needs and preferences of DANA Users of features owned or to be developed in the future by DANA.
- Monitor and analyze activity, behavior, and demographic data of DANA User including habits and the usage of various services available on the DANA App.
- Offering or providing services from partners or affiliates who work with DANA to Users.
- Sending information, advertisements, surveys, promos, vouchers, and other information deemed to be relevant by DANA to Users.
- Provide technical assistance or in order to resolve technical obstacles and operational problems that occur on DANA App.
- Facilitating transactions of business assets (which might be in the form of merger, acquisition, spinoff/separation or sale of assets) involving DANA and/or its
- For any other legitimate business purposes such as protecting User and other User of DANA App from losses, protecting lives, maintain the security of our products and systems, as well as protecting our interest, rights and/or other properties.
We might also use User's Personal Data in other ways, which will be accompanied by a special notification from us when the data is collected for the User's approval.
Disclosure of Personal Data
4.1 User’s Personal Data held by us will be kept confidential, but we may provide such information to the following parties (domestically or abroad) for the purposes set out in the provisions of Part 3 above:
- Companies that are members of DANA group and affiliated companies of members of DANA group.
- Agent, contractor or third party service provider that who work with DANA in providing our services to User, including for fraud prevention, bill collection, data entry, database management, promotions, marketing, research, surveys, customer services, technology services, products and services alerts as well as payment extension services.
- Entities with whom we have business reference relationship or other commercial agreement included third parties and entities that are entirely or largely owned by PT EDIK.
- Merchant and other organizations, such as card association, payment network or financial institution, to or through whom that payments are made using DANA, or other entities which allows.
- Third Party financial institution, bank, revenue agent, financial institutions and credit agent.
- Third party marketing service provider.
- Professional advisor, law enforcement institution, insurance companies, the government, and other authorities or institutions where PT EDIK is obliged to disclose as needed, authorities request, and applicable laws, regulations or commercial arrangements, including arrangements with card association or payment networks, or other relevant industry associations.
- Entities that involved in merger, acquisition, financial transaction or joint venture with us.
4.2 DANA may also disclose and share User Personal Data with the parties that mentioned above for following purposes:
- To improve the quality of services provided by DANA to User from time to time.
- If required or permitted by applicable laws or regulations or by official orders and/or request from state authorities, institution, nation institute, and/or law enforcement officers.
- For the purposes of legal process in any form between User and DANA.
- For the purposes of audit, both routine and incidental, as needed from time to time.
- For the purposes processing permit, registration, or record needed for the DANA business activities.
- For all verification process needed before registering the User as a User, including Know Your Customer Process.
4.3 DANA will not sell or rent User Personal Data to other party.
4.4 Other than as regulated above, DANA can disclose and share User Personal Data for purposes as well as to other party, after obtaining User’s consent to do disclose the Personal Data.
Direct Marketing Activities.
As determined in Part 3 point 9 above, DANA can use User Personal Data in direct marketing activities from time to time. In such case, User will be asked to provide approval of the direct marketing activities to be carried out by DANA in accordance with the scope and in manner which fully appropriate and comply with all requirements set forth in this Part. If User then give that approval, please note that :
- Certain Personal Data that we obtain from time to time can be used in direct marketing and promotional activities.
- We can promote goods and services that we believe are relevant to User, further advanced approval from User more specific will be obtained. This includes the goods and services offered by us, our any affiliates, our business partners, or selected third party, including but not limited to payment and financial products.
- We can give User Personal Data to certain third party to be used for marketing their goods and services, including (i) our affiliates, (ii) business partners, and (iii) other third party.
- User Approval for using User Data Personal for the purposes of direct marketing will be obtained by choosing to put a check in the box or other positive indications that indicate approval and/or no objection.
- At any time User does not wish to continue, use or provide User Personal Data to other party to be used in direct marketing as explained above and in relevant approval, the User can exercise the right of “opt-out” by notifying us of those intention through communication channels that are provided by us.
Security Measures and Retention
We take all reasonable steps to the extent possible including providing technical, administrative and physical protection to help protect User Personal Data that we process from risk loss, misuse, and unauthorized access, disclosure, change and destruction.
We will save and ensure our service provider for store User Personal Data only as long as necessary for the purposes that already specified in this notification and in accordance with the requirements in applicable laws.
User Personal Data will only be stored for as long as necessary to fulfill the purpose of its collection or as long as such storage is required or permitted by applicable laws.
For User who registered in DANA then register information and User Account information (if any) can be seen and changed in the DANA Application through User Account, which is protected by password, PIN code, or other security method. We remind the User not to reveal the password or PIN code, or other security key to any party. Our employees, officers, agents, and representatives do not know and will never ask User’s password in communication through telephone that never be asked or through unsolicited e-mail media. If User use a device that can be used by another person (public device), then User must choose not to store User’s log-in information (for example: user ID and password) on that device. You are responsible for maintaining the confidentiality of your account details , including password, PIN code, and One Time Password (OTP) from anyone and are responsible for the security of the device you use.
Third Party Service and Website
DANA Application may provide link to other websites and services (including application operated by third party) for User’s convenience and information. This services and websites can operate independently from us and may have their own notification or privacy policy, we suggest User to read first before using their services or do any activities on that website. Providing links to other websites and services are only for information. We do not provide any support or guarantees for the content and information contained in these links. For websites that User visit that are not owned or controlled by us, we are not responsible for the content, privacy practices, and quality of these services.
Changes to this Privacy Policy
DANA holds the exclusive right to change, add, and/or revise notification and information related this Privacy Policy from time to time, in which case User will be asked to give approval to the Privacy Policy that has been changed, and/or revised. If the User does not give approval to the Privacy Policy that has been changed, and/or revised, DANA has full authority to stop providing services in DANA Application to User.
You agree that you are responsible for review this Privacy Policy periodically to obtain the latest information regarding data processing and data protection practices.
E-mail Unsubscription
We have policy to choose to enter or exit from data base. If User want to unsubscribe receiving email from us, can click the unsubscribe link included in every email.
However, from time to time we can send e-mail, Message, or other media communication that we assume necessary for the purpose of providing services, and not promotion. You can choose to not receive e-mail, Message, or other communication.
Miscellaneous Provision
- This Personal Data regulation is subject to, regulated, and implemented in accordance with the Laws of the Republic of Indonesia.
- If a dispute occurs in the interpretation and implementation of this Personal Data Regulations, User and PT EDIK agree to resolve it by deliberation. If within 30 (thirty) calendar days User and PT EDIK cannot reach agreement through the deliberation, then the dispute will be resolved by referring to the South Jakarta District Court.
- These Personal Data Regulations are made in Indonesian and English. In the event of inconsistency and/or disagreement between the English version and the Indonesia version, the Indonesian version will prevail and the English version will be adjusted with the Indonesian version.
- We will implement information security system that we think is sufficient and in accordance with industry standards or laws and regulations. However, the transmission information through communication channels is not completely secure and free from gap. Therefore, any transmission of information by User to us carries a security risk, in which case that risk is borne by User. We do not guarantee the security of our data base and we also not guarantee the data that User provide completely will not be held / disturbed while being sent to us.
Acknowledgement
By using DANA Application, User admit that User has read and understand this Data Personal Regulations and agree the collection, utilization, cultivation, processing, storage, disclosure, and removal Personal Data as set out in this Privacy Policy.
Maintaining the Security of Your Data
DANA is committed to protecting your Personal Data as our User where we strive to implement technical measures as best as possible, in accordance with industry or laws and regulations, to protect the security of your Personal Data. However as User, you must understand that there is no system that fully secure. Therefore, as User, you are obliged to implement measures to protect DANA User Account by maintaining the authority of the Mobile Number and Device that used to access DANA Applicatin, and using and keeping secret’s of the password and/or strong PIN code and unique to prevent access undesirable.
Storage, Access, Correction, Updates, and Removal of Your Data
13.1 DANA save your Personal Data as a User for as long as it is necessary to provide DANA services and for the legitimate and important business purposes, including:
- In order to maintain the performance and quality of services on DANA features;
- In order to make business decisions based on the data that you provide for the development of products and our service quality;
- In order to complete unresolved issues regarding your account, such as chargeback, refund, or other disputes, where we will store your Personal Data until the problem is resolved.
- In order to fulfill our legal, tax, audit and our accounting, we will save Personal Data that needed as long the period that required under applicable laws; and
- Or for other purposes as mentioned above as long as necessary for the benefits of our business interest, such as to prevent fraud or maintain your security as of DANA User.
13.2 You have entitled to request access to the historical Personal Data that has been submitted to us. In such case, we will provide the information in our format, with regard to compatibility and reasonable practices. You can convey request access via Help Center that available in DANA Application, or the contact information provided in Part 14.
13.3 You have entitled to make correction or update Personal Data that has been submitted to us. You can make correction or updates through DANA Application or via Help Center that available in DANA application, or the contact information provided in Part 14.
13.4 You have entitled to make request the removal of Personal Data that has been submitted to us that is no longer relevant, in accordance with laws and regulations. You can convey the removal request via Help Center that available in DANA application, or contact information provided in Part 14.
Further Information
If the User want to ask the question or submit complaint, please contact DANA Customer Service below :
PT Espay Debit Indonesia Koe (DANA)
Gd Capital Place Office Tower 18 Floor
Jalan Jend. Gatot Subroto Kav 18, South Jakarta 12710Office Hour: Monday – Friday, 08.30 a.m – 17.00 p.m
Telephone: 1500445
E-mail: help@dana.id
By agreeing to this Privacy Policy, you acknowledge that you have read and understand this Privacy Policy and agree to all the provisions contained therein. You have also approved DANA to collect, utilize, share, disclose, store, transfer, or process your Personal Data in accordance with this Privacy Policy.