Privacy Policy

PT Skorcard Teknologi Indonesia (hereinafter “Skorcard”, the “Company”, “We” or “Us” or “Our”) is a company providing easy and secure access for Our user (“User”, “You”, “Your”) to obtain credit card facilities, manage credit card transactions, and administer credit card through Skorcard Platform (“Services”).

The existence of this Privacy Policy is Our real commitment to provide security for each collection, processing, and disclosure, as well as guarantee and take full supervision over any processing of Your personal data in connection with the provision of Services.

This Privacy Policy aims to provide information on Your rights when You access and/or login to Skorcard Platform under the applicable laws and regulations, including Law Number 27 of 2022 on Personal Data Protection (“PDP Law”). Furthermore, this Privacy Policy is made to govern the usage of Your data in relation to the provision of Services that We mentioned in Terms of Use.

Unless stipulated otherwise, all capitalized terms that are not defined in this Privacy Policy have the same meanings as set out in the Terms of Use.

YOUR PERSONAL DATA CONTROLLER

We, Skorcard, a company domiciled in South Jakarta, is Your personal data controller who is responsible for fully processing Your personal data collected through the Skorcard Platform.

PERSONAL DATA COLLECTION

What We collect?

Personal data that We collect from You (“Disclosing Party”) may include the following:

I. PERSONAL DATA THAT YOU PROVIDED TO US

To make the Skorcard Platform able to provide Service to the User, during the registration and and in the course of your interaction with the Skorcard Platform, we will collect and process Your personal data as follows:

• Basic User Data: This may include but not limited to name, place and date of birth, domicile address, gender, marital status, employment (including but not limited to company name, company address, and company phone number), ID Number (NIK), Taxpayer Identification Number (NPWP), birth mother's maiden name, spouse name, biometrics, as well as a photo of your KTP and citizenship.
• User Contact: This may include but not limited to address, telephone/mobile number, and email address.
• Contact List: Skorcard collects your contact list including name and mobile number to enable you to provide us with your emergency contact details to reach you in case of emergency. This permission is not mandatory and you may decline providing it and fill in your emergency contact details manually.
• Financial Information: This may include but not limited to income, financial goals, card information, credit history and other financial details which include in the credit information.
• Transaction Information: This includes purchases or orders you make, your interests, preferences, feedback and survey responses, regarding use, types of services sought, details regarding pickup and/or delivery, and types of services received at that time.
• Payment Information: Includes details of payments or transfers made by Users on the Skorcard Platform, such as data provided with usage, payments, recipient details (including their account details), payment methods used, payment amounts paid, billing details, and invoice details.
• Third-Party Information: We may also collect your personal data from third parties (including agents, vendors, partners, partners, government institutions and other parties who provide services to us, collect personal data and/or perform tasks on our behalf, or with parties who collaborate with us) which helps us in providing Skorcard Platform products and Services.
• Access to Camera: This access is used for the User identification and verification process.
• Access to Microphone: This access is used to verify User in Our system.

In an effort to improve the Services, You may from time to time, update data and submit other relevant information (other than as stated above) to Us. We will not share Your information provided with any third parties except in accordance with the terms of this Privacy Policy.

II. DATA THAT WE COLLECT AUTOMATICALLY WHEN YOU USE OUR SERVICES

When You access Skorcard Platform or use Our services, We may automatically collect the following information about You:

• internet protocol (IP) address of Your device, log information, error messages, computer or mobile device operating system, browser type, mobile protocol type, mobile device characteristics, device ID/brand, unique device identification, and/or mobile equipment identifier;
• Your usage of Skorcard Platform such as pages You viewed, features You use, Your location information; and/or
• cookies, pixel tags and similar technologies that create and maintain unique identifiers.

DATA ABOUT MINOR USER

Our Services are not intended for User under 21 years old. We will not collect, use, provide or process, in any way for any purpose, any personal data from User under 21 years old.

USE OF PERSONAL DATA FOR PERSONS WITH DISABILITIES

In particular, We will process the personal data of User with disabilities through communication in a certain way according to the needs of people with disabilities as regulated in Law Number 8 of 2016 concerning Persons with Disabilities.

In processing data, persons with disabilities can act for themselves or be represented by their guardians.

If You have a disability and need help to use Your rights as a Data Subject, please do not hesitate to contact Us at wecare@skorcard.app. The process will take up to 30 (thirty) business days from the date of Your submission.

HOW DO WE COLLECT YOUR DATA?

Your personal data will be collected and stored, directly or indirectly, when:

• You enter Skorcard Platform;
• You disclose to Us;
• any authorized persons related to You or Your power of attorney (including but not limited to Your spouse or family member) discloses to Us; and
• relevant third parties disclose to Us (including but not limited to partners who collaborate with Us in relation to service providers and government agencies that have authority based on applicable laws and regulations).

Regarding letter (c) above, when You do not convey information about You directly, the party who represents or is Your proxy is obliged to first obtain Your consent and notify You about the disclosure of Your personal data, in accordance with this Privacy Policy.

WHY WE COLLECT YOUR PERSONAL DATA AND HOW WE USE AND SECURE IT?

We will use and process the personal data that You provided to Us and which We obtain periodically for the following purposes:

• to provide Services,s including the implementation Our obligations to You or under the applicable laws and regulations;
• to process your application for Our Services, including to check your credit information/Score, prevent/investigate/report fraud or illegal activities, develop risk model, identify and verify before We provide Services to You as a User, in this case including carrying out the Know Your Customer (KYC) process through Dukcapil;
• to develop and manage your credit history, provide information to our Bank partners, so they may carry out their operations, and assist other financial institutions in conducting credit checks;
• to enhance Our existing Services and develop new Services;
• to communicate with You about Our existing or up-coming Services, including but not limited to, terms and conditions, promotion, activities, and advertisement;
• for administration, maintenance, business operation, and compliance of Skorcard Platform, risk management, tets, and audit; and
• to be a reference that We can trust, for the purpose of fulfilling the obligations to which We must comply, as required by applicable laws and regulations including those related to personal data protection.

We will collect and use Your personal data in accordance with Our Terms of Use.

For Your security, We take appropriate security measures to protect against unauthorized access. These include internal reviews of Our data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorized access to systems where We store personal data. All information gathered on Skorcard Platform, is securely stored within a controlled database. Access to the servers is restricted, password-protected, including appropriate encryption, and is strictly limited.

In the event that We may appoint other party as a personal data processor to process Your personal data and in the event that the appointed personal data processor acts outside the orders and purposes set by Us, then all consequences arising from the processing of the personal data will be the responsibility of the appointed personal data processor in full in accordance with the laws and regulations in relation to Personal Data Protection.

HOW LONG DO WE RETAIN YOUR DATA?

You hereby agree that so long as You are a registered User in Skorcard Platform, We may retain Your data, and continuously in accordance with this Privacy Policy. We will retain Your personal data as long as it is necessary for the purposes of collection and use of Services, unless required or permitted by applicable laws and regulations. Your personal data will be retained for 5 (five) years minimum since You no longer become a User starting from absence of activity found on your account for a period of 2 (two) years.

Whereas for financial information related to You, such as the amount of payment of premiums, claims and other ancillary payments, as per the applicable laws and regulations on Corporate Documents, will be retained for at least 10 (ten) years since You are no longer become a User in Skorcard Platform.

We will delete Your personal data in the event that You decide to use Your rights as a Data Subject (as intended in laws and regulations related to personal data protection) in accordance with this Privacy Policy. The deletion of Your personal data will take up to 30 (thirty) business days from the date of Your submission.

DISCLOSURE OF USER PERSONAL DATA

In order to perform Our obligations towards You or towards applicable laws and regulations, Your personal data may be disclosed, or disseminated to limited third parties for only the relevant purposes mentioned in this Privacy Policy. These third parties may include but are not limited to Our affiliation (holding company or subsidiary) and partners who collaborate with Us are related to service providers and government agencies that have authority based on applicable laws and regulations.

Subject to Your explicit consent, We may use information created by your use of Services, not including information collected from other sources such as e-mails etc. for marketing purposes. This consent is purely voluntary and you may at any time choose not to receive marketing materials from us by following the unsubscribe instructions included in each e-mail you may receive. Further, if you want to remove your contact information from all our lists and newsletters, please click on the unsubscribe button on the emailers or send an email request to wecare@skorcard.app.

Moreover, in order to improve Your experience in using Skorcard Platform, and traffic optimization during access by User, We will also track Your behavior using analytical tools. These analytical tools will be provided by third-party provider that We have engaged, and We hereby reserve the right to add, stop or change existing providers to other third-party analytical tools providers. The information that We have gathered for this purpose will be anonymized and shall not be identifiable to You.

For the interest of our business activities and subject to applicable laws and regulations, You agree that Your data, anonymously and , may not be identifiable to You, can be disclosed on and/or disseminated to affiliation or Our group company and third parties such as external company auditors, consultant, survey service providers /data analysis, and investors in accordance with this Privacy Policy.

Apart from the purposes mentioned above, based on Your consent, We may disclose and/or distribute Your personal data for the following reasons:

• this is required of the provision of applicable laws and regulations;
• it is necessary for preventing emergencies or protecting others from danger; and
• for the public interest.

In case We disclose and/or disseminate Your personal data to any third parties, We shall notify the said third parties of its confidential nature and their obligations to restrict the use of such personal data to any person involved for the permitted purposes as necessary only, and to handle the personal data appropriately in accordance with this Privacy Policy and subject to statutory provisions regarding personal data protection.

We may disclose Your personal data concerning the merger, separation, acquisition, consolidation, or dissolution (“Corporate Action”) that We carry out to other parties involved in the Corporate Action. For the avoidance of doubt, if a change occurs in Our business, then any personal data of existing User that have been received, processed, and stored by Us and future User data will then be transferred to the new owner which may use Your personal data in the same way as set out in this Privacy Policy.

In the event of a Corporate Action, We will notify You before and after the Corporate Action is carried out through the Skorcard Platform and/or by sending an e-mail to You.

PROHIBITION OF DISCLOSURE OF USER PERSONAL DATA ABROAD

We will not transfer, copy and/or make Your personal data and/or credit information accessible to or by parties outside the Republic of Indonesia in accordance with the prevailing laws and regulations.

YOUR RIGHTS AS A DATA SUBJECT

Subject to provisions of applicable laws and regulations regarding the protection of personal data, by using Services, re, the protection of Your personal data will cover the following process:

• Rights to Access is the User’s Right to gain access to and obtain a copy of personal data about them.
• Rights of Rectification is the User’s right to complete, update, and/or correct errors and/or inaccuracies of their personal data.
• Rights to Erasure is the User’s right to end processing, delete, and/or destroy their personal data.
• Rights to Withdrawal of Consent is the User’s right to withdraw the consent, including Gmail access through Gmail API, to the processing of personal data about themself that has been given to Us.
• Rights of Restriction is the User’s right to delay or restrict the processing of personal data proportionally in accordance with the purposes for processing personal data mentioned in this Privacy Policy.
• Rights to Data Portability is the User’s right to obtain and/or use personal data about them from Us in a form that is in accordance with the structure and/or format commonly used or readable by electronic system.
• Rights to Complaint is the User’s right to file a complaint with the Institution regarding the processing of personal data which causes the failure of the protection of Your personal data by Us.
• Rights to Object is the User’s right to object to decision-making actions based solely on automated processing that have legal consequences or have a significant impact on You.

If You would like to use Your rights as Data Subject, please contact Us at wecare@skorcard.app. For rights in letters (a), (b), (d) and (e), We will process them no later than 3x24 hours from the time the application is received. Apart from that, these other processes will take up to 30 (thirty) business days from the date of Your submission.

REFUSAL TO GIVE ACCESS TO YOUR PERSONAL DATA

We may refuse to grant access to changes to Your personal data, in terms of:

• national defence and security interests;
• the interests of law enforcement process;
• public interests in the framework of state administration;
• the interests of supervising the financial services sector, monetary, payment systems and financial system stability carried out in the context of state administration; or
• the importance of statistics and scientific research.

COOKIES INFORMATION

What are Cookies?

Cookies are small pieces of data sent from a website to be stored in Your personal devices. They allow Skorcard Platform to recognize Your devices and collect information to adjust the content to be in accordance with Your preference. We use cookies through third-party service providers to improve Your experience.

What Cookies do We Use?

1. User may determine options to do modifications through settings in Skorcard User’s Platform, by opting to refuse cookies (this option may hinder the optimal provision of Our’s Services when the User is accessing Skorcard Platform).
2. We use Google Analytics Demographics and Interest feature. Data that will be collected by Us from that feature are as follows: age, sex, User’s interest, and other information that may identify the User, will be used by Us for feature development, facilities, and/or contents within Skorcard Platform.
3. We may use features provided by third parties for the purpose of enhancing the Services and content of Us, including among others assessment, adjustment, and provision of advertisement to every User based on interest and visit history.

EXTERNAL LINK

Skorcard Platform may contain links to other websites which We cannot ensure Your privacy and security. The inclusion of such links does not guarantee that other websites will provide You with the same standard of personal data protection as per this Privacy Policy. As such, You are fully responsible on Your decision to access such websites.

NOTIFICATION OF FAILURE TO PROTECT YOUR PERSONAL DATA

If there is a failure to protect Your personal data, We will provide written notification through Your Account and/or registered email address in Skorcard Platform no later than 3x24 (three times twenty four) hours since the failure to protect the personal data occurs.

CHANGES TO THE PRIVACY POLICY

We may make changes or updates to this Privacy Policy at any time to comply with any applicable law. Hence, We encourage You to check the “Updated Date” of Our Privacy Policy.

CONTACT US ABOUT PRIVACY POLICY 

If You have any query, comments, or recommendations about the Privacy Policy or if You would like to use Your rights, please submit Your query, comments, or recommendations at wecare@skorcard.app. The process will take up to 30 (thirty) business days from the date of Your request submission.

LANGUAGE

This Privacy Policy is made in Indonesian and English. In the event of any inconsistency or different interpretation between the Indonesian and English version, You agree that the Indonesian version will prevail to the extent of such inconsistency or conflict, and the relevant English version is deemed to be automatically amended to be consistent with the relevant part of the Indonesian version.

GOVERNING LAW AND DISPUTE RESOLUTION 

This Privacy Policy and the performance thereof is governed by and construed in accordance with the laws of Indonesia.

The parties agree that in the event of any dispute, conflict or controversy, dispute resolution method stipulated in the Clause “Dispute Resolution” in the Terms of Use shall apply.