Privacy Policy

1. Data Controller

PT Alpha Code Technologies ("we", "us", or "our") is the data controller responsible for your personal data. We are registered and operate in accordance with Indonesian law.

PT Alpha Code Technologies
DBS Bank Tower, Jakarta, Indonesia
Email: contact@alphacode.tech

2. Personal Data We Collect

In accordance with UU PDP Article 4, we collect personal data with your consent for legitimate business purposes. The types of personal data we may collect include:

3. Legal Basis for Processing (UU PDP Compliance)

Under UU PDP Article 20, we process your personal data based on:

• Consent: You have given explicit consent for specific processing purposes
• Contract Performance: Processing is necessary to fulfill our service agreements
• Legal Obligation: We must process data to comply with Indonesian laws and regulations
• Legitimate Interest: Processing is necessary for our legitimate business interests while respecting your rights

4. How We Use Your Personal Data

We use your personal data for the following purposes:

• Delivering cybersecurity and technology services
• Managing client accounts and relationships
• Processing payments and billing
• Providing technical support and customer service
• Monitoring and improving security operations
• Detecting and preventing security threats
• Complying with legal and regulatory requirements
• Sending service-related communications and updates
• Improving our services and developing new features

5. Data Localization and Storage

In compliance with Indonesian data localization requirements:

• Personal data of Indonesian citizens is primarily stored within Indonesia
• Data centers and servers are located in secure facilities in Indonesia
• Cross-border data transfers are conducted only when necessary and with appropriate safeguards
• We maintain backup systems within Indonesian territory

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your data with:

7. Your Rights Under UU PDP

As a data subject under Indonesian law, you have the following rights:

• Right to Access: Request confirmation and access to your personal data we hold
• Right to Correction: Request correction of inaccurate or incomplete data
• Right to Deletion: Request deletion of your personal data (subject to legal obligations)
• Right to Data Portability: Request your data in a structured, commonly used format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time (without affecting prior processing)
• Right to Complain: Lodge a complaint with the Indonesian data protection authority

To exercise these rights, contact us at: contact@alphacode.tech

8. Data Security Measures

We implement comprehensive security measures to protect your personal data:

• Encryption of data in transit and at rest (AES-256)
• Multi-factor authentication for system access
• Regular security audits and penetration testing
• Employee training on data protection and privacy
• Access controls based on least privilege principle
• 24/7 security monitoring through our SOC
• Incident response procedures and breach notification protocols
• Regular data backups with secure storage

9. Data Retention

We retain personal data only as long as necessary:

• Active Clients: For the duration of the service relationship
• After Termination: Up to 7 years for legal, tax, and audit purposes as required by Indonesian law
• Security Logs: Minimum 6 months, up to 2 years for compliance
• Marketing Data: Until consent is withdrawn or 2 years of inactivity

After retention periods expire, personal data is securely deleted or anonymized.

10. Cookies and Tracking Technologies

We use cookies and similar technologies for:

• Essential website functionality and security
• Analyzing website usage and performance
• Remembering preferences and settings

You can control cookie preferences through your browser settings. Disabling cookies may affect website functionality.

11. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware of such collection, we will delete the data promptly.

12. Data Breach Notification

In accordance with UU PDP Article 62, in the event of a personal data breach that poses a risk to your rights:

• We will notify the Indonesian data protection authority within 3 x 24 hours
• Affected data subjects will be notified without undue delay
• We will provide information about the breach, its consequences, and remedial actions

13. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be communicated via:

• Email notification to active clients
• Notice on our website
• Updated "Last Modified" date at the top of this policy

14. Contact Us

For questions, concerns, or to exercise your rights regarding personal data:

We will respond to your requests within 10 business days as required by UU PDP.

Data Protection Officer
PT Alpha Code Technologies
Email: contact@alphacode.tech
Address: DBS Bank Tower, Jakarta, Indonesia