Legal Document

Privacy Policy

Effective 1 Juni 2025 · PT Alpine Solusi Andalan

Introduction

PT Alpine Solusi Andalan (“we”, “the Company”) operates the EasyWeb Indonesia https://easyweb.id. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our services.

By using EasyWeb Indonesia services, you agree to the practices described in this policy. If you disagree, please discontinue use of our services.

This policy applies to all users of the EasyWeb platform, including registered users (subscribers), website visitors, and business administrators.

Data We Collect

2.1 Account Information

When you register or use our services, we collect:

  • Identity information: full name, email address, phone number
  • Account credentials: password (stored as an encrypted hash — never in plain text)
  • OAuth data: if you register via a third-party login provider, we receive your profile ID, name, and avatar from that provider
  • Account status: email verification status, login history, and last activity timestamp

2.2 Payment & Billing Data

To process subscriptions and domain purchases, we collect:

  • Name, email, and phone number for billing
  • Full address (street, city, province, postal code, country) — required for domain registration
  • Payment method data is managed directly by Xendit (our payment provider); we do not store credit card details directly
  • Transaction history: invoice numbers, payment status, dates and amounts
  • Subscription data: active plan, start/end dates, renewal history

2.3 Domain Data

If you purchase or transfer a domain through EasyWeb:

  • Domain name and registration contact information as required by international domain registration regulations
  • Status and configuration of your domain

2.4 Website Project Data

When you build a website through our platform:

  • Project name, design content, and assets you upload
  • Business preferences and requirements you share with our team
  • Status and history of your website

2.5 Technical Data & Logs

We automatically collect:

  • IP address and device information for account security
  • Session logs: login time, device used, and token revocation status
  • Platform analytics data including pages visited, referral sources, and device type

2.6 Messaging Communications

If you interact with our team via a messaging platform:

  • Your phone number or messaging account identity
  • Message content and media you send

How We Use Data

We use the collected data to:

  • Provide services: create and manage accounts, build websites, register domains, and process payments
  • Communication: send verification emails, billing notifications, domain renewal reminders, and service updates
  • Security: detect suspicious activity, prevent unauthorized access, and protect your account
  • Service improvement: analyze usage patterns to improve platform performance and features
  • Customer support: respond to questions and assistance requests you submit to us
  • Legal compliance: fulfill legal obligations and regulations applicable in Indonesia

Each data processing activity is based on one of the following legal bases under Article 20 of Law No. 27/2022 on Personal Data Protection (UU PDP):

Processing PurposeLegal Basis
Providing services, processing payments, registering domainsContract performance (Article 20(b))
Verification emails, billing notifications, account securityLegitimate interest of the controller (Article 20(e))
Platform usage analytics, service improvementData subject consent (Article 20(a))
Tax and financial regulatory complianceLegal obligation of the controller (Article 20(c))
We do not sell, rent, or trade your personal data to third parties for marketing purposes.

Data Storage

Your data is stored in secure infrastructure using industry standards. Access to data is restricted to authorized personnel and systems that require it to deliver the service.

Data retention: Your account data is stored while the account is active. If you delete your account, data will be removed within 30 days, except data required to be retained by law (such as financial transaction records).

International data transfer (Articles 56–57 UU PDP): Some of your payment data is processed by a payment provider that may operate outside Indonesia. Such transfers are made only to parties that apply data protection standards equivalent to or higher than those required under Indonesian law, and solely for the purpose of processing your transactions.

Cookies & Session Tokens

We use cookies and session tokens for:

TypePurpose
Session cookie (httpOnly)Securely maintain your active login session
Authorization tokenVerify your identity when accessing the service
User preferencesSave your interface display and language preferences
Anonymous analyticsUnderstand aggregate platform usage patterns without personally identifying users

Our session cookies are configured with modern web security standards to prevent access by malicious scripts. You can delete cookies via your browser settings, but this will end your login session.

User Rights

As a user of our service, you have the following rights over your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Update inaccurate information via your account dashboard or by contacting us
  • Deletion: Request deletion of your account and associated data (within 30 days; some transaction data may be retained to meet legal obligations)
  • Portability: Request an export of your project data and website content in a machine-readable format
  • Objection: Object to data processing for specific purposes (e.g., marketing)
  • Restriction: Request restriction of data processing under certain conditions, such as when the accuracy of data is contested
  • Withdrawal of consent (Article 26 UU PDP): You may withdraw consent to data processing at any time by contacting us. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
  • Session revocation: Revoke access from specific devices or sessions via your account settings

To submit a request regarding your data, contact us at [email protected]. We will respond within 14 business days.

Right to lodge a complaint with the supervisory authority (Article 66 UU PDP): If you believe your privacy rights have been violated and the matter cannot be resolved through us, you have the right to lodge a complaint with the personal data protection supervisory authority in Indonesia, namely the National Cyber and Crypto Agency (BSSN) or the authority designated by the Ministry of Communication and Digital Affairs.

Data Security

We implement technical and organizational measures to protect your data:

  • Transit encryption: All communications use HTTPS/TLS
  • Password hashing: Passwords are stored as hashes using a strong algorithm — never in plain text
  • OAuth token encryption: OAuth access tokens from external providers are stored encrypted
  • Secure cookies: Session tokens use HttpOnly and Secure flags
  • Rate limiting: Request rate limiting to prevent brute-force attacks
  • Access monitoring: Detailed logs for every login attempt, including device and IP address

Data breach notification (Article 46 UU PDP): In the event of a breach, loss, or unauthorized access to your personal data, we commit to:

  • Notifying the data protection supervisory authority within 14 calendar days of becoming aware of the breach
  • Directly notifying you if the breach is likely to result in significant risk to your rights and freedoms, within a reasonable timeframe
  • Taking immediate mitigation steps to limit the impact of the breach
While we apply best-in-class security measures, no system is 100% secure. If you suspect a security breach, contact us immediately at [email protected].

Policy Changes

We may update this Privacy Policy from time to time. Significant changes will be communicated via:

  • Email to the address registered to your account
  • Notification in the EasyWeb platform dashboard
  • Update of the "Effective" date at the top of this page

Continued use of the service after changes take effect constitutes acceptance of the updated policy.

Contact Us

For questions, data-related requests, or privacy concerns, you may contact us via:

CompanyPT Alpine Solusi Andalan
Privacy Email[email protected]
WhatsApp+62 822-2190-0773
Websitehttps://easyweb.id
Logo

A subscription-based website service for businesses that want to look professional online, with practical, affordable solutions fully managed so you can focus on running your business.

  • WhatsApp Icon
  • Instagram Icon
  • Facebook Icon

© 2026 - 2031 PT Alpine Solusi Andalan. All rights reserved