Securiti announces a $75M Series C Funding Round
ViewElegant Consumer Frontend, Fully Automated Backend, Privacy Regulation Intelligent Everywhere.
Looks like this email is already registered with an existing account.
Looks like there was an error completing your request, Please contact us here for further support.
Please do not close this window while we process your request
On September 20, 2022, the Indonesian Parliament ratified the Personal Data Protection Bill (PDPB). Officially known as the Personal Data Protection Law (PDPL), it aims to provide Indonesians the same degree of data protection as other major data privacy regulations.
The law will have an extraterritorial application for international organizations that handle Indonesian citizens’ data or perform data processing acts that have consequences within Indonesia or in relation to Indonesian citizens. Processing involves collecting, analyzing, storing, transferring, or deleting personal data belonging to Indonesian citizens.
It places major obligations upon organizations to ensure their activities comply with the law’s provisions. The PDPL provides a transition period of two years for both data controllers and data processors to adjust their data handling and processing methods in accordance with the new law.
The PDPL will formally come into effect on a date set by the Minister of State Secretariat, following which organizations subject to the PDPL will have two years to ensure compliance with the law.
Securiti enables organizations to ensure seamless compliance with Indonesia’s PDPL Personal Data Protection Law with AI-driven data discovery, DSR automation, universal consent management, autonomous documented accountability, data breach management, and vendor risk assessment.
Securiti supports enterprises in their journey toward compliance with Indonesia’s PDPL through automation, enhanced data visibility, and identity linking.
Request a demo today to learn how Securiti can aid you and your organization's compliance efforts.
Articles: 2, 16, 21, 28, 29, 30, 35, 37, 38, 39, 53, 54
With the help of our multi-regulation, collaborative, readiness, and personal information impact assessment system, you can gauge your organization's posture against Indonesia’s PDPL requirements, identify gaps, and address any risks. Seamlessly expand assessment capabilities across your vendor ecosystem to maintain compliance.
Chapter IV
Data subjects have the right to be informed of the use of their personal data and access the data held by an organization. For this purpose, organizations must simplify the initiation of verified DSR requests. Automating the delivery and generation of secure data access reports will significantly reduce the risk of compliance violations and reduce the workforce required to comply with all requests.
Furthermore, create personalized web forms according to your brand style guide with the DSR request format and accept verified data subject rights requests. Automate the initiation of fulfillment workflows when verified requests are received. Automate the delivery and generation of secure data access reports to significantly reduce the risk of compliance violations and reduce the workforce required to comply with all requests.
Articles: 5, 7, 13, 14, 32, 33
Disclosure of information to the data subjects within a limited time frame of receiving a verifiable data request is a must for any organization looking to comply. This will be free of charge and delivered through a secure, centralized portal.
Articles: 6, 14, 30
With the help of automated data subject verification workflows across all appearances of a subject’s personal data, you can seamlessly fulfill all data rectification requests.
Articles: 8, 16(1) (f), 16(2)(g), 44
Fulfill data subjects’ erasure/destroy/anonymize requests swiftly through automated and flexible workflows.
Articles: 10, 11, 34(2)(g), 41
Build a framework for objection and restriction of processing handling based on business requirements with the help of collaborative workflows.
Articles: 9, 20(2)(a), 21(1), 22(1), 23, 24, 25(2), 26(3), 40, 43(1)(b), 51(5)
Track consent revocation of data subjects to prevent the transfer or processing of data without their consent. Seamlessly demonstrate consent compliance to regulators and data subjects.
Articles: 9, 20, 25(1)
Automatically scan the web properties within your organization, categorizing tags and cookies. Also, build customizable cookie banners, collect consent, and provide a preference center.
Article: 46
Automates compliance actions and breach notifications to concerned stakeholders about security incidents by leveraging a knowledge database on security incident diagnosis and response.
Articles: 51, 52
Keep track of privacy and security readiness for all your service providers and processors from a single interface. Collaborate instantly with vendors, automate data requests and deletions, and manage all vendor contracts and compliance documents.
Articles: 31, 56
Instantly trace, manage, and monitor data flows on a single interface. Get comprehensive visibility by generating reports of all data points, any cross-border data transfers, vendor contracts, and compliance records.
Articles: 34(1), 34(3)
Automate the data protection impact assessment process by identifying the risks early on and mitigating them to ensure data security and compliance with the PDPL.
Articles: 47
Dynamically update privacy policies and notices to comply with Indonesia’s PDPL. Automate how you publish your privacy notices with the help of pre-built templates to make the process faster. Also, enable centralized management by tracking and monitoring privacy notices in order to maintain compliance.
Articles: 16, 27, 28, 29, 53(1)(b), 54(1)(b), 54(1)(c)
Keep a birds-eye view of potential risks against non-compliance to data subjects’ rights by routinely monitoring and scanning personal consumer data.
Articles: 16(2)(e), 35, 39(1), 39(2)
Ensure that the personal data is secured from any unauthorized access, disclosure, alteration or misuse, or deletion before processing such data. Determine the security level and accordingly implement relevant technical and operational measures to protect personal data.
The personal data owner has the right to access the personal data held by the personal data controller in accordance with the provisions set under the PDPL. Additionally, they can request information regarding the use and purpose of their personal data and the accountable party requesting it.
The personal data owner has the right to request the completion, renewal, or correction of any mistake or inaccuracy in their personal data according to the set provisions. The data controller is required to do so within 72 hours of receiving such a request.
The personal data owner has the right to request the termination, erasure, or destruction of their personal data.
The personal data owner has the right to revoke their consent at any period in time for the processing of their personal data that has been permitted to the personal data controller.
The personal data owner has the right to object to the decision-making, which is based on automatic processing in accordance with personal profiling.
The personal data owner has the right to postpone or limit the processing of their personal data in accordance with the purpose of processing.
The personal data owner has the right to file a lawsuit and receive compensation for the violation of their personal data as defined by Article 12 of the PDPL.
All data subjects have the right to obtain a copy of all personal data collected on them by a data controller or processor in a commonly used machine-readable format as provided by Article 13 of the PDPL.
Here are some important facts to know about the PDPL:
The data controller or the data processor is required to appoint an official who performs personal data protection in situations where processing is for public purposes, if the processing requires constant monitoring of personal data on a large scale and if there is large-scale processing of criminal offenses.
In the case of cross-border data transfer, organizations should ensure equivalent or higher data protection measures are in place where data is being sent.
The PDPL provides administrative sanctions and penal penalties in case of a personal data breach.
The administrative fines would be a maximum of 2% of annual revenue or annual acceptance of the violation variable. Additional punishments may also be imposed in the form of confiscating assets/profits obtained from unlawful activities.
The President shall establish a regulatory body to supervise the application of PDPL.
At Securiti, our mission is to enable enterprises to safely harness the incredible power of data and the cloud by controlling the complex security, privacy and compliance risks.
Copyright © 2023 Securiti · Sitemap · XML Sitemap
[email protected]
300 Santana Row Suite 450. San Jose,
CA 95128