1. Introduction
Welcome to ASICS application operated by PT. ASICS Indonesia Trading ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and services. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.
🔒 Our Commitment to Your Privacy
We are committed to protecting your personal information and your right to privacy. We only collect information that is necessary to provide you with the best possible service experience.
2. Information We Collect
2.1 Personal Information
We may collect the following types of personal information:
- Account Information: Username, email address, full name, employee ID (NIK), and password (encrypted)
- Profile Information: User profile pictures, organizational unit codes, and group/role assignments
- Authentication Data: Login timestamps, session data, and multi-factor authentication codes
- Contact Information: Email addresses for system notifications and security alerts
2.2 Technical Information
We automatically collect certain technical information, including:
- Device Information: Browser type, operating system, device type (mobile/desktop)
- Usage Data: Login/logout times, online status, last activity timestamps
- IP Address: For security monitoring and fraud prevention
- User Agent: To optimize the application experience for your device
2.3 Communication Data
When we send you emails or notifications, we may collect:
- Email delivery status and read receipts
- Response to security notifications
- Support request communications
3. How We Use Your Information
We use the collected information for the following purposes:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account Management | Username, password, profile information | Contract performance |
| Authentication & Security | Login credentials, MFA codes, IP addresses | Legitimate interest (security) |
| System Notifications | Email address, name | Contract performance |
| User Experience Optimization | Device information, usage patterns | Legitimate interest |
| Compliance & Audit | Access logs, activity records | Legal obligation |
4. Information Sharing and Disclosure
4.1 Internal Sharing
Your information may be shared internally with:
- System Administrators: For user account management and technical support
- IT Security Team: For security monitoring and incident response
- Authorized Personnel: Based on role-based access controls within the organization
4.2 Third-Party Services
We use the following third-party services that may process your data:
- Brevo (Email Service): For sending authentication codes and system notifications
- Database Hosting: For secure storage of application data
- Cloud Infrastructure: For application hosting and data processing
4.3 Legal Requirements
We may disclose your information if required by law, regulation, or legal process, or to protect our rights, property, or safety, or that of others.
5. Data Security
🛡️ Security Measures
We implement industry-standard security measures to protect your personal information:
- Encryption: Passwords are encrypted using MD5 hashing (being upgraded to stronger algorithms)
- Multi-Factor Authentication: Optional MFA using time-based codes sent via email
- Access Controls: Role-based permissions and regular access reviews
- Session Management: Secure session handling with automatic timeouts
- Regular Security Audits: Ongoing monitoring and security assessments
- Data Backup: Regular backups with encryption at rest
6. Data Retention
We retain your personal information for as long as necessary to:
- Provide you with our services
- Comply with legal obligations
- Resolve disputes and enforce agreements
- Maintain security and prevent fraud
Specific retention periods:
- Account Data: Retained while account is active, plus 2 years after deactivation
- Login Logs: 1 year for security monitoring purposes
- Email Communications: 6 months unless required for legal compliance
- Support Records: 3 years for quality improvement and compliance
7. Your Rights and Choices
7.1 Access and Control
You have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information (subject to legal requirements)
- Portability: Request a copy of your data in a structured, machine-readable format
- Objection: Object to certain processing activities
7.2 Account Settings
You can manage certain aspects of your data through your account settings:
- Update your profile information
- Change your password
- Manage notification preferences
- View your login history
8. Cookies and Tracking Technologies
Our application uses the following tracking technologies:
- Session Cookies: Essential for maintaining your login session
- Security Cookies: For preventing unauthorized access and security monitoring
- Functional Cookies: To remember your preferences and settings
We do not use advertising cookies or track users for marketing purposes.
9. International Data Transfers
Your data is primarily processed and stored within Indonesia. If we need to transfer data internationally, we ensure appropriate safeguards are in place, including:
- Adequate data protection agreements
- Standard contractual clauses
- Compliance with applicable data protection laws
10. Children's Privacy
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by:
- Posting the updated policy on our application
- Sending an email notification to registered users
- Displaying a prominent notice in the application
Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.
12. Contact Information
📧 Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
PT. ASICS Indonesia Trading
Address: Jl. Jendral Sudirman, Karet Tengsin – Tanah Abang, Jakarta Pusat 10220, Indonesia
Email: customers-id@asics.com
WhatsApp: 0818-884-022
Customer Service Hours:
Monday to Sunday (excluding National Holidays)
09:00 - 23:00 WIB
Data Protection Officer:
Email: privacy@asics.com
Response Time: We will respond to your privacy-related inquiries within 30 days of receipt.
13. Compliance and Certifications
We are committed to maintaining compliance with applicable data protection laws and regulations, including:
- Indonesian Personal Data Protection Law (UU PDP)
- Industry best practices for data security
- International standards for information security management
⚖️ Legal Compliance
This Privacy Policy is designed to comply with Indonesian data protection laws and international best practices. We regularly review our policies to ensure ongoing compliance with evolving regulations.