Privacy Policy
*Last modified October 1st, 2022
PT Mekari Identitas Digital (hereinafter referred to as โWeโ, โUsโ, or โOurโ) is highly committed to protecting Your data. We always make the security of Your data our top priority, for this reason, the security of your data (as well as other data that you entrust to us) is of the utmost importance to Us.
This privacy policy (hereinafter referred to as โPolicyโ) regulates how We collect and use Your data in our Services. By using Our Services, You have agreed to and are bound by the matters contained in this Policy. Therefore, we hope you will read this Policy to ensure you understand how we handle Your data.
This Policy may be changed or updated in part or in whole from time to time without prior notification to the User and will take effect from the date uploaded on the Mekari Sign website. Mekari Sign service users are advised to check the Mekari Sign website page periodically to understand find out any changes to the Terms and Conditions and this Privacy Policy from time to time.
By continuing to access the Mekari Sign Account or using the Mekari Sign Service, the User is deemed to agree to the Terms and Conditions and this Privacy Policy and all of its changes, if the User does not agree to the Terms and Conditions and this Privacy Policy, the User can contact Mekari Sign to terminate the Mekari Sign Service.
A. Definition
Each word beginning with a capital letter has the following meaning:
- โMekari Accountโ, means an access login in the form of a login ID, which is used to access the Mekari Sign Service, which can be associated with a User Name, to identify the User in using the Mekari Sign Service.
- “Electronic Documents“, means any Electronic Information, including but not limited to electronic contracts, which are created, forwarded, received, or stored in electronic form.
- “Electronic Information“, means electronic data or set, including but not limited to writing, voice, images, maps, designs, photographs, electronic data interchange, electronic mail, telegram, telex, telecopy or the like, letters, signs, numbers, processed code, access, symbol, or perforation that has meaning or can be understood by people who are able to understand it.
- โMekari Sign Serviceโ means eSignature, eSeal, eStamp, eContract, and/or other Mekari Sign services provided from time to time, either through websites or other media.
- “User“, “You“, “Electronic Certificate Owner“, and ‘Subscriber”, mean every individual, partnership, firm, company, legal entity, Institution, or organization that uses Mekari Sign Services.
- “Electronic Certificate“, means a Certificate issued by PSrE which is subject to the Ministry of Communication and Informatics, which is electronic in nature and contains an Electronic Signature and identity that shows a legal subject or a Party in an Electronic Transaction.
- โSiteโ means esign.mekari.com or app.esign.mekari.com.
- โService Policy Documentsโ โ(Service Policy Documents)โ means documents, Terms and Conditions, Certificate Policy, Certification Practice Statement, Privacy Policy, and other policy documents that inform about the policies and practices of Mekari Sign Services, as regulated in the Indonesian Root Certificate Authority and applicable laws and regulations.
- โMekari Sign Service Usage Agreementโ, means the terms and conditions that apply to Mekari Sign Account holders, who use Mekari Sign Services.
- “Electronic Signature“, means a Signature consisting of Electronic Information that is attached to, associated with, or related to other Electronic Information that is used as a means of verification or authentication made with the Mekari Sign service.
B. Processing of Personal Data
-
Acquisition of Personal Data
Mekari Sign obtains and processes the User’s Personal Data when the User submits an application for registration of a Mekari Account. Mekari Sign will verify the data provided by the User with the data administered by the competent authority. If the Electronic Certificate application process stops, Mekari Sign will not store the data.
-
Required Personal Data
The Personal Data required to be able to use Mekari Sign Services includes, but is not limited to:
- Name details according to KTP;
- E-mail;
- Phone number;
- Indonesian ID card photo;
- A selfie;
- Electronic Documents to be affixed with PSrE Electronic Certificates; and/or
- Other documents and/or information that may be required from time to time.
-
Storage of Personal Data
Mekari Sign stores User’s Personal Data and protects it from loss, misuse, or inappropriate disclosure in accordance with Information Security Management System (ISMS) practices. This storage will continue to be carried out in accordance with regulations. Actions taken by Mekari Sign include:
- Mekari Sign makes efforts to secure and store it with utmost care to protect the confidentiality of Personal Data from time to time.
- Mekari Sign guarantees that any data uploaded and sent by Users when using Mekari Sign Services will be stored safely and sent confidentially by using information security standards.
- Mekari Sign guarantees to protect the storage area with the User’s private key that is entrusted to Mekari Sign with a high level of security, which can only be accessed by Users using 2 Authentication Factors.
- Mekari Sign will notify the User in the event that there is a failure to protect the confidentiality of User’s Personal Data when using Mekari Sign Services in accordance with the provisions of the applicable laws and regulations.
- Mekari Sign guarantees that only the User can view the contents of the Electronic Documents that the User uploads through the Mekari Sign Account to other parties that the User gives permission to access the Electronic Documents.
-
Sharing of Personal Data
4.1. We respect the confidentiality of your Personal Data and we are committed not to sell, rent, display, or share your Personal Data without your consent, except in the following cases:
- it is necessary to disclose User Personal Data to third parties who cooperate with us in providing Mekari Sign Services (“Third Parties“);
- provide User Personal Data to vendors, consultants, marketing partners, research institutions, or similar service providers in the context of marketing activities carried out by third parties, improving and maintaining the quality of Mekari Sign Services, as well as other publication activities;
- share User Personal Data with its subsidiaries and affiliates to help provide services or perform data processing for and on behalf of Mekari; and/or
- disclose User Personal Data in an effort to comply with legal obligations and/or there is a valid request from law enforcement officials or an authorized state administrative agency.
4.2 We cannot guarantee the security of User Personal Data on any third-party systems including Third Party systems. We also have no control or responsibility for the privacy policies or content of third parties including third parties. Therefore, we recommend that you continue to study and check the privacy policies of each third party so that you can understand their terms for handling User Personal Data. You fully acknowledge that this consent was given without coercion, in good condition, and knowingly.
-
Deletion of Personal Data
Mekari Sign can delete User Personal Data that has terminated the Mekari Sign Service after it has been stored according to the retention period of 5 (five) years according to the provisions.
-
Consent to Use of Personal Data
- That the User hereby declares that he/she has explicitly given permission for an acceptance to Mekari Sign to process the Personal Data provided to carry out his/her obligations to provide Mekari Sign Services.
- In using the Mekari Sign Account and Mekari Sign Services, the User agrees to comply with the Laws and Regulations that apply in Indonesia.
C. Contacts and notifications
Every notification from Mekari Sign addressed to Users will be notified via the Site or via email registered to the Mekari Sign Account. Every notification addressed to the User is effective since the notification is sent by Mekari Sign.
Any notification from the User addressed to Mekari Sign will be sent via e-mail at esign@mekari.com or by letter addressed to PT Mekari Identitas Digital with the address at MidPlaza Building 2 Lt. 4. Jl. Gen. Sudirman Kav. 10-11 Central Jakarta 10220. Every notification addressed to Mekari Sign is effective since the notification is received by Mekari Sign.