PT. Indah Kiat Pulp & Paper Tbk. as part of the APP group respects the privacy of all visitors who visit this Website.
Data Controller of the personal data collected and processed through this Website is Asia Pulp & Paper Group (APP), whose registered office is at Sinar Mas Land Plaza, Tower II, 5th floor JI. M.H. Thamrin No. 51 Jakarta 10350, Indonesia.
2. Collection of Information
APP gathers information on visitors in the following areas: the date and time of access to this Website, the referring Internet address, and other aggregate or generic information on the Website statistics, e.g. what pages customers access or visit, etc.
APP also collects and stores any information that our visitors voluntarily submit via the input forms or email addresses within this Website, such as an information-request, survey, and/or site registrations.
In particular, the main ways we collect information from this Website are the following:
Information may also be received from other sources. For example:
3. Use of Information / personal data
APP uses the information / personal data for the following purposes and on the basis of the following legal grounds.
Managing visitors’ requests
We will process data in managing visitors’ requests made on or via our websites (e.g. through the contact or blog form or into any other website data form or data field). We will also process data in providing and maintaining personalised website experiences.
Applicable Legal grounds: Legitimate Interests in running effective website services.
Enhancing website experience
We pre-fill website data fields to enhance and streamline visitors’ online experience.
Applicable Legal grounds: Legitimate Interests in enhancing, simplifying and streamlining website experiences.
Internal research and development
For internal research, development, analytics, analysis and reporting purposes, e.g. to predict trends or performance, develop new products or to evidence compliance with regulatory requirements.
Applicable Legal grounds: Legitimate Interests in assessing and improving performance, managing compliance, monitoring trends and developing new products.
We will obtain visitors’ consent to market communications to them using electronic means (e.g. email, text etc.), and may share visitors’ details for electronic marketing communications with other companies of our group, where visitors give consent for this to happen.
We will use profiling and carry out research and analytics activities to inform our marketing strategies, to create a better understanding of our customers and visitors; to support our website advertising, and to better improve the website information, functionality and the services we provide.
Applicable Legal grounds: Consent. Please note that where we collect visitors’ personal data with consent, visitors may withdraw their consent for us to use their information in any of these ways at any time. Please see section Visitors’ data protection rights below for further details (The right of consent withdrawal does not affect the lawfulness of processing that was based on that consent before its withdrawal).
Records maintenance and general administration
To maintain our records, administer and maintain our websites, support visitors’ queries and any other internal operations and administrative purposes (for example, this will include supporting our audit requirements and in responding to any enquiries visitors may make, including any data protection rights they raise).
Applicable Legal grounds: Legitimate Interests in maintaining appropriate websites, records and service administration.
Network and information security
To maintain our network and information security in order for us to take steps to protect visitors ’information against loss or damage, theft or unauthorised access. And to maintain appropriate server locations (for example, we may work with third parties to support appropriate use of cloud services).
Applicable Legal grounds: Legitimate Interests as appropriate for ensuring network and information security.
Management of legal and regulatory requirements
To manage legal and regulatory requests and requirements, meet or defend legal rights or for the prevention/detection of crime or any other public authority or criminal investigation body, or for the safeguarding of national security.
Applicable Legal grounds:
4. Who we share personal data with.
We may share visitor’s personal data with:
5. Information about international data transfers.
APP website uses servers which are hosted in Singapore. We may also share website personal data with suppliers or group companies located outside of the European Union where this is necessary for the purposes described above. To this respect, we apply safeguards to add to the data protections, including:
6. Data retention period.
We will keep visitors personal data for as long as we need them to provide the services, information requested. We may also keep them to comply with our legal obligations, respond to queries and resolve any disputes, to meet our legitimate interests and to enforce our rights.
The criteria we use to determine storage periods include the following: Information we have told visitors about storage periods on this Website or in website terms and conditions. We will also use criteria such as applicable contractual provisions that are in force, legal statutory limitation periods, applicable regulatory requirements and industry standards.
7. Visitors data protection rights.
Visitors have rights in connection with their personal data, including:
If visitors do need or want to get in touch with us for any reason regarding their data protection rights, they can get in touch using the email address below, and add into the subject header that it relates to data protection rights.
If visitors are not satisfied, they have also the right to lodge a complaint with their local data protection supervisory authority.
8. Links to other websites
9. Keeping visitors’ information secure
We require all of our services providers to have appropriate measures in place to maintain the security of your information.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect personal data, we cannot guarantee the security of visitors’ personal data transmitted over the internet; any transmission is at visitor’s own risk. Visitors’ information will be kept in a secure environment protected by a combination of physical and technical measures such as encryption technologies or authentication systems to prevent any loss, misuse, alteration, disclosure, destruction, theft or unauthorised access.