Privacy Policy

Welcome to our products and services! We deeply understand the importance of personal information to you. To help you understand how we collect, process, and protect your personal information, and how you can manage your personal information, we have formulated this " PT INTERKONEKSI INDO TEKNOLOGI(IIT for short) Privacy Policy" ("this policy"). Before using our products and services, please be sure to carefully read this policy, especially the terms identified in bold/bold underline, to ensure that you fully understand and agree before starting to use. If you have any questions, comments, or suggestions regarding this policy, you can contact us.

Your agreement to the privacy policy indicates that you understand the basic functions provided by the application and the necessary personal information required for the basic functions to operate, and give corresponding collection and use authorization, but it does not mean that you have separately agreed to enable third-party applications or process unnecessary personal information. We will separately seek your consent based on your actual usage for enabling third-party applications, processing unnecessary personal information, and processing sensitive personal information.

I. Scope of Application

This policy applies to various products and services we provide to you through the IIT SaaS (Software as a Service) platform service and new forms that emerge with technological development.

This policy does not apply to products or services provided to you by third parties. Such products or services are subject to the personal information processing rules separately explained to you by the service provider.

II. Information Collection and Use

When you use our products or services, we need or may need to collect and process your personal information, including the following two types:

​1. Information that you must authorize us to collect and use in order to provide you with the basic functions of our products or services. If you refuse, you will not be able to use our products or services normally.

​2. Information that you can choose to separately agree or disagree with us collecting and using in order to provide you with third-party applications of our products or services. If you refuse, you will not be able to use the relevant third-party applications normally or achieve the functional effects we expect to achieve, but it will not affect your use of our basic functions.

We specifically remind you here: Because the types of products and services we currently and will provide to you in the future are numerous, and different users choose to use different specific products and services, the basic functions or third-party applications and their corresponding types and scope of personal information collected and used will vary. Please refer to the specific product or service function.

We provide you with specific functional scenarios including:

(I) Help You Become Our User and Account Management

Register as an IIT Enterprise Organization User

(1) Basic Enterprise Organization Services

To register as an IIT enterprise organization user, you need to provide your enterprise or organization name to create an IIT enterprise organization account, otherwise you will not be able to use IIT services based on enterprise organization management.

(2) Additional Enterprise Organization Services

Complete information: After registering as an IIT enterprise organization user, you can further provide information such as the location and industry type of your enterprise or organization.

Organization certification: If an enterprise organization user wants to obtain more rights or services, the administrator can submit specific information and materials (including business license, enterprise organization name, address, etc.) to apply for certification and become an IIT certified enterprise organization user.

(II) Provide You with Online Customer Service

1. Instant Messaging

When you use IIT for instant messaging, we need to record your chat information in order to realize information transmission and interaction, and synchronize it to all your logged-in devices.

If you need to send photos or files, you need to authorize IIT to obtain the photo album or file storage permissions of your device.

If you need to share your location, IIT needs to obtain your location information in order to send and display it to the other party, and we will obtain the information from the location sensor in your device to assist in determining your location.

2. Message Notifications

During your use of IIT services, we may send you one or more types of messages through phone calls, SMS, push messages, pop-ups, etc., such as service notifications, verification codes, etc. When the message involves third-party applications, the relevant message notifications will change according to your settings for the third-party applications involved.

(III) Help Enterprise Organizations Conduct Online Office Work and Process Enterprise Organization-Controlled Data as Entrusted

Data Control Rights

All data generated by you logging in and using the enterprise account assigned to you by the enterprise organization for office work belongs to the enterprise organization-controlled data. You fully understand the commercial office nature of the enterprise account and avoid self-operated uploading, inputting, publishing, transmitting, or sharing personal information or privacy on the enterprise account. Otherwise, you may not deny the enterprise organization's data control rights over the enterprise account due to such self-operated behaviors.

You understand and agree that the enterprise organization user is the manager of enterprise-controlled data, and we only process enterprise organization-controlled data according to the instructions of the enterprise organization user administrator. Before uploading IIT enterprise organization information and requiring end users to submit intelligent human resources information and external business contact information, enterprise users should ensure that only the end user information necessary to achieve enterprise operation and management purposes is collected, fully inform end users of the purpose, scope, and usage of relevant data collection, and obtain end user authorization and consent.

As an end user, you understand and agree that enterprise organization users have the right to process your personal information based on the necessity of establishing and performing contracts with you as a party, or based on the necessity of implementing human resource management in accordance with legally formulated rules and regulations and legally signed collective contracts. This includes entrusting IIT to process your personal information within the purpose and scope of realizing online office work and communication when the administrator opens, manages, and uses IIT services, based on reasonable necessity.

(IV) Customer Service and Dispute Resolution

When you contact our customer service for help, you need to provide necessary information to verify your user identity in order to ensure the security of your account and system.

In order to contact you, help you solve problems, or record relevant problem-solving solutions and results, we will store your communication records and related content with us (including account information, work order information, other information you provide to prove relevant facts, or contact information you leave).

For the reasonable needs of providing services and improving service quality, we may also use your other information, including relevant information you provide when contacting customer service, and questionnaire reply information you send to us when participating in questionnaire surveys.

(V) Provide You with Information Public Release Function

During conversations, your company's brand, profile, website, and other information will be displayed. Some information is collected and displayed by IIT, and some information is collected and displayed at the request of third-party service providers. In the future, corresponding information may be displayed according to relevant laws and regulations.

(VI) Provide You with Security Guarantee

In the process of providing IIT services, we may involve the use of third-party protection software and services, as well as collect logs and device information. This information will be used by IIT for analysis, auditing, protection, and handling operations to ensure that the availability, integrity, and data security of IIT services are not affected.

(VII) Third-Party Applications that You Access

1. Third-Party Applications

The use of IIT involves third-party platforms, software, and services. You need to grant corresponding authorizations to allow IIT to use such applications to provide you with services. If you do not agree to authorize, it will not affect your use of IIT's basic services, but you will not be able to use these additional services. Your enabling of any permission represents your authorization for us to collect and use relevant personal information to provide you with corresponding services. Closing any permission represents your cancellation of authorization, and we will no longer continue to collect and use relevant personal information based on that permission, nor will we be able to continue to provide services corresponding to that permission. Closing permissions will not affect the collection and use of information based on your authorization before the permission is closed, but it may affect the subsequent performance of IIT services.

You can view relevant authorization status through the IIT management backend.

2. Cookie and Similar Technology Services

Cookie and other similar technologies are commonly used technologies on the Internet. When you use our services, we may send one or more Cookies or anonymous identifiers (hereinafter referred to as "Cookies") to your device to collect, identify, and store information about your access and use of this product. We promise not to use Cookies for any purpose other than those stated in this privacy policy. We use Cookies mainly to ensure the secure and efficient operation of products and services, to confirm the security status of your account and transactions, to investigate crashes, delays, and related abnormal situations, and to help you save the steps and processes of repeatedly filling out forms and entering search content.

At the same time, we may use Cookies to display information or functions that you may be interested in. Most browsers provide users with the function of clearing browser cache data. You can perform corresponding data clearing operations or refuse our Cookies. You may not be able to use services or corresponding functions that rely on Cookies due to these modifications.

(VIII) Other Rules for Collecting and Using Personal Information

1. If the information you provide contains personal information of others, you need to ensure that you have obtained legal authorization before providing this personal information to IIT.

2. On the premise of being processed by secure encryption technology, we will use the collected data for machine learning and algorithm model training to provide you with better services.

III. Cooperation Parties Involved in Data Use Process and Transfer, Disclosure of Personal Information

(A) Cooperation Parties Involved in Data Use Process

1. Basic Principles

When we cooperate with partners, we will follow these principles:

(1) Principle of Legality, Legitimacy, and Minimum Necessity: Data processing should have a legal basis, have a legitimate purpose, and be limited to the minimum scope necessary to achieve the processing purpose.

(2) Principle of Maximizing User's Right to Know and Decide: Fully respect the user's right to know and decide on the processing of their personal information during the data processing process.

(3) Principle of Maximizing Security Guarantee Capability: We will take necessary measures to ensure the security of the personal information being processed, carefully evaluate the purpose of the partner's use of data, comprehensively assess the partner's security guarantee capability, and require them to comply with the relevant requirements of the cooperation agreement.

2. Scope of Cooperation Parties

If specific functions and scenarios involve services provided by our affiliates or third parties, the scope of cooperation parties includes our affiliates and third parties.

3. Entrusted Processing

We may entrust cooperation parties to process your personal information so that the cooperation parties can provide certain services or perform functions on our behalf. We will only entrust them to process your information for the legal, legitimate, necessary, specific, and clear purposes stated in this policy, and authorize cooperation parties to only access the information necessary to perform their duties. We will require through agreements that they must not use this information for any purpose beyond the scope of entrustment. If the authorized cooperation party uses your information for purposes we have not entrusted, they will separately obtain your consent.

4. Joint Processing

For scenarios of joint processing of personal information, we will sign relevant agreements with cooperation parties in accordance with legal provisions and stipulate their respective rights and obligations to ensure that the use of relevant personal information in the process complies with relevant legal provisions and protects data security.

5. Cooperation Scenarios

1) To Realize Business Functions

Provide context information in the customer service workbench to provide work convenience for your enterprise's customers.

2) Security and Statistical Analysis

A. Ensure Usage Security: To protect the legitimate rights and interests of IIT users from illegal infringement, our cooperation parties may use necessary equipment, account, and log information.

B. Analyze Product Conditions: To analyze the stability of IIT products or services, cooperation parties providing analysis services may need to use service information, device identification information, overall application installation and usage information, and other information.

C. Academic Research: To enhance scientific research capabilities in related fields and promote the level of technological development, we may use de-identified or anonymized data on the premise of ensuring data security and legitimate purposes.

3) Other Cooperation Scenarios

In addition to the above cooperation scenarios, we may also entrust information to other cooperation parties that support our business for processing, such as those who provide technical infrastructure services on our behalf.

(B) Transfer

If we need to transfer personal information due to merger, division, dissolution, or bankruptcy declaration, we will inform you of the name and contact information of the recipient. The recipient will continue to fulfill this policy and other legal obligations. If the recipient changes the original processing purpose and method, the recipient should obtain your consent again.

(C) Public Disclosure

We will only publicly disclose your personal information in the following situations:

1. We may publicly disclose your personal information in situations where you actively choose or otherwise obtain your separate consent.

2. If we determine that you have violated laws and regulations or IIT-related agreements and rules, or to protect others' personal and property safety from infringement, we may disclose your personal information, including relevant violations and measures IIT has taken against you.

(D) Cessation of Operations

If we cease to operate products or services, we will promptly stop continuing to collect your personal information and send you a notice of cessation of operations in the form of individual notification or announcement. We will delete or anonymize the personal information we hold related to the discontinued products or services.

(E) Situations Exempt from Obtaining Your Authorized Consent by Law

According to laws and regulations, in the following situations, cooperation parties' use or our transfer or public disclosure of your personal information does not require obtaining your authorized consent:

1. Necessary for concluding or performing a contract at your request.

2. Necessary for performing statutory duties or obligations (for example, we may share your personal information according to legal and regulatory requirements, litigation, and other dispute resolution needs, or according to requests legally made by administrative and judicial authorities).

3. Necessary to respond to public health emergencies or to protect others' life, health, and property safety in emergency situations.

4. Handling personal information within a reasonable scope for the implementation of news reporting, public opinion supervision, and other acts for the public interest.

5. Handling personal information that you have voluntarily made public or other legally publicly available personal information within a reasonable range (such as personal information legally made public through legitimate news reports, government information disclosure, and other channels).

6. Other situations stipulated by laws and regulations.

IV. Your Rights

(A) Access, Correction, and Supplement

You can query and correct enterprise organization-controlled information through the IIT management backend, including organization structure information, modifying login passwords, changing main administrators, and other operations. You can also choose to enable or disable IIT basic application services.

(B) Copy

You can copy or export your personal information through the IIT management backend.

(C) Deletion

You can contact us to delete part of your information or apply to cancel your account to delete all of your information.

In the following situations, you can contact customer service to request us to delete personal information:

1. If our handling of personal information violates laws and regulations;

2. If we collect and use your personal information without obtaining your explicit consent;

3. If our handling of personal information seriously violates our agreement with you;

4. If our processing purpose has been achieved, cannot be achieved, or is no longer necessary to achieve the processing purpose;

5. If we stop providing products or services, or the retention period has expired.

If we decide to respond to your deletion request, we will also try to notify the entities that have obtained your personal information from us and require them to delete it promptly (unless otherwise stipulated by laws and regulations or these entities have independently obtained your authorization).

After you delete your personal information, due to legal and regulatory or security technical limitations, we may not be able to immediately delete this information from the backup system. We will securely store your personal information and limit further processing of it until the backup can be cleared or anonymized.

(D) Changing Authorization Scope

You can withdraw your authorization or change the scope of your authorization for us to collect and process your personal information through the following methods:

You can log in to the IIT management backend and choose to enable or disable IIT services or third-party applications.

For authorizations that you cannot directly set through the above methods, you can contact customer service for an explanation. However, for certain types of personal information, such as information necessary to implement IIT basic functions or information we need to fulfill legal obligations, we may not be able to respond to your request to change the authorization scope. After you withdraw authorization, we will no longer process the corresponding personal information, but the withdrawal of authorization will not affect our processing of personal information based on your previous authorization.

(E) Account Cancellation

You can apply to cancel your account through the following method:

You can directly contact our staff, and our staff will help you cancel your account in the backend. Once the account is cancelled, no information will be retained.

(F) Responding to Your Requests

For the above requests you make to us, you can contact our customer service or initiate a complaint to our personal information protection specialist department. We will respond within 15 days.

To ensure the security of your account and personal information, when you make the above requests to us, we will first verify your identity (such as adding account verification, requiring you to provide a written request or other reasonable methods), and then process your request.

For your reasonable requests, we generally do not charge fees, but for repeated requests that exceed reasonable limits, we will charge fees as appropriate. We may refuse requests that are unreasonably repetitive, require too much technical measures (for example, need to develop new systems or fundamentally change current practices), risk the legitimate rights and interests of others, or are very impractical.

V. Information Storage

(A) Storage Period

We will only retain your personal information for the period necessary to achieve the purposes stated in this policy, unless the law has mandatory retention requirements.

We determine the storage period of personal information mainly based on the following criteria:

1. Complete transaction purposes related to you, maintain corresponding transaction and business records to respond to your possible inquiries or complaints;

2. Ensure the security and quality of the services we provide to you;

3. Whether you agree to a longer retention period;

4. Needs related to the statute of limitations for litigation;

5. Whether there are other special agreements or legal regulations regarding the retention period.

After exceeding the retention period, we will delete or anonymize your personal information according to the requirements of applicable laws.

(B) Storage Security

1. Data Protection Technical Measures

We have taken security protection measures that comply with industry standards and are reasonably feasible to protect your information, prevent personal information from unauthorized access, public disclosure, use, modification, damage or loss. For example: We will use encryption technology to enhance the security of personal information. Data exchanged between your browser and the server is protected by SSL protocol encryption. We provide HTTPS protocol secure browsing method. We use trusted protection mechanisms to prevent personal information from malicious attacks. We will deploy access control mechanisms to ensure that only authorized personnel can access personal information.

2. Data Protection Management Organizational Measures

We have established a reliable data security management system, enhancing the security of personal information from organizational and technical dimensions. We have set up a dedicated department for personal information protection, continuously strengthening employees' awareness of the importance of protecting personal information.

3. Personal Information Security Incident Response

If our physical, technical, or management protective facilities are damaged, resulting in unauthorized access, public disclosure, tampering, or destruction of information, causing damage to your legitimate rights and interests, we will promptly initiate emergency plans to minimize the impact on you personally. In the event of a personal information security incident, we will also inform you of the basic situation of the security incident and its possible impact, the measures we have taken or will take, suggestions for you to independently prevent and reduce risks, and remedial measures for you in accordance with the requirements of laws and regulations. We will inform you by SMS, phone, and other reasonable channels. If it is difficult to inform one by one, we will adopt a reasonable and effective way to publish an announcement. At the same time, we will also report the handling of personal information security incidents to the regulatory authorities as required.

4. Prevention of Account Security Risks

When using IIT for communication and collaboration, please properly protect your personal information and only provide it to others when necessary to avoid information theft or even encounter telecommunications network fraud.

If you are concerned that your personal information, especially your account or password, has been leaked, please contact our customer service immediately so that we can provide guidance to take appropriate measures based on your situation.

VI. Policy Updates

To bring you better product and service experiences, we continuously strive to improve our products, services, and technologies. When services and business processes change, we may update our privacy policy to inform you of specific changes. But without your explicit consent, we will not limit your rights under this policy.

For significant changes, we will also provide more prominent notices (including SMS, phone, email, pop-up reminders, etc.).

Significant changes referred to in this policy include:

1. Significant changes in the business model of the product. Such as the purpose of processing personal information, the type of personal information processed, the way personal information is used;

2. Changes in the subject of the privacy policy due to business adjustments, mergers and acquisitions, with the new subject changing the original processing purposes and methods;

3. Major changes in the main objects of personal information sharing or public disclosure;

4. Major changes in user personal information rights and their exercise methods;

5. Changes in the contact information of the person responsible for personal information protection and complaint channels;

6. When the personal information protection impact assessment report indicates that the product has a significant impact on personal rights.