Regulation on the Processing of Personal Data
NF Group
General Provisions
This Regulation on the Processing and Protection of Personal Data (hereinafter referred to as the “Regulation”) defines the procedure for collecting, storing, transmitting, and otherwise processing personal data, as well as the requirements for protecting the personal data of individuals (hereinafter referred to as "Users") who use the services, information, and products available on the domain nfgroup-indonesia.com (hereinafter referred to as the “Site”).
This Regulation is developed in accordance with Law No. 27 of 2022 concerning Personal Data Protection (Undang-Undang Nomor 27 Tahun 2022 tentang Perlindungan Data Pribadi) and other applicable laws of the Republic of Indonesia. Its purpose is to ensure the protection of individual rights and freedoms in the processing of personal data, including the right to privacy and personal integrity.
NF Group reserves the right to amend this Regulation at any time at its discretion, including when required by applicable Indonesian legislation. The updated version will be posted on the Site.
Relations regarding the processing of Users' personal data are governed by this Regulation, other official documents of NF Group, and applicable laws of the Republic of Indonesia.
Personal data is stored exclusively in electronic format and processed via automated systems unless manual processing is required by law.
By submitting their personal data, the User agrees to the terms of this Regulation.
Processing of User Personal Data
Personal data refers to any information relating to an identified or identifiable individual.
Processing of personal data includes collection, systematisation, storage, updating, use, distribution (including transfer), anonymisation, blocking, and destruction.
Personal data processing is carried out with the User’s consent.
Purpose of processing:
To enable feedback from NF Group, provide access to the Site and services, promote services and real estate offers, send marketing emails, conduct surveys and studies to improve service quality, and allow users to subscribe to newsletters (weekly or monthly). Users may unsubscribe at any time.
Technical data collected: IP address, domain name, browser type, operating system, time/date of visit—for analytics purposes.
NF Group may use personal data to organise promotional campaigns if the User participates.
Types of personal data collected may include (but are not limited to):
- Full name
- Email address
- Phone number
- Date of birth
- Gender, marital status
- Postal address
Data processing is carried out lawfully and fairly, following principles such as:
- Legitimacy of the purposes and methods
- Transparency
- Relevance and minimisation
Data is stored only for the period necessary for the purposes described unless otherwise required by law. Upon reaching the purpose, personal data is deleted or anonymised.
Transfer to third parties is possible only with the User’s consent or legal requirement, with confidentiality obligations.
Data may be used for:
- News and event updates
- Event invitations
- Promotions and offers
- Articles and publications
- Surveys and quality assessments
- Other lawful communications
Security Measures
Processing and protection comply with:
- Law No. 27 of 2022 on Personal Data Protection
- Other applicable regulations issued by the Indonesian Ministry of Communication and Information Technology (Kominfo)
Security measures include:
- Ensuring confidentiality
- Protecting against unlawful access, destruction, alteration, copying, distribution
Data Subject Rights
Users have the right to:
- Request correction, blocking, or deletion of inaccurate or unnecessary data
- Know what data is stored and its source
- Be informed about storage periods
- Notify third parties of data corrections if applicable
- Lodge complaints with authorities or in court
- Seek legal protection and compensation for damages
Requests must include:
- Valid ID number and issuing authority
- Proof of data processing by NF Group
- Signature and contact details
Obligations of NF Group
Upon request, personal data must be blocked during verification of any violation.
An appointed officer oversees data processing within the company.
Only authorised employees have access to personal data, based on an approved list. Employees must be informed of relevant laws and internal policies, and compliance must be monitored.
Liability
Violators of personal data protection laws may be subject to civil, administrative, or criminal liability in accordance with the laws of the Republic of Indonesia.
