Privacy Policy

Personal Information Collection

  1. What personal information we collect from you (“discloser”) depends on your relationship with us at the time of collection, i.e. insured, claimant, or prospect, as well as your request – the information of which may include the following:

    1. Personal Details
      This may include name, date of birth, age, gender, marital status, and occupation.
    2. Contact Information
      This may include address, phone number, telephone/mobile number, email address, and social media.
    3. Financial Information
      This may include bank account number, credit history, and other financial details.
    4. Other Information
      Health information, height, weight, medical record, other insurance policies held, hospitalization in the past, smoking habits, pre-existing conditions, family medical history, and other information you have given to us related to your or your family medical history.
  2. Your personal information will be collected and stored, directly or indirectly, when:

    1. You enter our Website;
    2. You disclose to us;
    3. Any persons related to you or appointed by you (including but not limited to your spouse or family member, a person whose name is under the same policy as yours, and any other persons under the purpose of validation of application, claim, and compensation) discloses to us, and
    4. Relevant third parties (including but not limited to our insurer, other insurers and financial institutions, regulatory bodies e.g. Financial Services Authority of the Republic of Indonesia (Otoritas Jasa Keuangan or OJK), Directorate General of Tax of the Ministry of Finance of the Republic of Indonesia (DGT), Directorate General of Population and Civil Registration of the Ministry of Home Affairs of the Republic of Indonesia (DGPCR) , Indonesian Financial Transaction Reports and Analysis Center (Pusat Pelaporan dan Analisis Transaksi Keuangan or PPATK), Indonesian National Police (Kepolisian Negara Republik Indonesia or POLRI), and other reliable sources e.g. Indonesian General Insurance Association (Asosiasi Asuransi Umum Indonesia or AAUI) or Indonesian Life Insurance Association (Asosiasi Asuransi Jiwa Indonesia or AAJI)). In the case of (c), when the information concerning about other persons (“data subject”) than the discloser is given to us, it is the sole responsibility of the discloser to ask for a consent from and notify the data subject of the disclosure of his/her personal information and the terms and conditions of this Privacy Policy.
  3. Your personal information may be collected and used for the following purposes:

    1. to provide you with our services and products which shall include performing our relevant contractual or regulatory obligations;
    2. to enhance our existing services and products and develop new services and products;
    3. to communicate with you about our existing or up-coming services or products, including but not limited to, terms and conditions, promotion, activities, and advertisement;
    4. for Website administration and business operation and
    5. to rely on the purpose or obligation which are subjected to us to collect your personal data stipulated by the laws such as insurance law, personal data protection laws and other related law.

    For your security, we

    1. use both encryption and tokenization technology to safeguard your sensitive information such as credit card number, which can only be accessed by an authorized person;
    2. restrict the access of your personal information to only our employees who require such access;
    3. prevent unauthorized access by regular update of technology; and
    4. delete your personal information when it is no longer necessary for relevant aforementioned purposes.
  4. We will retain your personal information as long as it is necessary for the purposes of collection and use, unless required or permitted by applicable law. For most of the cases, your personal information will be retained for five years after the date of termination or cancellation of your policy, whereas for financial information related to you, such as the amount of payment of premiums, claims and other ancillary payments, as per the applicable laws and regulations on Corporate Documents, will be retained for at least ten years after the date of termination or cancellation of your policy.

  5. In order to perform our contractual obligations towards you or our regulatory obligations towards regulators and authorities, your personal information may be disclosed, and/or disseminated to third parties for the relevant mentioned purposes only. These third parties may include insurers, reinsurers, our business partners, financial institutions, regulators e.g. OJK, authorities e.g. DGT, PPATK, POLRI, or other relevant government institutions, other service providers e.g. data storage service providers, call centre service providers, First Notice of Loss service providers, payment system provider or payment gateway provider, and repair shops, hospitals, health clinics, and other health service providers.

    Moreover, in order to improve your experience in using our Website and traffic optimization during access by users, we will also track your behaviour using analytical tools. These analytical tools will be provided by third-party provider that we have engaged, and we hereby reserve the right to add, stop or change existing provider to other third party analytical tools provider. The information that we have gathered for this purpose will be anonym and shall not be identifiable to you.

    For our business operation, where our legitimate interest is not less important that the data subject’s fundamental rights, your personal information may be disclosed and/or disseminated to our group companies and third parties such as external auditors, advisors, survey/data analytics service providers, and investors.

    In any case, your personal information will not be disclosed and/or disseminated to any other persons other than the cases of the above two paragraphs, without your consent, except for the following cases:

    1. providing that it is required by any applicable law;
    2. providing that it is necessary for preventing emergencies or protecting others from danger; and
    3. for the public interest

    In case where we disclose and/or disseminate your personal information to any third parties, we shall notify the said third parties of its confidential nature and their obligations to restrict the use of such information to any person involved for the permitted purposes as necessary only, and to handle the information appropriately in accordance with this Privacy Policy and the applicable laws and regulations in Indonesia concerning personal data protection.

  6. In order to provide you our services especially for documentation, your personal information will be stored in Indonesia, whereas other non-personal information will be stored outside Indonesia with the encryption and tokenization method mentioned above. None of your personal information with direct reference to you will be stored abroad. In any case, we will take any necessary step to ensure that your personal information is stored and secured appropriately.

Your Rights As a Data Subject

Subject to the applicable laws and regulations in Indonesia concerning personal data protection, by using our Website, receiving our services and/or purchasing our products, the protection of your personal data will cover the following process:

  1. In accordance with the applicable laws and regulations on personal data protection applicable in Indonesia, procurement and collection of personal data will be carried out by respecting your rights as the owner of the personal data, which will be carried out by providing options for confidentiality or non-confidentiality of your personal data, as well as other provision of options to change, add, or update the personal data. In this matter, procurement and collection of your personal data by us will be based on your consent, or according to the applicable laws and regulations.

  2. In accordance with the applicable laws and regulations on personal data protection applicable in Indonesia, processing and analyzing or your personal data will only cover matters that we have clearly stated when procuring or collecting your personal data. This will be based on your consent.

  3. In accordance with the applicable laws and regulations on personal data protection applicable in Indonesia, your personal data will be stored at least 5 (five) years since you are no longer becoming a user in our website. As mentioned above, your personal data will be stored in data center and data recovery center placed within the territory of the Republic of Indonesia. Other non-personal data, may be stored outside the territory of the Republic of Indonesia, by using tokenization and encryption so that the data that we stored outside the territory of the Republic of Indonesia will not be identifiable to you.

  4. In accordance with the applicable laws and regulations on personal data protection applicable in Indonesia, activity of displaying, publishing, transmitting, disseminating, and/or access opening of your personal data, will be done based on your consent.

  5. In accordance with the applicable laws and regulations on personal data protection applicable in Indonesia, your personal data will be destroyed when it has passed the Storing provision that we mention above, or it you request the destruction of your data.

Cookies Information

  1. Cookies are small pieces of data sent from a website to be stored in your personal devices. They allow the Website to recognize your devices and collect information to adjust the Website content to be in accordance with your preference. We use cookies through third-party service providers to improve your Website experience. `

  2. We use the following types of cookies:

    1. Strictly Necessary Cookie
      These cookies are necessary to help make the website function properly, by enabling basic functions such as page navigation. The storage duration is one year (persistent).
    2. Statistic Cookies
      These cookies track your behaviour of usage in order to know how many times you access certain functions of or your customer journey on our Website. The storage duration is between 1-2 years (persistent).
      In some cases we might use both types of cookies through third-party service providers.
    3. Managing Cookies
      You can manage, block, and delete cookies on your browsers. You can learn more abo ut cookies and how to manage them from this link: Allaboutcookies.
  3. This Website may contain links to other websites which we cannot ensure your privacy and security. The inclusion of such links does not guarantee that other websites will provide you with the same standard of personal data protection as per this Privacy Policy.

  4. We reserve the right to make any change to the Privacy Policy in order to comply with any applicable law. Hence, we encourage you to check the “Updated Date” of the Privacy Policy.

  5. If you have any query, comments, or recommendations about the Privacy Policy or if you would like to exercise your rights, please submit your query, comments, or recommendations to service@roojai.co.id. The process might take up to 30 days from the date of your submission.. The process might take up to 30 days from the date of your submission.