Vendor Data Privacy and Security Policy
In this Data Privacy and Security Policy (the “Vendor Data Policy”), Deliveree Private Limited and its subsidiaries and affiliates are collectively or individually referred to as “Deliveree”.
Deliveree is committed to protecting the privacy and security of personal data collected through its suite of vendor applications which include mobile Android mobile applications, web applications, and other applications which are collectively or individually referred to as the “App”.
This Vendor Data Policy outlines how we collect, use, disclose, and store your personal data, as well as the measures we take to safeguard it in compliance with Indonesian law, particularly Law No. 24 of 2022 on the Creative Economy and Government Regulation No. 82 of 2022 on the Implementation of Electronic Systems and Transactions.
1. Personal Data We Collect – We may collect the following personal data from you:
- Device Information: Device model, operating system, IP address, location data (if enabled), App usage data, advertising identification.
- User Information: Name, email address, phone number, social media account identifiers (if you choose to connect accounts).
- Content Data: Photos, videos, text, contacts or other content you upload or share through the App.
- Logistical Data: Locations, movements, time stamps related movements and actions.
- Payment Information: Payment method details (if you make purchases within the App).
2. How We Use Your Personal Data – We use your personal data for the following purposes, adhering to the Principles of Personal Data Processing as outlined in Indonesian law:
- Providing and Improving the App: To personalize your experience, deliver features and functionalities, track app usage to improve functionality, and identify and fix bugs.
- Effective Scheduling: To tailor bookings opportunities that better suit your location, timing, and schedule.
- Communication: To send you important information about the App, updates, and occasional promotional offers, with prior consent and the option to unsubscribe.
- Customer Support: To respond to your inquiries and provide support as necessary.
- Analytics and Research: To improve our services and develop new features, but only in an anonymized or aggregated manner that does not identify individuals.
- Complying with Law and Regulations: To comply with applicable laws, regulations, and legal processes, including reporting personal data upon lawful request from authorized Indonesian authorities.
3. Data Sharing and Disclosure – We may share your personal data with:
- Third-party service providers: We may engage third-party service providers to assist us with providing the App, such as cloud storage providers, analytics providers, and customer support providers. These providers are only authorized to access and use your personal data as instructed by us, bound by confidentiality agreements, and operating within Indonesia or following data transfer regulations if necessary.
- Law enforcement and regulatory authorities: We may disclose your personal data if required by law or to comply with legal process, to protect our rights or property, or to prevent fraud or harm.
4. Data Security Measures – We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction in accordance with the Security Principles under Indonesian regulations:
- Data encryption: We encrypt your personal data at rest and in transit using industry-standard protocols.
- Access controls: Only authorized personnel have access to your personal data, with defined roles and permissions.
- Security reviews: We regularly review our security practices to identify and address potential vulnerabilities.
- Data breach notification: We will promptly notify relevant authorities and individuals in case of a suspected data breach, as required by Indonesian law.
5. Data Retention – We will retain your personal data for as long as it is necessary to fulfill the purposes for which it was collected, as required by law, or until you request its deletion. After that period, your data will be securely deleted or anonymized.
6. Your Data Protection Rights – You have the following rights regarding your personal data, as granted by Indonesian law:
- Right to access: You have the right to request and obtain a copy of your personal data collected and processed by us.
- Right to rectification: You have the right to request the correction of inaccurate or incomplete personal data.
- Right to erasure: You have the right to request the deletion of your personal data under certain circumstances, such as if it is no longer necessary for the purposes for which it was collected.
- Right to restrict processing: You have the right to request the restriction of the processing of your personal data under certain circumstances, such as if you contest its accuracy.
- Right to object: You have the right to object to the processing of your personal data for direct marketing purposes or on grounds relating to your particular situation.
- Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.