Securiti announces a $75M Series C Funding Round


Indonesia’s Personal Data Protection Law (PDPL) Infographic

This infographic gives you a better understanding of the following:

  • Key obligations for organizations under the PDPL
  • The administrative and criminal sanctions for organizations found in breach of the PDPL
  • Data subject rights for Indonesians and who enforces these rights


Award-winning technology, built by a proven team, backed by confidence. Learn more.

On September 20, 2022, the Indonesian parliament formally passed the Protection of Personal Data Law (PDPL), intending to empower all Indonesians with a broader degree of control over their data online.

The law provides both data controllers and data processors with a transition period of two years to ensure their data handling and processing activities comply with the new law's provisions. Additionally, the PDPL obligates all organizations to adopt a strict consent management regime to ensure any and all data collected is done so only after explicit valid consent from the data subject.

This infographic gives you insights into the range of new data subject rights, specific data-related obligations for organizations, and the administrative penalties per the PDPL.

Indonesia’s Personal Data Protection Law (PDPL)

Our Readers Frequently Ask:

The PDPL deals with personal data. Per the PDPL, there are two types of personal data, either general or specific in nature. General data includes full name, gender, religion, marital status, etc. At the same time, specific personal data includes an individual's biometric data, genetic data, criminal records, and financial data. Any other kind of data or information not covered by the PDPL under these two categories is not covered by the PDPL.

In essence, a breach of privacy is any instance where a user's personal information is stolen, lost, used, or disclosed without proper permission. For an organization, a breach of privacy is any data breach that may jeopardize the security of the data it has collected over its users.

The PDPL applies to every person, corporation, public body, or international organization located within or outside the Republic of Indonesia. However, the processing of personal data by individuals in personal or household activities is exempt per the PDPL.

All-in-One Solution For Your Business Needs

The Multi-disciplinary practice to grow trust-equity of your brand and comply with privacy regulations

View More

The Twitter Whistleblower

Exposing the Truth of Sensitive Data Exposure

View More

A Brief Overview of Global Privacy Control (GPC)

Global Privacy Control (GPC) is an initiative to create a global technical specification designed to communicate a consumer’s privacy preferences to data controllers and processors.

View More

FIFA Cybersecurity Framework Privacy Impact Assessment

Here are some fundamental practices that can help you conduct a thorough and effective Privacy Impact Assessment (PIA) as required per the FIFA Cybersecurity Framework.

View More

The Evolving Landscape of European Data Privacy Laws

Take proactive approach by mandating corporations to protect users' personal data

View More

Avoiding the Pitfalls of CPRA Non-Compliance

California’s next wave of privacy legislation, the California Privacy Rights Act (CPRA), also known as Proposition 24, was approved by California voters on November 3, 2020.

View More

CDMC Readiness Assessment Checklist

CDMC assessment provides insight into how many of the best practices are presently in place around cloud adoption.

View More

Legacy Privacy Framework vs. Modern Privacy Framework

Legacy Privacy Framework vs. Modern Privacy Framework

At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.


Users love Securiti on G2 G2 leader spring 2022 G2 leader summer 2022 G2 leader easiest business 2022 RSAC Leader Forrester Badge IAPP Innovation award 2020 Gartner Cool Vendor Award Sinet Innovator Award