Privacy Policy

This Privacy Policy explains how PT Granjaya Asia Investama collects, uses, protects, and manages personal data through its corporate website.

This Privacy Policy explains how PT Granjaya Asia Investama collects, uses, stores, protects, discloses, and otherwise processes personal data when you visit www.granjaya.id, submit an enquiry, subscribe to communications, or otherwise interact with our corporate website.

1. Scope of This Privacy Policy

This Privacy Policy applies to personal data processed through the public corporate website operated by PT Granjaya Asia Investama.

It applies to website visitors, individuals who contact us, newsletter subscribers, representatives of prospective or existing clients, business partners, vendors, and other persons who communicate with us through the website.

Separate privacy notices, agreements, onboarding documents, or platform terms may apply when you access a client portal, trading platform, account system, mobile application, third-party service, or other restricted service.

2. Personal Data We May Collect

The personal data we collect depends on how you interact with the website and the information you choose to provide.

Information provided directly by you

When you submit a contact form, subscribe to communications, send an email, call us, or otherwise contact us, we may collect:

  • your full name;
  • email address;
  • telephone or mobile number;
  • company or organisation name;
  • job title or professional role;
  • country, region, or location information;
  • the nature or category of your enquiry;
  • the content of your message or correspondence; and
  • any other information you voluntarily provide in connection with your enquiry.

Information collected automatically

When you visit the website, certain technical information may be collected automatically by the website, hosting provider, security provider, or other technology service providers, including:

  • Internet Protocol address;
  • browser type and version;
  • device type and operating system;
  • language and time-zone settings;
  • pages visited and referring pages;
  • date, time, and duration of access;
  • website interactions and navigation activity;
  • approximate location derived from technical information; and
  • security, diagnostic, and system log information.

Please do not submit passwords, trading instructions, account credentials, payment-card details, or other highly sensitive information through a general website contact form.

3. How We Collect Personal Data

We may collect personal data:

  • directly from you when you submit a form or contact us;
  • when you subscribe to newsletters or corporate communications;
  • through your interactions with the website and its technical infrastructure;
  • from authorised representatives, employers, clients, business partners, or service providers;
  • from publicly available sources where permitted by applicable law; and
  • through cookies or similar technologies where those technologies are used.

Where another person provides your personal data to us, we expect that person to have the appropriate authority or lawful basis to provide it.

4. Purposes of Processing

We may process personal data to:

  • receive, review, and respond to enquiries;
  • communicate with prospective clients, existing clients, business partners, vendors, and other stakeholders;
  • provide requested corporate, product, service, or technical information;
  • manage newsletter and communication subscriptions;
  • maintain records of correspondence and business communications;
  • evaluate potential business, commercial, or professional relationships;
  • operate, administer, maintain, and improve the website;
  • monitor website performance, functionality, availability, and security;
  • detect, prevent, and investigate misuse or security incidents;
  • comply with applicable legal, regulatory, audit, reporting, and record-keeping requirements;
  • establish, exercise, or defend legal claims; and
  • carry out other purposes communicated to you at the time the data is collected.

5. Legal Basis for Processing

Depending on the circumstances and applicable law, we may process personal data on one or more of the following grounds:

  • Consent: where you have given valid consent for a specified purpose, such as receiving optional communications.
  • Contractual necessity: where processing is necessary to take steps at your request before entering into an agreement or to perform an agreement.
  • Legal obligation: where processing is required to comply with applicable laws, regulations, lawful requests, or regulatory requirements.
  • Legitimate interests: where processing is reasonably necessary for legitimate business purposes and those interests are not overridden by your rights and interests.
  • Protection of vital interests or public interest: where applicable under relevant law.

Where processing is based on consent, you may withdraw your consent, subject to applicable law. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

6. Cookies and Similar Technologies

The website may use cookies, local storage, pixels, log files, or similar technologies to support essential website functions, remember preferences, maintain security, measure performance, or understand how visitors interact with the website.

These technologies may include:

  • Essential technologies required for website operation, security, navigation, and form functionality;
  • Preference technologies that remember language or display selections;
  • Analytics technologies used to understand website performance and visitor interaction, where enabled; and
  • Third-party technologies associated with embedded tools, external links, or website service providers.

You may control certain cookies through your browser settings. Disabling essential technologies may affect website functionality.

This section must be reviewed if analytics, advertising pixels, embedded videos, live chat, or other tracking tools are added to the website.

7. Newsletter and Marketing Communications

Where you subscribe to a newsletter or agree to receive optional communications, we may use your contact information to send corporate updates, service information, event notices, or other relevant communications.

You may unsubscribe at any time by using an unsubscribe mechanism included in the communication, where available, or by contacting us using the details provided in this Privacy Policy.

Operational, legal, security, account-related, or service-related communications may still be sent where they are necessary and permitted by applicable law.

8. Disclosure of Personal Data

We may disclose personal data only where reasonably necessary and permitted by applicable law, including to:

  • authorised directors, officers, employees, representatives, and affiliates;
  • website hosting, development, maintenance, cloud, email, security, analytics, and communication service providers;
  • professional advisers, including legal counsel, auditors, accountants, consultants, and insurers;
  • prospective or existing business partners where necessary for a legitimate business purpose;
  • regulators, government authorities, courts, law-enforcement bodies, or other authorised institutions;
  • parties involved in a corporate restructuring, merger, acquisition, financing, asset transfer, or similar transaction; and
  • other parties where you have authorised the disclosure or where the disclosure is otherwise permitted by law.

Service providers that process personal data on our behalf are expected to use it only for authorised purposes and to apply appropriate confidentiality and security measures.

9. Third-Party Websites and Platforms

The website may contain links to external websites, login portals, trading systems, social-media services, messaging applications, or other third-party platforms.

When you follow an external link, the third party may collect and process personal data under its own privacy policy and terms. This Privacy Policy does not govern independent third-party processing.

You should review the privacy information provided by the relevant third party before submitting personal data or using its services.

10. International Data Transfers

Some website infrastructure, hosting, cloud, communications, security, or technology service providers may process or store data in locations outside Indonesia.

Where personal data is transferred across national borders, we will take reasonable steps to ensure that the transfer is handled in accordance with applicable legal requirements and that appropriate safeguards are used where required.

11. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes for which it was collected, including to:

  • respond to and maintain records of enquiries;
  • manage business and professional relationships;
  • provide requested communications;
  • maintain website security and technical records;
  • comply with legal, regulatory, accounting, audit, and record-keeping requirements; and
  • establish, exercise, or defend legal claims.

Retention periods may vary depending on the type of data, the purpose of processing, the nature of the relationship, legal requirements, and the need to resolve disputes or enforce agreements.

When personal data is no longer required, we may delete, destroy, anonymise, or otherwise securely dispose of it, subject to applicable law and technical limitations.

12. Data Security

We take reasonable administrative, organisational, physical, and technical measures designed to protect personal data against unauthorised access, loss, misuse, alteration, disclosure, destruction, or other unlawful processing.

Such measures may include access controls, system monitoring, authentication measures, confidentiality requirements, security updates, backups, and the use of appropriate service providers.

No website, electronic transmission, or storage system can be guaranteed to be completely secure. You should use caution when submitting personal data online and must not send passwords or sensitive account information through general contact forms.

13. Personal Data Breaches

Where we become aware of a personal data breach, we may investigate, contain, document, and remediate the incident and take other actions required under applicable law.

Where legally required, affected individuals and relevant authorities may be notified in accordance with applicable requirements.

14. Your Rights

Subject to applicable law, verification requirements, and lawful limitations, you may have the right to:

  • obtain information about the processing of your personal data;
  • request access to your personal data;
  • request a copy of personal data relating to you;
  • request correction or completion of inaccurate or incomplete personal data;
  • request deletion or destruction of personal data where legally applicable;
  • withdraw consent where processing is based on consent;
  • object to or request restriction of certain processing;
  • request suspension or termination of certain processing where applicable;
  • submit a complaint concerning the processing of your personal data; and
  • exercise other rights available under applicable data-protection law.

To protect personal data, we may ask you to verify your identity and provide sufficient information to identify the relevant records before processing a request.

Certain requests may be limited or refused where permitted or required by law, including where disclosure would adversely affect the rights of another person, legal privilege, security, regulatory obligations, or the prevention and investigation of unlawful activity.

15. Children’s Personal Data

The corporate website is not intended for children and is not designed to knowingly collect personal data from children.

If you believe that a child has submitted personal data through the website without appropriate authorisation, please contact us so that the matter can be reviewed and appropriate action can be taken.

16. Automated Decision-Making

The general corporate website is not intended to make decisions that produce legal or similarly significant effects solely through automated processing.

Separate platforms or services may use different processes and may be governed by separate notices, disclosures, and contractual terms.

17. Accuracy of Personal Data

You are responsible for ensuring that personal data you submit through the website is accurate, complete, current, and lawfully provided.

Please contact us where information you have provided changes or requires correction.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our website, technology, business operations, data-processing practices, or legal and regulatory requirements.

The updated version will be published on this page together with a revised “Last Updated” date.

Where appropriate or legally required, we may provide additional notice of material changes.

19. Applicable Law

This Privacy Policy is intended to be interpreted consistently with applicable laws and regulations of the Republic of Indonesia, including applicable personal-data-protection and electronic-system requirements.

Where another privacy notice or written agreement applies to a specific account, platform, transaction, product, or service, that document may contain additional privacy provisions.

Contact Information

To ask a question about this Privacy Policy or submit a request concerning your personal data, please contact:

Company
PT Granjaya Asia Investama
Website
Email
Telephone
Country
Indonesia

Discover the Distinctive Advantages of Agile and Reliable Liquidity Solution

In the realm of liquidity provision, the emphasis on trust and reliability is paramount. A distinguished liquidity provider is bolstered by significant industry experience, innovative technology, and an uncompromising focus on client satisfaction to continuously refine trading processes and elevate performance to industry-leading standards.