Privacy Policy

INFORMATION SECURITY MANAGEMENT SYSTEM POLICY

PT Inovasi Informatika Indonesia is an information technology service and solution provider that strives to prioritize customer satisfaction by maintaining the quality of services tailored to customer needs and expectations, as well as complying with applicable laws and regulations. This is achieved through the implementation of an integrated management system (quality and information security) based on  ISO/IEC 27001 standards, is committed to:

  • Protecting the confidentiality, integrity, and availability of all information assets—both electronic and physical—across its operations to safeguard competitiveness, profitability, legal and regulatory compliance, contractual obligations, and the company’s business reputation.
  • Identifying, assessing, evaluating, and controlling information security risks through the implementation and maintenance of an Information Security Management System (ISMS) that complies with the international standard ISO/IEC 27001:2022.
  • Complying with all applicable laws and regulations, both from central and regional governments, related to information security.
  • Reviewing and continuously improving the effectiveness of the Information Security Management System on a regular basis to ensure its relevance and adequacy.

This information security policy shall be reviewed at least once a year, or whenever there are significant changes in the business, to ensure its ongoing suitability and effectiveness.

PRIVACY POLICY

This policy aims to explain how PT Inovasi Informatika Indonesia collects, uses, stores, and protects personal data and sensitive information in accordance with ISO/IEC 27001:2022 and applicable laws and regulations, including Law No. 27 of 2022 on Personal Data Protection (PDP Law).

This policy applies to all employees, contractors, business partners, and third parties who access, manage, or process personal data within the operational scope of PT Inovasi Informatika Indonesia.

  • Personal Data: Any information related to an identified or identifiable individual.
  • Data Subject: The individual to whom the personal data relates.
  • Data Processing: Any operation on data, including collection, storage, modification, utilization, and deletion.
  • ISMS (Information Security Management System): A framework for managing information security, based on ISO/IEC 27001:2022.

PT Inovasi Informatika Indonesia processes personal data in accordance with the following principles:

  • Lawfulness and Transparency: Data processing is lawful, fair, and transparent to the data subject.
  • Purpose Limitation: Data is collected only for legitimate and specific purposes.
  • Data Minimization: Only relevant and necessary data is collected.
  • Accuracy and Currency: Data is kept accurate and up to date.
  • Storage Limitation: Data is not retained longer than necessary.
  • Integrity and Confidentiality: Data is processed with adequate security measures.
  • Accountability: The company is responsible for demonstrating compliance with the above principles.

Data subjects have the right to:

  • Access their personal data.
  • Request correction of inaccurate data.
  • Withdraw consent for data processing.
  • Request deletion of data (under certain conditions).
  • Submit complaints regarding privacy violations.

PT Inovasi Informatika Indonesia is committed to:

  • Protecting personal data from unauthorized access, disclosure, alteration, or destruction.
  • Implementing technical and organizational controls in line with ISO 27001 standards.
  • Providing information security awareness training to all personnel.
  • Conducting regular audits and evaluations of data security controls.
  • Reporting information security incidents in a timely manner to relevant parties.

Personal data is classified as sensitive information and is subject to need-to-know access control. Access to data is restricted to authorized personnel only.

Any transfer of personal data to third parties or overseas must:

  • Be based on a legitimate legal basis.
  • Be protected through a valid data protection agreement.

Be authorized by the company’s Data Protection Officer (DPO) if required.

Any information security incident involving personal data must be reported immediately to the Information Security Team and handled in accordance with the Incident Management Procedure.

Any violation of this policy may result in disciplinary action, including termination of employment or legal action in accordance with applicable regulations.

This policy may be updated periodically to reflect regulatory changes or organizational needs. The latest version will always be available through the company’s official internal communication channels.

For further questions about this privacy policy or to submit requests related to personal data, please contact:

Data Protection Officer

PT Inovasi Informatika
Phone : (+62) 21 290 23393
Fax : (+62) 21 525 8065
Email: info@i-3.co.id

PT. Inovasi Informatika Indonesia (i3)

Starting the business as a training provider company, now we also provide Comprehensive Consulting Solution, Implementation, Migration, Managed Services, Preventive and Corrective Maintenance. By now, we also provide training that cover Infrastructure, Middleware, Cloud, Data Management, DevOps

i3 has been consistently growing with the average revenue grow 138% per year. i3 is supported by a team of 50+ skilled and well-experienced consultants with 231 certifications to assist your business needs.

Graha BIP 6th Floor
Jl Jend. Gatot Subroto Kav. 23,
Jakarta 12930, Indonesia

Phone : (+62) 21 290 23393
Fax : (+62) 21 525 8065
Email: info@i-3.co.id

Connect With Us

Instagram Youtube Facebook Linkedin
Scroll to Top