Privacy Policy Relating to GDPR

As part of our agreement with our clients, our clients may provide us with personal data that in accordance with the applicable law, we are required to protect.PT ASA indonesia is committed to comply with GDPR requirements, including those requirements as outlined below:.

  1. PT ASA indonesia will only process personal data on Client’s written instructions or in accordance with applicable laws;
  2. PT ASA indonesia will not retain personal data for longer than is necessary;
  3. PT ASA indonesia will not transfer personal data to any body in any jurisdictions, without Client’s prior written consent;
  4. PT ASA indonesia will impose a duty of confidentiality on its staff with access to personal data;
  5. PT ASA indonesia will require that any sub-processor must comply, under a written agreement, with the same standards as PT ASA indonesia to meet the requirements of the GDPR, and PT ASA indonesia will remain fully liable for the sub-processor’s performance;
  6. PT ASA indonesia will, to the extent possible, assist and cooperate with Client in responding to requests made by data subjects exercising their rights under the GDPR, including rights of access, rectification, correction, erasure and portability;
  7. PT ASA indonesia will implement technical and organizational security measures, including encryption of personal information, implementing business continuity and disaster recovery plans, and regularly testing and evaluating security measures;
  8. PT ASA indonesia will assist Client with carrying out privacy and data protection impact assessments and related consultations with supervisory authorities;
  9. PT ASA indonesia will securely delete (or return at Client’s request) all personal data upon expiration or termination of an individual Agreement;
  10. PT ASA indonesia will provide information to Client and supervisory authorities reasonably required to demonstrate compliance with the GDPR and assist with audits of PT ASA indonesia’s data processing activities to verify compliance with the GDPR;
  11. When responding to audits or other information requests, PT ASA indonesia will notify Client immediately in writing if, in PT ASA indonesia´s opinion, Client´s instructions breach the GDPR;
  12. PT ASA indonesia will promptly notify Client in writing whenever PT ASA indonesia knows or reasonably suspects a security breach has occurred, and investigate and remediate the breach, including cooperating with Client’s investigation and remediation efforts;