Draft notice — last updated 20 April 2026. A counsel-reviewed, formally published version is in preparation.
Controller vs Processor
For the datahive.id website, PT Virtue Digital Indonesia is the Data Controller. For Datahive platform deployments on customer infrastructure, the customer is the Controller and we act only as an on-premise software vendor — we do not process customer personal data ourselves.
Lawful basis
Website data: we process contact form submissions on the basis of explicit consent (UU PDP Art. 20). Server logs and anonymized analytics: legitimate interest in platform security and product improvement (UU PDP Art. 20 letter f).
Data subject rights (Art. 5-14)
- Right to information about processing — served via the privacy policy.
- Right to access and correction — via hello@val.id.
- Right to erasure — honored within 30 days.
- Right to object and restrict processing — honored within 30 days.
- Right to data portability in machine-readable format.
- Right to withdraw consent at any time.
Cross-border transfer
We do not transfer personal data outside Indonesia for website operations. Customer Datahive deployments run entirely within customer-controlled infrastructure and under customer-defined data residency rules.
Breach notification
In the event of a personal data breach affecting website users, we will notify affected individuals and the Personal Data Protection authority within 3 × 24 hours as required by UU PDP Art. 46.
DPO contact
For all UU PDP-related correspondence: hello@val.id with “UU PDP” in subject.