Kebijakan Privasi 08012024

Livin'  /  Customer Privacy Policy

CUSTOMER PRIVACY POLICY
PT BANK MANDIRI (PERSERO) TBK

In this Privacy Policy, we declare PT Bank Mandiri (Persero) Tbk, (hereinafter called “We”) act as the controller of Your Personal Data. The security of Your Personal Data is important to us. This Privacy Policy explains the definition of personal data, types of personal data, the legality and purpose of processing personal data, control and transfer of personal data, the period for processing personal data, changes to privacy policy, and Your rights as a Personal Data Subject based on Law Number 27 of 2022 concerning Protection of Personal Data along with its amendments and implementing regulations (hereinafter referred to as the "PDP Law") as well as applicable and relevant laws and regulations, to help You make the right decision before providing Your Personal Data to Us.

Type, basis of processing, and purpose processing of Personal Data may vary depending on the product and/or services You use.
 

A. Definition of Personal Data

Personal Data is data about an individual which is identified or can be identified individually or in combination with other information, directly or indirectly, through electronic or non-electronic systems.

Personal Data processed includes personal data that You have and will submit to Us.
 

B. Types of Personal Data

Personal Data that we process includes :

  • Identification data profile personal (i.e. full name, Identification Number (NIK) for WNI (Indonesian Citizens) and WNA (Foreign Citizens) KTP (ID Card) holders, Tax Identification Number (NPWP/TIN), immigration documents, gender, nationality, place and date of birth, birth mother's maiden name, alias/nickname, religion, voice recording, image recording, photo, signature (wet and/or electronic), and /or biometrics data);
  • Correspondence data (i.e. address as per KTP (ID Card), address and domicile status, e-mail address, telephone/cellphone number, and emergency contacts consisting of name, the relationship with you, address, telephone/cellphone number, and e-mail);
  • Education and employment data (i.e. education level, job type, field of business, job title, division, year of starting work/business, company name, address of workplace, employment status, as well as the name, position, and telephone number of work colleague);
  • Family data (i.e. marital status, partner’s name, number of children, and number of dependents);
  • Financial data (i.e. account number, source of income, total monthly/annual income, total monthly/annual expenses, transaction data, credit/financing data, asset-related data, collateral-related data and taxation data) as well as service data from other financial services you receive (i.e. insurance, custody);
  • Digital activity data (i.e. geolocation, IP address, Your activity on Our application, and the interaction between Our application with other applications on Your electronic device); and/or
  • Related data preference personal (i.e. communication preferences, hobbies, and interests).

Personal Data that We process may be received directly from You or through a third party. If We receive your Personal Data through a third party, we will reasonably ensure that the third party has a legitimate or lawful processing basis in obtaining Your Personal Data and/or has obtained Your consent.
 

C. Legality and Purpose of Processing Personal Data

Basis of Processing

We process Your Personal Data only if We have one or more of the following processing basis:

  • We have explicitly and legally obtain Your agreement;
  • We exercise Our rights and obligations based on Our contractual relationship with You;
  • We need to exercise Our authority or fulfill obligations based on laws or authorized institutions’ orders;
  • We need to fulfill Your vital interests;
  • We need to carry out Our duties in the public interest and/or public service; and/or
  • We need to fulfill other legitimate interests, subject to Our interests and Your rights as the subject of Personal Data.

Purposes of Processing Your Personal Data

We process Your Personal Data for the following purposes:

  • Maintaining Our products and/or services (including profiling and scoring) to improve Our service for You and for Our risk management interest.
  • Providing Our promos or programs, in cooperation with other party for products and/or services You already have.
  • Marketing on Our products and/or services, companies within Our financial conglomeration, and/or other third party in cooperation with Us, for the products and/or services You don't have yet.
  • Compliance with laws and regulation’s order, law enforcement official, and other authorized institutions.
     

D. Control and Transfer of Personal Data

In processing Your Personal Data, We may involve third party as joint controller and/or processor of Your Personal Data within and/or outside Indonesia. In such case, We will protect Your Personal Data in accordance with the applicable laws and regulations.

If We transfer Your Personal Data outside Indonesia, We will reasonably ensure that the country to which the transfer is made has a level of Personal Data protection equivalent to (or higher than) Indonesia’s Personal Data protection.

However, in the event that the country to which Personal Data is transferred does not equivalent (or higher) level of protection, We may still transfer Your Personal Data to the extent it complies with the laws and regulations.

 

E. Your Rights as a Personal Data Subject

You as a Personal Data Subject have the following rights:

  • Right to Information and Access
    You have the right to obtain information regarding the identity of the party requesting Your Personal Data, the purpose of the request, as well as access to a copy of Your Personal Data. We will provide access to information through Our official information facilities such as Bank Mandiri branches or other channels according to Our regulation.

    You understand that in the event You request copy of information regarding Your Personal Data information and/or details of the processing of Your Personal Data, You may be charged according to Our regulation.
     
  • The Right to Object to Automatic Processing Result
    You have the right to object to automated processing result of Your Personal Data which has legal consequences or has a significant impact on You, including profiling and/or credit scoring.
     
  • Right to Obtain, Use, and/or Send Personal Data to Other Parties
    You have the right to obtain, use, or send Your Personal Data that We store to other third parties as long as the systems used can communicate with each other securely.
     
  • Right to Data Correction
    You have the right to complete, update, and/or correct errors and/or inaccuracies in Your Personal Data.
     
  • Right to Sue
    You have the right to sue and claim compensation for violations processing of Personal Data that We do. You may exercise these rights through the means available based on applicable laws and regulations.
     
  • Right to Terminate Processing, Delete, and/or Destroy Personal Data
    You have the right to end processing, delete, and/or destroy Your Personal Data. You agree to give Us time to process the termination of processing, deletion, and/or destruction of Your Personal Data as far as We require. Due to the termination of processing, deletion, and/or destruction of Your Personal Data, We reserve the right to stop all transactions on Your account. To exercise the right to terminate the processing, deletion, and/or destruction of Personal Data, You need to submit a written request for termination of processing, deleteion, and/or destruction of Personal Data. You need to understand that the termination of processing, deletion, and/or destruction of personal data may affect Our ability to provide products and services to You as well as the contractual relationship that has been created between Us and You or between Us and other third parties. You give Us the right to freeze Your savings account, and You give Us the right to declare that Your debts and/or obligations to Us are due. This may result in the termination of one or more of Your agreements with Us and/or a violation of one or more of Your obligations under the agreement with Us. You agree to bear any losses that may arise from Your actions.

    Our obligation to delete and destroy Your personal data is excluded for:
    • National defense and security interests;
    • The interests of the law enforcement process;
    • Public interests in the context of state administration; or
    • The interest of supervising the financial services sector, monetary, payment systems, and financial system stability carried out in the context of state administration.
       
  • Right to Withdraw Consent
    You have the right to withdraw the consent to the processing of Personal Data that You have given to Us, and You agree to give Us additional time to process the termination of processing Your personal data as long as we need it. Due to the withdrawal of processing consent, We have the right to stop all transactions on Your account. To exercise the right to withdraw consent, You need to submit in writing a request to withdraw consent to the processing of Personal Data. You need to understand that withdrawing this approval may affect Our ability to provide products and services to You as well as manage the contractual relationships that have been created between Us and You or between Us and other third parties. You give Us the right to freeze Your savings account, and You give Us the right to declare that Your debt and/or obligations to Us are due so that You must pay off and fulfill Your obligations immediately and simultaneously. This may result in the termination of one or more of Your agreements with Us and/or a violation of one or more of Your obligations under the agreement with Us.
     

If You decide to exercise Your rights above, You are obliged to agree and accept the consequences of exercising Your rights. The implementation of Your rights, including decisions regarding Your rights application, will apply in accordance with the provisions of laws and regulations and Our policies.

You can contact Us via the communication means set out in point H of this Privacy Policy to obtain information regarding the implementation of Your rights.
 

F. Period for Processing Personal Data

We will process Your Personal Data from the time We obtain the basis for processing. We will continue processing as long as You are still using Our products and/or services or in accordance with the provisions of applicable laws and regulations. We may retain Your Personal Data after You have terminated Your use of Our products and/or services for a period of time necessary to comply with laws and regulations

G. Change of Policy Privacy

We may update this Privacy Policy from time to time to maintain its consistency with the development of Our practices regarding the processing of Your Personal Data and applicable laws and regulations. The latest Privacy Policy can be accessed through Our website (www.bankmandiri.co.id/livin/kebijakan-privasi.)

If there are changes to this Privacy Policy, it will be informed through Our official means.

If any part of the Privacy Policy becomes unenforceable, that part does not affect the validity and enforceability of the remaining provisions. The invalid parts will be replaced with valid provisions.
 

H. Contact Us

If you have any questions about this Privacy Policy, please contact our customer service at Mandiri Call 14000, WhatsApp Bank Mandiri 08118414000, e-mail mandiricare@bankmandiri.co.id, and/or Your nearest Bank Mandiri Branch Office.