Global Indonesia Professionals’ Association Privacy Policy

Background

Established in 2019, Global Indonesia Professionals’ Association, hereinafter referred to as GIPA, is a non-profit professional organization that is based in Indonesia. GIPA links together overseas Indonesian Professional Hubs across the world, hereinafter referred to as Hubs. Our partner Hubs as of 17th June 2020 include:
  • UK region – Young Indonesian Professionals’ Association (YIPA),
  • US region – Indonesian Professionals Association (IPA).

Hubs refer to associations or organizations that represent Indonesian Professionals Communities in your area/region (for example; Indonesian Professionals Association "IPA" in the US, HK; or Young Indonesian Professionals Association "YIPA" in the UK).

Purpose of this document

This document is a privacy policy document that explains how GIPA uses the personal data that we collect about you when you use our website, service and/or complete our surveys. This is a living document that would be updated over time.

Topics

  • What data do we collect?
  • Being a Friend of GIPA.
  • How do we collect your data?
  • How will we use your data?
  • How do we store your data?
  • Marketing.
  • What are your data protection rights?
  • Children’s Privacy.
  • What are cookies?
  • Privacy policies of other websites.
  • Changes to our privacy policy.
  • How to contact us.
  • How to contact the appropriate authorities.

What data do we collect?

GIPA collects the following personal data where applicable:
  1. Full name,
  2. Email Address,
  3. Phone Number,
  4. Job Title,
  5. Company,
  6. Present Country of Residence,
  7. Present City of Residence,
  8. Professional Level,
  9. Prior overseas experience (beyond Indonesia).

Being a Friend of GIPA

GIPA aims to promote the formation of new Hubs and the flourishing of existing Hubs. You will be able to opt-in to either be a GIPA Friend (Indonesia) or GIPA Friend (Overseas) when you become a member of our partner Hubs. If you are a member of a Hub which is not a partner with us yet, we will actively seek out partnership with your Hub and then you will be given an option to be a GIPA Friend. If there is no existing Hub in your region, please get in touch with us, where we would try to connect you with other professionals to build a Hub in your region.
If you are an external stakeholder that has collaborated with us on our events, you will be able to opt-in directly to become a GIPA Friend (Stakeholder).
If you are a member of the media that have collaborated with us on our events, you will be able to opt-in directly to become a GIPA Friend (Media).

How do we collect your data?

For General Audience, GIPA Friend (Indonesia) and GIPA Friend (Overseas) You directly provide GIPA with most of the data we collect. We collect and process data when you:
  • Create an online account with us,
  • Place an order for any of our products or services,
  • Voluntarily complete a survey or provide feedback on any of our message boards or via email,
  • Register for our online events (for eg. Global Connect Series through Eventbrite).
GIPA may also receive your data indirectly from the following sources if you have given your consent:
  • Our partner Hubs,
  • Other institutional partners.
For GIPA Friend (Stakeholder) and GIPA Friend (Media) The data that we have about you is the data that you have given us consent to collect and store when we have reached out to you. We hereby acknowledge that the consent about personal data storing and processing is independent of your agreement to at least one of the following:
  • Speak in our events,
  • Cover our events,
  • Partner with our events.
Therefore, we can assure you that we have not stored or processed data that you have not given us consent for.

How will we use your data?

GIPA collects your data so that we can:
  • Create products and services which would:
    • promote the formation of new Hub,
    • strengthen our existing Hub,
    • offer actionable insights to our institutional partners to better serve you and our community.
  • Notify any changes to our product and services
  • Improve our product and services
  • Detect and address any technical issues
  • Email you with special offers on other products and services we think you might like unless you have opted not to receive such information
If you agree, GIPA will also share your data with all our partner Hubs and institutions so that they may offer you their products and services which they think you might like. We can assure you that GIPA will actively ensure that our partner Hubs and institutions uphold the highest standard of privacy protection in the form of GDPR compliance by asking them about their GDPR compliance practice in writing and/or appointing a separate entity to do an independent audit of our partner Hubs and institutions for GDPR compliance.
When GIPA processes your order for our products and services, it may send your data to, and also use the resulting information from, credit reference agencies (or any other relevant authorities) to prevent fraudulent purchases whenever this is relevant.

How do we store your data?

GIPA continuously strives to achieve the highest standard of data protection protocol. We do so by storing your personal data in Google’s server network via Google Drive (cloud-based storage). The use of Google Drive also allows us to benefit from the strong security protocol that Google has put in place to protect the privacy of the files that we store in the platform. In the unlikely event of a data breach, we will inform the Information Commissioner's Office (ICO) and the relevant parties within 72 hours of the data breach being detected.
GIPA will keep your personal data for 1 year. Prior to the expiry time period, we will provide you with the option to retain and/or update your records with us for data storage and processing purposes. Unless you renew your consent to GIPA, we will automatically delete your personal data from our database once the 1-year time period has expired.

How do we transfer your data?

GIPA may transfer and maintain your personal data to computers located outside of your state, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
Your consent to this Privacy Policy followed by your submission of such personal data represents your agreement to that transfer.
GIPA will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your personal data will take place to an organisation or a country unless there are adequate controls in place including the security of your data.

Legal basis for processing data

Under the EU General Data Protection Act (GDPR), GIPA has a legal basis for collecting and processing personal data, depending on the context and specific purpose of processing the data. GIPA may process your personal data under:
  1. Consent - You must provide clear consent to GIPA for processing your personal data
  2. Contractual Obligations - GIPA needs to perform a contract with you
  3. Legitimate Interest - The processing of your personal data is in our legitimate interest, without overriding your fundamental individual rights
  4. Public Task - The processing of your personal data is in the public interest

Marketing

GIPA would like to send you information about products and services of ours that we think you might like, as well as those of our partner Hubs and institutions.
If you have agreed to receive marketing, you may always opt out at a later date via verbal and/or written communication with our Council and/or Management Team.
You have the right to stop GIPA from contacting you for marketing purposes or giving data to other members of our partner Hubs and institutions.

What are your data protection rights?

GIPA would like to make sure that you are fully aware of all your data protection rights. Every user is entitled to the following:
  1. The right to access – You have the right to request GIPA for copies of your personal data.
  2. The right to rectification – You have the right to request that GIPA correct any information you believe is inaccurate. You also have the right to request GIPA to complete information you believe is incomplete.
  3. The right to erasure – You have the right to request GIPA to erase your personal data under certain conditions.
  4. The right to restrict processing – You have the right to request that GIPA restrict the processing of your personal data under certain conditions.
  5. The right to object to processing – You have the right to object to GIPA’s processing of your personal data under certain conditions.
  6. The right to data portability – You have the right to request that GIPA transfer the data that we have collected about you to another organization, or directly to you, under certain conditions.
  7. The right to withdraw consent – You have the right to withdraw consent at any time when processing your data. The withdrawal of consent does not affect the lawfulness of processing your personal data prior to the withdrawal.
If you would like to exercise any of your data protection rights above, please contact us at:
If you make a request to exercise any of your rights above, we have 30 days to respond to you. We may also request a small administration fee when fulfilling your request under certain conditions.

Children’s Privacy

A child is defined as someone younger than 18 years old. Article 8 of the GDPR states anyone above the age of 16 is able to exercise its right to provide personal data without parental or guardian consent.


Different member states across the EU have different age minimums for providing consent in supplying a child’s personal data. For example, according to the Data Protection Act in the UK, if you are between 13-18 years old, you are qualified to give your own consent to GIPA to process your personal data so that GIPA could deliver the most relevant content for you (refer to the use of personal data elaborated above). We can assure you that our data processing is fair, complies with data protection principles and is designed with the scenario that we may process a child’s personal data.


If you are younger than 13 years old, you would need your legal guardian to act on your behalf to provide your consent to GIPA. Unfortunately, at the moment of writing, GIPA’s activities are not catered to anyone younger than 13 years old. Hence, we would not encourage you to provide your personal data to us because we may not produce content that is relevant for your age group.

What are cookies?

Cookies are text files that are placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our website, we do not collect cookies or similar information from your computer. For further information, visit allaboutcookies.org.

Privacy policies of websites of our partner Hubs and institutions

GIPA’s website contains links to the websites of our partner Hubs and institutions. Our privacy policy only applies to our website, so if you click on a link to the website of our partner Hubs and/or institutions, we strongly advise you to read their privacy policies.

Changes to our privacy policy

GIPA keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 17th June 2020 (also shown in the header of each page of this document).


We will notify you of any changes by posting the new and updated Privacy Policy on the web page and let you know 14 days in advance prior to the change becoming effective via email.

How to contact us?

If you have any questions about GIPA’s privacy policy, the data we hold on you, or you would like to exercise any of your data protection rights, please do not hesitate to contact us at:

How to contact the appropriate authority

Should you wish to report a complaint or if you feel that GIPA has not addressed your concern in a satisfactory manner, you may contact the ICO at:

Keep in touch

Don't be a stranger and stay tuned for our upcoming activities