This privacy policy explains how PT Bank Mega, Tbk (as defined below) processes your Personal Data when you contact and interact with our Complaint Service.
This Privacy Policy also outlines the types of Personal Data collected, the purposes of processing, the legal basis, the retention period, and your rights as a Data Subject within the Complaint Service in accordance with the provisions of laws and regulations regarding Personal Data Protection and applicable banking regulations.
The terms used in this Privacy Policy are defined as follows:
We are PT Bank Mega, Tbk, headquartered at Menara Bank Mega, Jl. Kapten P. Tendean 12-14A, Jakarta 12790, Indonesia, hereinafter referred to as “Bank Mega” or “we.” We are the entity responsible for processing Personal Data in connection with our Services.
In order to provide a Complaints Service for customers and the public regarding the Services we provide, Bank Mega acts as the Personal Data Controller for the Personal Data you submit to us in writing or in recorded form, whether directly or indirectly, through forms, telephone, websites, mobile banking applications, social media, or other communication channels. All processing of Personal Data is conducted in accordance with the provisions of laws and regulations regarding Personal Data Protection as well as other applicable banking regulations.
When you contact our Complaints Service via telephone, email, website, app, official social media, or other communication channels. We will collect and process your Personal Data to ensure the effectiveness and suitability of our Complaints Service to your needs, including for:
In providing our Complaint Handling Service, we may collect and process your Personal Data as follows:
We only process Personal Data for the purpose of handling the Complaint Service and do not use it for other purposes without a valid legal basis or without notifying you.
Personal Data that we collect and process for the purposes of the Complaint Service will be retained for as long as necessary to fulfill the purposes of processing or in accordance with applicable laws and regulations.
Personal Data processed for the purposes of handling complaints, information requests, or service requests will be retained for as long as necessary for the resolution of complaints, legal purposes, and audits.
We may share your Personal Data with certain parties within a reasonable scope and in accordance with applicable laws and regulations, including the Personal Data Protection Act, regulatory requirements, and other legal provisions.
Any Personal Data we share with certain parties for the purpose of handling the Customer Complaint Service is done carefully, upholding the principles of transparency, security, and confidentiality of your Personal Data.
The parties that may be involved in processing your Personal Data for the handling of customer Complaint Services include:
To support the operational activities of the Complaint Service, we may appoint Third Parties to act as processors of your Personal Data, including: The disclosure of Personal Data to these third parties is limited, in accordance with the purpose of processing and based on cooperation agreements that require the third parties to maintain confidentiality, security, and compliance with Personal Data Protection provisions in accordance with applicable laws and regulations.
Under certain circumstances, Personal Data may be transferred without your consent, including for:
Your Personal Data may be stored and/or processed by parties that officially collaborate with Bank Mega, both within and outside the territory of the Republic of Indonesia, while ensuring the security, confidentiality, and integrity of your Personal Data.
If you choose not to provide the Personal Data required for the Complaint Service, we will be unable to process your request and/or provide certain services that require such Personal Data.
We are committed to respecting and addressing every request regarding the rights of Data Subjects in a transparent, proportionate manner, and in accordance with procedures set forth in our internal policies and applicable laws and regulations.
To submit a request regarding your rights as a Data Subject, you may contact MegaCall at 08041500010 or visit the nearest branch office.
We will consider each of your requests while taking into account all applicable laws and regulations as well as our legitimate interests.
We may refuse to fulfill your request if there are exceptions as provided for by law.
You are responsible for actively ensuring the accuracy of your Personal Data. You are required to notify Bank Mega and request that we correct, complete, and/or update your Personal Data. In the event of inaccuracies in the Personal Data you provide and after making reasonable efforts—we reserve the right to suspend the processing of any Complaint Service you have submitted to us.
You are also responsible for maintaining the confidentiality of your Personal Data—including information regarding your username, password, email address, and One-Time Password (OTP)—from anyone, and for always safeguarding and taking responsibility for the security of the devices you use.
Bank Mega will not sell, exchange, and/or disclose your Personal Data. In an effort to protect and secure your Personal Data from unauthorized processing by third parties, Bank Mega consistently strives to implement best practices in procedures and the use of electronic systems equipped with adequate security measures in accordance with the requirements of regulatory authorities and applicable laws and regulations, and Bank Mega will update these security measures from time to time.
In the event of unauthorized access to or illegal activities involving your Personal Data which are beyond our control, we will notify you as soon as possible so that you can mitigate the risks arising from such incidents.
The security of your Bank Mega account also depends on how you maintain the confidentiality of your account password, Personal Identification Number (PIN), and other access information. If you share your account information with others, they may gain access to your account and Personal Data.
Providing information over the internet carries security risks, which are also your responsibility.
We may amend, update, and/or add to some or all of the provisions in this privacy policy, in accordance with Bank Mega’s future business strategies and policies and/or changes in laws and regulations. If this privacy policy is amended, updated, or supplemented, we will notify you through Bank Mega’s official communication channels.
We encourage you to review this Privacy Policy periodically to ensure you are aware of any changes made to it.
References
The Personal Data Protection Law, Bank Indonesia Regulations (PBI), Financial Services Authority Regulations (POJK), and other applicable laws and regulations.