This Privacy Policy (“Policy”) explains how PT Lentera Inspirasi Teknologi (“LIT,” “we,” “us,” or “our”) collects, uses, processes, and shares personal data (“Personal Data”) of individuals who use our services (“Users” or “you”). This Policy is designed to comply with Indonesian data protection regulations, including Law No. 27 of 2022 on Personal Data Protection (“PDP Law”) and other relevant regulations.

This Privacy Policy (“Policy”) is an integral part of LIT’s Terms and Conditions, and serves as the basis for our activities in obtaining, collecting, processing, storing, displaying, distributing, and deleting Personal Data. Any capitalized terms and definitions in the LIT Terms and Conditions shall have the same meaning and interpretation in this Policy, unless otherwise stated herein.

Subject to this Policy, you are also bound by LIT’s Terms and Conditions, of which this Policy forms an inseparable part. The invalidity of the Terms and Conditions shall not render this Policy illegal, invalid, or unenforceable.

By accessing and/or using the Services, you acknowledge that you have read, understood, and consented to LIT’s collection, storage, processing, and use of your Personal Data as described in this Policy, and agree to all provisions set forth herein.

By using our Services, you agree to the practices described in this Policy. Nonetheless, your Personal Data is important to us, and you may opt out of the collection of Personal Data at any time.

1. Collection of Personal Data 

1.1. We collect the following types of Personal Data to provide and improve our Services:

a. User Registration Information: information you provide during registration, including full name, contact details, identification details, and other related information.
b. Financial Information: payment-related information (e.g., credit card details) used to process transactions.
c. Transaction Data: details related to your transactions with User Partners, including transaction date, partner identification details, amount, and related goods/services provided.
d. Child Data: our Services may collect your child’s full name, place, and date of birth for transaction verification purposes.
e. Verification Documents: documents required for KYC processes, such as identification proof, proof of income, transaction records, and other related information.
f. Contact Information: email address, phone number, and other contact details for communication purposes.
g. Device and Usage Information: data automatically collected when you use our Services, such as IP address, device information, and browsing history.
h. Usage Data: information on how you interact with our Services, including access time, IP address, device information, and app usage data.

1.2. Sensitive Personal Data: For certain services, we may collect sensitive personal data, including national identification numbers and financial information, as required by applicable laws.

1.3. Personal Data may be collected directly by us and/or through Third-Party Platform Providers who have signed a data processing agreement with us.

2. Use of Personal Data 

LIT uses Users’ Personal Data, including contact information, preferences, and engagement history, for the following purposes

2.1. Service Provision: to verify and process your registration, enable transactions, and provide access to the Services (including payment forwarding and related functions).
2.2. KYC and Compliance: to comply with legal and regulatory requirements, including KYC verification mandated under Indonesian law, anti-money laundering, counter-terrorism financing, and fraud prevention.
2.3. Payment Verification: to securely process transactions via credit cards, including verifying payments with issuing banks, payment gateways, and/or third-party platform accounts.
2.4. Communication: to contact you through our media platforms regarding your account, transaction updates, or customer service inquiries.
2.5. Security and Fraud Prevention: to protect against unauthorized access, maintain system integrity, and prevent fraud or misuse of our Services.
2.6. Service Improvement: to analyze usage trends, improve our service offerings, troubleshoot issues, conduct internal analysis and research, and enhance user experience.
2.7. Marketing, Promotion, and Campaigns: to send marketing communications, promotional materials, and information about campaigns that we believe may interest you. You have the right to opt out of such communications by contacting us directly. Opting out will not affect your access to essential service-related communications or legal obligations.      

3. Data Sharing and Disclosure

LIT respects the confidentiality of Users’ Personal Data and will not share it except as required or permitted by applicable law. LIT may share Personal Data under the following circumstances:

3.1. With Consent: LIT may share information with third parties assisting in transaction processing, customer support, or system maintenance—subject to confidentiality agreements and with User consent.
3.2. Service Providers: LIT may share information with third-party service providers assisting in delivering Services (e.g., payment processing, platform operation). These parties are contractually bound to use Personal Data solely for providing services to LIT in accordance with this Policy.
3.3. Legal Requirements: LIT may disclose information when required by law, court order, regulatory authority, or competent government agency.
3.4. Business Transfers: In case of a merger, acquisition, or other business transfer, your information may be transferred to the new entity, subject to continued protection under this Policy.

4. Data Retention

Your Personal Data will be retained for as long as necessary to fulfill the purpose of its collection or as required by applicable law. After the retention period, LIT will securely delete or anonymize the data in accordance with Indonesian data protection laws

5. Keamanan Data

LIT implements strict security measures to protect Personal Data and ensure confidentiality, integrity, and security. Administrative, technical, and physical safeguards are applied to prevent unauthorized access, loss, or alteration of Personal Data, in line with Indonesian regulations.

Security measures include, but are not limited to:

5.1. Encryption: Personal Data is encrypted during transmission and storage to prevent unauthorized access.
5.2. Access Control: Access to Personal Data is restricted to authorized personnel bound by strict confidentiality obligations and only for legitimate operational purposes.
5.3. Regular Security Audits: LIT conducts regular security audits to prevent unauthorized access, modification, or misuse of user information.

However, LIT acknowledges that no security system is impenetrable. Users are encouraged to safeguard their account credentials and notify us immediately of any unauthorized acces

6. User Rights

Under the PDP Law, you have the following rights regarding your Personal Data:

6.1. Access: You may request access to your Personal Data and obtain a copy of the information held and/or stored by LIT. If disclosure is requested by relevant authorities, you must provide LIT with a copy of the request or order.
6.2. Correction: You may request corrections to inaccurate or incomplete data shared with LIT.
6.3. Deletion: You may request deletion of your Personal Data, subject to certain legal and regulatory requirements.
6.4. Restriction of Processing: You may request limited processing of your Personal Data under specific circumstances.
6.5. Objection to Processing: You may object to the processing of your Personal Data for certain purposes. Exercising this right may be treated as a request to terminate your use of the Services.
6.6. Data Portability: You may request a copy of your Personal Data in a structured, machine-readable format.
6.7. Withdrawal of Consent: Where processing is based on your consent, you have the right to withdraw it at any time.

To exercise any of these rights, please contact us using the details in Section 10 and complete the Personal Data Request Form available from our Data Protection Officer.

7. Third-Party Links 

Our platforms may contain links to third-party platforms, websites, and/or applications. LIT is not responsible for the privacy practices or content of such external sites. Users are advised to review the terms and privacy policies of any third-party sites they visit.

8. International Data Transfer

LIT operates in Indonesia and complies with the PDP Law and its implementing regulations. If data transfer to third parties outside Indonesia is required, LIT will ensure that adequate safeguards are in place to protect Users’ Personal Data in accordance with this Policy and applicable Indonesian law.

9. Changes to this policy

LIT reserves the right to amend or update this Policy at any time to reflect changes in legal requirements, business practices, or service offerings. Significant updates will be communicated to Users through appropriate channels. Continued use of our Services after any updates constitutes acceptance of the revised Policy.

10. Contact Us

If you have questions, concerns, or requests regarding your Personal Data, this Policy, or its implementation—including questions about your rights as described in Section 6—please contact us:

PT Lentera Inspirasi Teknologi (LIT)
Data Protection Officer: privacy@gosplit.id

LIT will verify your identity before responding to any inquiries, concerns, or requests to protect your Personal Data.

Consent

By using LIT’s Services, you acknowledge that you have read, understood, and agreed to all provisions in this Policy.

Effective Date: November 14, 2024