From October 2024, companies in Indonesia has to comply to UU PDP or Perlindungan Data Pribadi. On October 17th, 2022, the Indonesian government enacted a new law regarding the protection of personal data. This law aims to provide security to personal data as part of human rights. Therefore, the Personal Data Protection Law, Undang-undang (UU) No. 27 Tahun 2022, has been established.
Is your company fully prepared to embrace the PDP Law? Let’s check your readiness here!
What is Personal Data?
Personal data, as defined in Pasal 1 of UU No.27 Tahun 2022, refers to data about an individual that can be directly or indirectly identified or combined with other information, whether through electronic or non-electronic systems. Personal data protection encompasses all efforts to safeguard personal data throughout its processing.
Personal Data Controller Obligation
According to Pasal 20, personal data controllers must have a legal basis for processing personal data. When processing personal data, it is important to comply with the regulations outlined in the PDP Law. Personal data controllers are required to process data in a specific, limited, transparent, and legally valid manner. Additionally, all personal data processing activities must be documented.
Companies as Personal Data Controller and Processor
Companies, as controllers and processors of personal data, are required to comply with this law, which will come into effect in October 2024. Failure to protect clients’ security and privacy may result in penalties for companies. Therefore, companies must ensure the security and privacy of their data, both technically and non-technically.
Fill this form
So you can check what your company should still do to comply with PDP