Effective Date: May 7, 2025
PT Digital Solusi Grup (“DSG,” “we,” or “us”) is committed to complying with the General Data Protection Regulation (GDPR) for all services involving the personal data of individuals in the European Union (EU). Protecting privacy rights and ensuring data security are fundamental to our operations.
1. What is GDPR?
The General Data Protection Regulation (GDPR) is an EU privacy law effective from May 25, 2018. It replaces the Data Protection Directive 95/46/EC and establishes a unified data protection framework across the EU.
Key principles of GDPR require businesses to:
- Process personal data lawfully, fairly, and transparently.
- Allow individuals to access, correct, or delete their data.
- Implement robust security measures to protect data.
2. Who Does GDPR Apply To?
The GDPR applies to:
- All organizations based in the EU that process personal data.
- Organizations outside the EU that process personal data of EU individuals (e.g., through services, websites, or monitoring behavior).
Personal data under GDPR includes:
- Direct identifiers (name, email, address).
- Indirect identifiers (IP address, cookies, location data).
3. What Personal Data Do We Collect?
For details on the data we collect and how it’s used, refer to:
- Our Privacy Policy
- Our Cookie Policy
4. GDPR Compliance Measures
To adhere to GDPR, DSG implements:
a. Lawful Basis for Processing
We process data only when:
- You provide consent (e.g., for cookies or newsletters).
- It’s necessary for contract fulfillment (e.g., service agreements).
- Required to comply with legal obligations.
b. Data Subject Rights
EU individuals have the right to:
- Access their personal data.
- Rectify inaccurate or incomplete data.
- Erase (“right to be forgotten”) their data.
- Restrict or object to processing.
- Data portability (request a copy in a machine-readable format).
To exercise these rights, contact us at [email protected].
c. Data Security
We protect personal data through:
- Encryption (SSL/TLS for data transfers).
- Access controls (limited to authorized personnel).
- Regular security audits.
d. Third-Party Data Processors
We ensure vendors (e.g., cloud providers, analytics tools) comply with GDPR through Data Processing Agreements (DPAs).
e. Data Breach Notification
In case of a breach affecting EU individuals, we will:
- Notify affected parties within 72 hours (where required).
- Report to relevant EU supervisory authorities.
5. International Data Transfers
If data is transferred outside the EU, we use:
- Adequacy decisions (e.g., to countries with EU-approved privacy laws).
- Standard Contractual Clauses (SCCs) with third parties.
6. Contact Us
For GDPR-related inquiries or to exercise your rights, contact:
PT Digital Solusi Grup
Ruko WOW Blok N/Y 1, Jl. Raya Sawojajar No.12,
Sawojajar, Kedungkandang, Malang City,
East Java 65139, Indonesia
Email: [email protected]
Phone: (0341) 3024534