Privacy Policy

Last updated: June 29, 2026

Introduction

PT Metrodata Electronics Tbk (“Metrodata,” “we,” “us,” or “our”) respects your privacy and is committed to protecting personal data in accordance with applicable laws, including Indonesia’s Personal Data Protection Law (Undang-Undang Perlindungan Data Pribadi, “UU PDP”) and its implementing regulations. This Privacy Policy explains how we collect, use, disclose, retain, and safeguard personal data when you visit our website at metrodata.co.id, use our digital services, communicate with us, or otherwise interact with Metrodata as a customer, partner, investor, job applicant, or website visitor.

This policy applies to personal data processed through our corporate website, contact and inquiry forms, investor relations channels, careers applications, event registrations, marketing communications, and related online services operated by or on behalf of Metrodata. It does not apply to third-party websites, platforms, or services that may be linked from our site, nor does it replace contractual privacy terms that may apply to specific enterprise engagements, unless we expressly state otherwise.

By accessing or using our website and services, you acknowledge that you have read this Privacy Policy. Where required by law, we will obtain your consent before processing personal data for specific purposes. Your use of our website is also subject to our Terms of Service, which govern your access to and use of metrodata.co.id. If you do not agree with this Privacy Policy, please discontinue use of our website and contact us with any questions before submitting personal data.

Metrodata acts as a data controller for personal data described in this policy, meaning we determine the purposes and means of processing such data in connection with our website and related corporate activities. For certain enterprise solutions or managed services delivered to business customers, Metrodata may also process personal data as a data processor on behalf of a customer; in those cases, the customer’s privacy notice and contractual terms will govern.

Information We Collect

The categories of personal data we collect depend on how you interact with Metrodata. We may collect identity and contact information, such as your full name, job title, company name, business email address, telephone number, postal address, and country of residence. When you submit inquiries through our contact forms, request product or service information, register for events, subscribe to newsletters, or download resources, we collect the information you voluntarily provide.

We may also collect professional and transactional information related to your relationship with Metrodata, including inquiry history, communication records, meeting notes, proposal details, contract references, billing contacts, and support correspondence. If you apply for employment or submit your profile through our careers channels, we may collect résumé or curriculum vitae data, employment history, educational background, certifications, references, and other information relevant to recruitment.

  • Account and authentication data, such as login credentials and session identifiers, where you access password-protected areas or partner portals.
  • Technical and usage data, including IP address, browser type and version, device identifiers, operating system, referring URLs, pages viewed, time spent on pages, clickstream data, and error logs.
  • Marketing and communication preferences, including your subscription status, event attendance, and consent records.
  • Investor relations information, such as shareholder inquiry details and document download activity, where applicable.
  • Cookie and similar technology data, as described in the Cookies and Tracking Technologies section below.

We do not intentionally collect special categories of personal data—such as data relating to health, biometric identifiers, religious beliefs, or political opinions—through our general corporate website. If such information is submitted to us inadvertently, we will handle it only to the extent necessary to respond to your request and in compliance with applicable law.

How We Collect Information

We collect personal data directly from you when you complete forms on metrodata.co.id, send email to our published addresses, call our offices, register for webinars or events, subscribe to updates, participate in surveys, or otherwise communicate with Metrodata. We also collect data when you interact with our website, including through cookies, analytics tools, and server logs that record how our pages and services are accessed.

In some cases, we receive personal data indirectly from third parties, such as business partners who refer inquiries to us, event organizers who share attendee lists with participant consent, publicly available professional directories, social networking platforms where you choose to connect with Metrodata, or service providers that support our marketing, analytics, hosting, or customer relationship management activities. When we receive data from third parties, we require that it has been collected and shared in compliance with applicable privacy laws.

For enterprise customers and vendors, we may collect contact and billing information through contractual onboarding processes, procurement systems, or authorized representatives of your organization. We ask that you provide accurate and up-to-date information and notify us promptly if your details change so that we can maintain reliable records and honor your communication preferences.

Purposes of Processing

Metrodata processes personal data for legitimate business purposes connected to our role as an information technology solutions and services provider. Primary purposes include responding to inquiries and providing information about our products, services, partnerships, and corporate activities; managing customer and prospect relationships; delivering requested content, demonstrations, or event access; and administering contracts where you or your organization engage Metrodata.

  • Operating, maintaining, and improving metrodata.co.id, including troubleshooting, performance monitoring, and user experience optimization.
  • Sending service-related communications, such as responses to contact requests, security notices, and administrative messages.
  • Conducting marketing and promotional activities, including newsletters, invitations, and targeted business communications, where permitted by law and your preferences.
  • Processing job applications and managing recruitment workflows for open positions at Metrodata.
  • Supporting investor relations activities, including dissemination of corporate announcements and handling shareholder inquiries.
  • Complying with legal obligations, responding to lawful requests from authorities, and protecting our rights, property, and the safety of individuals.
  • Detecting, preventing, and addressing fraud, abuse, unauthorized access, and other security or technical issues.

We may also use aggregated or de-identified data derived from personal information for statistical analysis, benchmarking, and reporting. Such data does not identify individuals and is not treated as personal data under applicable law, provided it cannot reasonably be re-identified.

Legal Bases for Processing

Under UU PDP and related Indonesian regulations, Metrodata processes personal data based on one or more lawful grounds, depending on the context. Where consent is required, we will request clear and informed consent before processing your data for the relevant purpose—for example, when sending marketing emails or placing non-essential cookies on your device. You may withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

We also process personal data where necessary to perform a contract or take steps at your request prior to entering into a contract, such as responding to a commercial inquiry or preparing a proposal. Processing may be based on our legitimate interests, including operating and securing our website, developing our business, and communicating with professional contacts, provided those interests are not overridden by your rights and freedoms. In addition, we process data where required to comply with legal obligations, including record-keeping, regulatory reporting, and responding to valid legal process.

For special categories of data, if ever processed, we will rely on an applicable exception under UU PDP or obtain explicit consent where required. If you have questions about the legal basis applicable to a specific processing activity, please contact us using the details in the Contact Us section.

Cookies and Tracking Technologies

Our website uses cookies, web beacons, pixels, and similar technologies to enable core functionality, remember preferences, analyze traffic, and understand how visitors interact with our content. Cookies are small text files stored on your device when you visit metrodata.co.id. Some cookies are session-based and expire when you close your browser; others are persistent and remain until they expire or you delete them.

  • Strictly necessary cookies, which are required for the website to function, such as load balancing, security, and form submission integrity.
  • Functional cookies, which remember choices you make, such as language or region preferences.
  • Analytics cookies, which help us measure page performance, visitor volumes, and navigation patterns using aggregated statistics.
  • Marketing cookies, where used, which may support campaign measurement or personalized content on our site or partner platforms, subject to your consent where required.

You can manage cookie preferences through your browser settings, which may allow you to block or delete cookies. Please note that disabling certain cookies may affect website functionality or your experience on metrodata.co.id. Where required by law, we will present a cookie consent mechanism before placing non-essential cookies. Our use of cookies involving personal data is conducted in accordance with UU PDP and this Privacy Policy.

How We Use and Share Information

Metrodata uses personal data only for the purposes described in this Privacy Policy or as otherwise disclosed at the time of collection. We do not sell personal data. We may share personal data with trusted service providers that perform functions on our behalf, such as website hosting, cloud infrastructure, email delivery, customer relationship management, analytics, event management, and professional advisory services. These providers are authorized to use personal data only as necessary to deliver services to Metrodata and are contractually required to protect it appropriately.

We may disclose personal data within the Metrodata group of companies where necessary for internal administration, corporate governance, or coordinated customer support. We may also share information with business partners when you request a joint offering, referral, or co-branded activity, and only to the extent needed to fulfill that request. Additionally, we may disclose data when required by law, regulation, court order, or governmental authority, or when we believe disclosure is necessary to protect the rights, property, or safety of Metrodata, our users, or others.

In the event of a merger, acquisition, reorganization, asset sale, or similar corporate transaction, personal data may be transferred to a successor entity subject to confidentiality obligations and continued protection consistent with this Privacy Policy. We will provide notice where required by applicable law before personal data becomes subject to a materially different privacy policy.

International Data Transfers

Metrodata is headquartered in Indonesia, and our primary systems and data processing activities are located within Indonesia or hosted with reputable cloud providers that may operate infrastructure in other countries. Where personal data is transferred outside Indonesia—to service providers, group entities, or partners in other jurisdictions—we implement appropriate safeguards as required under UU PDP and applicable cross-border transfer rules.

Such safeguards may include standard contractual clauses, binding corporate rules, adequacy decisions where recognized, or other mechanisms permitted by Indonesian law. We assess the data protection practices of recipients and require contractual commitments regarding confidentiality, security, and purpose limitation. If you would like more information about international transfers relevant to your data, please contact us.

By submitting personal data through our website or engaging with Metrodata digitally, you acknowledge that your information may be processed in Indonesia and, where applicable, in other countries where our service providers or partners operate, subject to the protections described in this policy.

Data Retention

Metrodata retains personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, tax, or reporting requirements, resolve disputes, and enforce agreements. Retention periods vary depending on the type of data and the context of processing.

  • General website inquiries and contact form submissions: up to three (3) years from the date of last interaction, unless a longer period is required for an active business relationship or legal claim.
  • Customer and prospect relationship records: for the duration of the relationship and up to seven (7) years thereafter for contract, audit, and regulatory purposes, unless a longer retention period is mandated by law.
  • Marketing subscription and consent records: until you unsubscribe or withdraw consent, plus up to three (3) years to maintain proof of consent and suppression preferences.
  • Recruitment and job application data: up to two (2) years from the date of application for unsuccessful candidates, unless you consent to longer retention for future opportunities; data for hired employees is transferred to personnel records governed by employment policies.
  • Web analytics and cookie-related logs: up to twenty-six (26) months, aligned with common analytics platform retention settings, unless a shorter period is configured or required.
  • Security and server log data: typically up to twelve (12) months, unless extended retention is necessary for incident investigation or legal compliance.
  • Investor relations inquiry records: up to five (5) years, or as required by applicable capital markets and corporate governance obligations.

When personal data is no longer required, we securely delete, anonymize, or aggregate it in accordance with our data retention schedule and internal policies. Backups containing personal data may persist for a limited additional period before being overwritten in the ordinary course of system maintenance.

Data Security

Metrodata implements administrative, technical, and organizational measures designed to protect personal data against unauthorized access, disclosure, alteration, loss, or destruction. These measures include access controls based on role and business need, encryption in transit where appropriate, secure development and change management practices, network monitoring, and regular review of our information security policies.

We limit access to personal data to authorized employees, contractors, and service providers who require it to perform their duties and who are bound by confidentiality obligations. While we strive to protect your information, no method of transmission over the internet or electronic storage is completely secure. Accordingly, we cannot guarantee absolute security, but we continuously work to maintain safeguards commensurate with the nature of the data we process and the risks involved.

In the event of a personal data breach that is likely to result in harm or as otherwise required by UU PDP, we will notify affected individuals and relevant authorities in accordance with applicable legal timelines and procedures. If you believe your interaction with us is no longer secure, please contact us immediately using the details below.

Your Rights

Subject to applicable law, including UU PDP, you may have certain rights regarding your personal data. These rights may include the right to access personal data we hold about you, request correction of inaccurate or incomplete data, request deletion or anonymization where processing is no longer necessary or consent has been withdrawn, and request restriction of processing in specific circumstances.

  • Right to withdraw consent at any time, where processing is based on consent, without affecting prior lawful processing.
  • Right to object to processing based on legitimate interests, including direct marketing, where applicable.
  • Right to data portability, where technically feasible and required by law, for data you provided to us in a structured, commonly used format.
  • Right to lodge a complaint with the Indonesian personal data protection authority or other competent supervisory body.

To exercise your rights, please submit a verifiable request to info@metrodata.co.id with sufficient information for us to confirm your identity and understand your request. We will respond within the timeframe required by applicable law. We may need to retain certain information where we have a legal obligation or legitimate reason to do so, such as completing an ongoing transaction or complying with regulatory requirements.

If your request relates to contractual services or enterprise solutions, additional procedures may apply under your agreement with Metrodata. For general website use, your rights under this policy operate alongside the terms set out in our Terms of Service.

Automated Decision-Making

Metrodata does not use personal data to make decisions based solely on automated processing, including profiling, that produce legal effects or similarly significant effects concerning individuals in the context of our general corporate website. Our analytics tools may generate aggregated statistics about website usage, but these do not result in automated decisions that affect your legal rights or access to essential services.

If we introduce automated decision-making that materially affects you in the future, we will update this Privacy Policy and, where required by UU PDP, provide meaningful information about the logic involved, the significance of such processing, and your rights to obtain human intervention, express your point of view, and contest the decision.

Third-Party Links

Our website may contain links to third-party websites, platforms, social media channels, partner portals, or embedded content that are not operated or controlled by Metrodata. This Privacy Policy applies only to data collected by Metrodata through metrodata.co.id and our directly operated channels. When you follow a link to a third-party site or interact with embedded content, that third party's privacy policy and terms govern its collection and use of your information.

We encourage you to review the privacy practices of any third-party service before providing personal data. Metrodata is not responsible for the content, security, or privacy practices of external websites, even where we maintain a business relationship with the linked organization. Inclusion of a link does not imply endorsement of the linked site or its policies.

Children's Privacy

Metrodata's corporate website and services are directed at business professionals, partners, investors, and job seekers. Our website is not intended for children under the age of eighteen (18), and we do not knowingly collect personal data from children. If you are a parent or guardian and believe that a child has provided personal data to us, please contact us promptly so that we can take appropriate steps to delete such information from our records.

If we become aware that we have collected personal data from a child without verified parental consent where such consent is required by law, we will delete that information as soon as reasonably practicable. We may retain limited information only to the extent necessary to document and comply with our legal obligations.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or business operations. When we make material changes, we will post the updated policy on metrodata.co.id and revise the "Last Updated" date at the top of this page. Where required by UU PDP or other applicable law, we will provide additional notice—such as a prominent website banner or direct communication—before material changes take effect.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data. Your continued use of our website after an updated policy becomes effective constitutes acknowledgment of the revised terms, except where further consent or action is required by law.

Material changes that affect how we process personal data in connection with contractual services may also be addressed in separate notices or amendments to relevant agreements. For general website use, this Privacy Policy should be read together with our Terms of Service.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or Metrodata's handling of your personal data, please contact us using the details below. We will endeavor to respond to privacy-related inquiries promptly and in accordance with applicable legal requirements.

  • Company: PT Metrodata Electronics Tbk
  • Email: info@metrodata.co.id
  • Address: APL Tower, 37th Floor, Jl. Letjen S. Parman Kav. 28, Jakarta 11470, Indonesia
  • Phone: (+62-21) 2934 5888
  • Website: https://metrodata.co.id

When contacting us about a privacy matter, please include sufficient detail to help us identify your request and respond effectively. If you are contacting us on behalf of another individual or organization, we may require evidence of your authority to act on their behalf before fulfilling certain requests. For complaints that remain unresolved, you may have the right to escalate your concern to the relevant Indonesian data protection authority in accordance with UU PDP.