Who we are
Our website address is: http://jadibegitu.com.
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
Jl. Pagesangan Blok 65 A Surabaya, Jawa Timur
(+62) 856-4833-6157 (main number)
How we protect your data
Privacy International strongly believes that you have the right to control the use of your personal information, and that your privacy must be respected. We strictly limit the collection and processing of your personal data, and to the best of our abilities we will work only with other organisations who do the same. We will not use personal data that you provide to us in a manner inconsistent with the purposes for which you provided it to us, as set out below.
We do not sell, rent or lease personal data.
We will vigorously challenge any attempts by government agencies or private sector organisations to gain access to any information that you give us.
What data breach procedures we have in place
- 1In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. 2Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.
- The processor shall notify the controller without undue delay after becoming aware of a personal data breach.
- The notification referred to in paragraph 1 shall at least:
- describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;
- communicate the name and contact details of the data protection officer or other contact point where more information can be obtained;
- describe the likely consequences of the personal data breach;
- describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
- Where, and in so far as, it is not possible to provide the information at the same time, the information may be provided in phases without undue further delay.
- 1The controller shall document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken. 2That documentation shall enable the supervisory authority to verify compliance with this Article.
What third parties we receive data from
This website receives no data from external third parties.
What automated decision making and/or profiling we do with user data
A decision based solely on automated processing is a decision with no human involvement in the decision process9. The guidelines warn that involving a human in the process to circumvent the rules on solely automated decision making would not work, as the human involvement must be meaningful and not just a token gesture. The individual needs to have the authority to change the decision considering all the information available10..
Decisions that have a legal effect are those that impact on an individual’s legal rights (including in contract). Examples given in the guidelines include:
- entitlement or denial of a social benefit granted by law, such as child or housing benefit;
- increased surveillance by competent authorities; or
- being automatically disconnected from a mobile phone service because an individual forgot to pay his/her bill before going on holiday.
A decision that has a similarly significant effect “must have the potential to significantly influence the circumstances, behaviour or choices of the individuals concerned. At its most extreme, the decision may lead to the exclusion or discrimination of individuals.” 11The examples given in the GDPR are automatic refusal of an online credit application or e-recruiting practices without any human intervention. The guidelines explain that although online advertising will not generally meet the threshold of having a similarly significant effect, online advertising may meet the threshold depending on the intrusiveness of the profiling, the expectations and wishes of the individuals, the way the advert is delivered and the vulnerabilities of the individuals concerned. An example given is an advert for risky financial products targeted at vulnerable individuals.
Industry regulatory disclosure requirements
Companies that are privately owned are not required by law to disclose detailed financial and operating information in most instances. They enjoy wide latitude in deciding what types of information to make available to the public. Small businesses and other enterprises that are privately owned may shield information from public knowledge and determine for themselves who needs to know specific types of information. Companies that are publicly owned, on the other hand, are subject to detailed disclosure laws about their financial condition, operating results, management compensation, and other areas of their business. While these disclosure obligations are primarily linked with large publicly traded companies, many smaller companies choose to raise capital by making shares in the company available to investors. In such instances, the small business is subject to many of the same disclosure laws that apply to large corporations. Disclosure laws and regulations are monitored and enforced by the U.S. Securities and Exchange Commission (SEC).
All of the SEC’s disclosure requirements have statutory authority, and these rules and regulations are subject to changes and amendments over time. Some changes are made as the result of new accounting rules adopted by the principal rule-making bodies of the accounting profession. In other cases, changes in accounting rules follow changes in SEC guidelines. For example, in 2000 the SEC imposed new regulations to eliminate the practice of “selective disclosure,” in which business leaders provided earnings estimates and other vital information to analysts and large institutional shareholders before informing smaller investors and the rest of the general public. The regulation forces companies to make market-sensitive information available to all parties at the same time. Dramatic and sweeping amendments were made to the SEC’s disclosure rules in the summer of 2002 with the passage of the Sarbanes-Oxley Act, often referred to simply as Sarbanes-Oxley, Sarbanes, or SOX.