Privacy Policy

Managed by: PT Tijari Mandiri Teknologi

Last Updated: June 27, 2025

1. Introduction

PT Tijari Mandiri Teknologi ("We," "Bitlion.io," "the Company") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard your personal information when you use our AI-powered Compliance GRC platform.

Important Notice: This service is not intended for individuals under the age of 17. By using our services, you confirm that you are at least 17 years old.

2. Information We Collect

We collect various types of information to provide and improve our services:

2.1 Identity Information
  • Full name
  • Email address
  • Phone number
  • Professional credentials
2.2 Company Information
  • Company name
  • Job title
  • Industry sector
  • Business address
2.3 Technical Information
  • IP address
  • Browser type and version
  • Operating system
  • Device information
2.4 Usage Information
  • Service interaction data
  • Feature usage statistics
  • Performance metrics
  • User preferences

3. How We Use Your Information

We use your information for the following purposes:

  • To provide, maintain, and improve our platform functionality and features
  • To send service updates, technical notices, and support responses
  • To analyze usage patterns and enhance user experience
  • To meet legal obligations and maintain security standards

4. Sharing Your Information

We maintain strict controls over data sharing and never sell your personal information. Data sharing occurs only with:

  • Cloud & data storage providers
  • Audit & compliance partners
  • Legal authorities (when required)
  • Legal & financial advisors

All third parties are contractually bound to process data only for authorized purposes and maintain strict confidentiality.

5. Data Security

We implement robust security measures to protect your data:

5.1 Technical Measures
  • End-to-end encryption
  • Role-based access control
  • Multi-factor authentication
  • Regular security updates
5.2 Organizational Measures
  • Regular security audits
  • Staff training programs
  • Incident response plans
  • ISO 27001 alignment

6. Your Rights

Under applicable data protection laws (e.g., PDPA), you have the following rights:

  • Access: Request access to your personal data
  • Rectification: Correct inaccurate information
  • Erasure: Request deletion of your data
  • Restriction: Limit data processing
  • Portability: Transfer your data
  • Objection: Object to processing

To exercise your rights, please submit a Data Subject Access Request (DSAR) through our website.

7. Cookies & Tracking Technologies

We use the following types of cookies:

  • Essential Cookies: Core site functionality (e.g., login sessions) - Session duration
  • Performance Cookies: Anonymous analytics (e.g., page visits) - 1 year duration
  • Functional Cookies: Remember preferences (e.g., language) - 6 months duration
  • Advertising Cookies: Targeted advertising (requires consent) - 90 days duration

8. Data Retention

We retain personal data only as long as necessary or required by law:

  • Active accounts: Duration of service plus 30 days
  • Deleted accounts: Up to 5 years for compliance and legal purposes
  • Marketing data: 2 years from last interaction
  • Security logs: 1 year

9. Policy Updates

We may update this policy periodically. Changes will be communicated through:

  • Email notifications
  • Website announcements
  • In-app notifications

10. Contact Us

PT Tijari Mandiri Teknologi

Address:
Kawasan CBD Rasuna Epicentrum, Epiwalk Office Suite Level 5 Unit A501
Jl. H. R. Rasuna Said, Karet Kuningan, Setiabudi
South Jakarta, DKI Jakarta 12940, Indonesia

Phone: +62 811 33 111 86

Email: [email protected]