PRIVACY POLICY

I. INTRODUCTION

PT DAHANA ("we," "us," or "our") is committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. This Privacy Policy explains how we collect, use, and protect your information when you use our Risk Management Application ("E-Manrisk App").

By using the App, you agree to the collection and use of information in accordance with this Privacy Policy.

II. INFORMATION WE COLLECT

We collect the following types of information:

  • Personal Information: This may include your name, employee ID, department, position, email address, and other identifying details that you voluntarily provide while using the App.
  • Risk Data: Information related to risk identification, assessment, mitigation, and monitoring — including descriptions, impact levels, control actions, responsible persons, and related documentation.
  • Device Information: We may collect information about your device, such as device type, operating system, IP address, and app usage statistics to help improve system performance and security.
  • Log Data: Whenever you use our App, we may automatically collect logs of activities, including timestamps, actions taken (e.g., adding, editing, approving, or reviewing risks), and system error reports.

III. HOW WE USE YOUR INFORMATION

We use the information collected for the following purposes:

  • To manage and monitor risk identification, assessment, and mitigation processes across the organization.
  • To ensure accountability, accuracy, and traceability of all risk-related data and decisions.
  • To notify users of updates, deadlines, or actions required within the risk management workflow.
  • To analyze and improve the performance, reliability, and security of the App.
  • To comply with internal policies, audits, and legal or regulatory requirements.

IV. DATA SHARING AND DISCLOSURE

We may share your information with:

  • Internal Departments of PT DAHANA: Relevant departments (e.g., Risk Management, Internal Audit, Compliance, and Management) that require access to risk-related information for operational or reporting purposes.
  • Service Providers: Authorized third-party service providers who assist in maintaining or supporting the App (e.g., IT infrastructure, hosting, or security providers), provided they adhere to our confidentiality and data protection standards.
  • Legal or Regulatory Authorities: We may disclose information when required by law, regulation, or valid legal process, or when necessary to protect our legal rights.

V. DATA SECURITY

We take the security of your information seriously. We implement appropriate technical and organizational measures to protect your data from unauthorized access, alteration, or disclosure. However, please note that no method of electronic transmission or storage is entirely secure.


VI. DATA RETENTION

We retain your personal and risk-related data for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, and to maintain internal records for audit and compliance purposes.


VII. YOUR RIGHTS

You have the right to:

  • Access the personal information we hold about you.
  • Request corrections or updates to your information.
  • Request deletion of your personal data, subject to applicable legal or operational requirements.
  • Withdraw consent to data processing, where applicable.

To exercise these rights, please contact us through our official contact page: https://dahana.id/contact/


VIII. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. Any significant changes will be communicated by posting the new version on this page and updating the “Effective Date” at the top.


IX. CONTACT US

If you have any questions about this Privacy Policy or our data handling practices, please contact us through our official contact page: https://dahana.id/contact/