Privacy Policy

Protecting your privacy is our top priority at [Nama Perusahaan/Platform], ensuring that your data is collected, processed, and stored transparently and securely in compliance with Indonesian and international data protection regulations

Privacy Policy


Protecting your privacy is our top priority at Katuju Sahakara (“Company,” “we,” “our,” or “us”). This Privacy Policy explains how we collect, use, process, store, and protect your personal data in compliance with the laws of Indonesia, including Law No. 27 of 2022 on Personal Data Protection (UU PDP), as well as applicable international standards such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

By using our website, applications, products, or services (collectively, “Services”), you agree to the practices described in this Privacy Policy.


1. Information We Collect


We may collect the following types of data when you access or use our Services:

  • Personal Data: name, email, phone number, address, billing details, and identity documentation (if required).

  • Technical Data: IP address, browser type, operating system, device identifiers, cookies, and log data.

  • Transaction Data: purchase history, service usage records, payment confirmations, and invoices.

  • Communications Data: feedback, inquiries, or correspondence you send to us.

  • Preference Data: your chosen settings, saved preferences, and usage behavior.


2. How We Use Your Information


We use the information collected for the following purposes:

  • To deliver, operate, and improve our Services.

  • To process payments and manage billing securely.

  • To communicate with you, including updates, support, and promotional offers (with consent).

  • To personalize your user experience and enhance service performance.

  • To comply with legal, tax, and regulatory requirements.

  • To detect, prevent, and investigate fraud, unauthorized access, or security breaches.


3. Legal Basis for Processing


We process personal data under the following lawful bases (as defined by GDPR and PDP Law):

  • Consent: when you agree to receive communications or marketing.

  • Contractual Necessity: when data processing is required to fulfill a service agreement.

  • Legal Obligation: when required to comply with applicable laws or regulations.

  • Legitimate Interest: for purposes such as business improvement, fraud prevention, and service security.


4. Data Sharing & Disclosure


We do not sell or rent your personal data. We may share data only in the following circumstances:

  • With service providers or vendors that support our operations (e.g., payment processors, hosting providers, analytics tools).

  • With regulatory or law enforcement authorities if required by law or legal proceedings.

  • In the context of a merger, acquisition, or restructuring, provided appropriate safeguards are in place.


5. Cookies & Tracking Technologies


We use cookies and similar technologies to improve your experience. Types of cookies include:

  • Strictly Necessary Cookies: essential for core website functionality.

  • Performance & Analytics Cookies: to understand user activity and improve services.

  • Functional Cookies: to remember your preferences and settings.

  • Marketing Cookies: to deliver relevant ads and promotions (only with consent).

You may adjust your browser settings to refuse cookies, but some features of our Services may not function properly.


6. Data Retention


  • We retain personal data only as long as necessary to provide Services or comply with legal obligations.

  • Once data is no longer required, it will be securely deleted or anonymized.


7. Your Rights


In accordance with UU PDP, GDPR, and other applicable laws, you have the right to:

  • Request access to your personal data.

  • Request correction, updates, or deletion (“right to be forgotten”).

  • Object to or restrict specific processing activities.

  • Request data portability to another provider.

  • Withdraw your consent at any time without affecting prior lawful processing.

Requests can be submitted via the contact information in Section 12.


8. Data Security


We apply strict technical and organizational safeguards, including:

  • Encryption of sensitive data.

  • Restricted role-based access controls.

  • Regular monitoring and security audits.

  • Secure hosting on servers compliant with international security standards.

However, no system is entirely risk-free. While we take every precaution, we cannot guarantee 100% security.


9. International Data Transfers


If your personal data is transferred outside of Indonesia, we will ensure adequate protection measures are in place, such as:

  • Standard Contractual Clauses (SCCs) with third parties.

  • Compliance with GDPR, CCPA, and other applicable regulations.


10. Children’s Privacy


Our Services are not directed to children under 13 years of age (or 16 years in jurisdictions with stricter requirements). We do not knowingly collect personal data from minors. If we become aware of such data, it will be deleted promptly.


11. Updates to this Privacy Policy


We may revise this Privacy Policy from time to time. Updated versions will be posted on our website, with the “Last Updated” date clearly stated. Significant changes may also be communicated via email or platform notifications.


12. Contact Us


If you have questions, requests, or complaints regarding this Privacy Policy, please contact us at:

CV. Katuju Sahakara
Jalan Portiara Babakan No.40, RT.001, RW.005
Curug Village, Cimanggis District, Depok City, Indonesia
📞 +62 8196-846-07
✉️ marketing@katujusakahara.com