Indonesian citizen. She does not have any affiliations with members of the Board of Commissioners, or members of the Board of Directors, nor with the main shareholders.
Eni Widiarti Soetarso has more than 20 years experiences in human resource management and service management. She joined with PT Bank Permata Tbk since 2003 as Program, Service & Customer Acquisition Senior Manager at Preferred Banking Head Office. Afterwards, in consecutively, she held the position as:
She graduated from Sekolah Tinggi Pariwisata (NHI), Bandung (1991-1994).
Privacy Notice
Personal Data Protection Information under Personal Data Protection Law In Indonesia
PT Bank Permata Tbk, a banking company which has been licensed and supervised by Financial Service Authority (the “Bank”, “we” and/or “us”) intends to provide you with quality services in order to meet your expectations, and the Bank realizes the importance of the protection of your personal data and compliance with Law No. 27 Year 2022 regarding Personal Data Protection and relevant laws and regulations.
As part of our commitment to protect your personal data transparently, the Bank has prepared this Personal Data Protection notice (“Privacy Notice”) to inform you, as the personal data subject, of personal data protection and your rights as the personal data subject rights who are:
of the protection of your personal data that the Bank receives or will receive from business operation and service provision of the Bank through branches, websites, telephones, electronic channels, applications, social media or other sources, in order to assure you that the Bank will take care of your personal information, and will obtain, collect, use or disclose your personal information only if the Bank deems it necessary, correct and appropriate, the legal basis for the Bank in processing your personal data and efforts to protect personal data. and to notify you of the personal data subject rights as stipulated in this Personal Data Protection Notice.
1. Personal data to be collected, used and disclosed.
Personal Data to be obtained, collected, used, and disclosed by Bank are as follows:
1.1 Data which can identify you as a personal data subject, whether directly or indirectly
1.2 Sensitive personal data that the Bank must obtain your consent before collection thereof, namely, information concerning biometric data (such as facial recognition, fingerprint recognition, iris recognition and voice recognition data), religion, criminal record, health data, disability or any other data as prescribed by the Personal Data Protection laws and Regulations.
The Bank will only collect personal data of children under the age of 18 (eighteen) years only if the child is a customer of the Bank, or if you provide your child's personal data and consent to its processing. In any processing we do related to a child's personal data, we assume that the child's guardian has done what is supposed to be done, including reading and understanding this Privacy Notice.
2. Purposes of collection, use and disclosure of your personal data
Bank will collect, use and disclose your personal data in accordance with the processing basis prescribed by the laws, namely:
for the following purposes:
2.1 communicating or providing information related to or in connection with the products or services of the Bank that you utilize or will utilize;
2.2 performing the Bank’s obligations as stated in your request/application or agreement made to the Bank, or in connection with such request/application or agreement, such as, sending and receiving of documents and debt collection, as well as compliance with an agreement made between the Bank and any other person which is necessary and related to services provided to you;
2.3 managing your relationship with the Bank, and preparing details or records of your utilization of services for providing further service to you;
2.4 managing the information of corporate customers or non-individual which may contain your personal data;
2.5 complying with relevant laws and regulations;
2.6 verifying and identifying your identity in accordance with the Know Your Customer procedures of the Bank, including verifying your information and auditing such verification in accordance with the procedures prescribed by the laws and the Bank;
2.7 taking any action as required or recommended by the supervisory authorities, such as actions to prevent vulnerable customers from certain restrictions or to prevent elderly customers from engaging in certain types of transactions, and actions for damage control;
2.8 managing and administrating the Bank's internal operations, such as, supervising, improving and auditing the Bank's internal operations;
2.9 managing or dealing with the risks, such as:
2.10 providing and offering products, services and their alternatives to you, which include public relations, communication, notification, offering or presenting privileges, benefits, rewards or information relating to products or services of the Bank, companies in the Bank's financial business group or business partners that may be of your interests; or organizing events and promotions, participating in the sweepstakes, or providing drawing prize for you;
The Bank will ask for your consent separately for additional or new product or service offering activities as listed above, for example when opening an account. You may also withdraw your consent to the processing of your personal data for the purposes of these offering activities at any time by contacting the Bank Contact as stated in this Privacy Notice.
2.11 examining the use of services or transactions/ activities effected in accordance with your or your counter party’s instructions;
2.12 administering services and managing complaints, such as examining transactions/activities resulting from the use of financial services, erroneously effected financial transaction, or transmitting of data within the Bank or between the Bank and any other party, or accommodating customer complaints, providing compensation, or using information to improve the work process on such matters;
2.13 making statistical analysis or research related to the business operation of the Bank and the companies in the Bank's financial business group or the Bank’s affiliates;
2.14 making adjustment to the Bank’s strategy, protecting benefit or evaluating the performance or services of the Bank;
2.15 evaluating, developing and improving the Bank’s products or services, or exercising the Bank's rights (such as making credit scoring model, behavior scoring, and market surveys), and disclosing information generated from such evaluation to you for your financial planning or utilization of other services of the Bank or to the companies within the Bank's financial business group or business partners;
2.16 organizing promotional projects or activities, meetings, seminars, recreation and workplace site visits as well as recording information or photographs for publication or advertisement, and performing and complying with applicable laws;
2.17 storing data in a cloud storage and in other systems used by the Bank;
2.18 performing the Bank’s obligations under terms and conditions specified in an agreement to which the Bank is a party or enforcing legal or contractual rights of the Bank;
2.19 connecting to or facilitating the access to website, applications and platforms of the Bank or any other person;
2.20 performing personal background check as necessary or relevant to the consideration on your qualification as required by laws and specified by the Bank;
2.21 acting as representative, performing its obligation, executing, or carrying out any action in relation to a course of business of the Bank; or
2.22 managing any matter related to securities holders or proxies, attorneys or members of provident/ pension fund as well as performing its obligations as a securities issuer, or a business operator in relation to or in connection with securities business, or a contracting party with a securities issuer, or a business operator in relation to or in connection with securities business.
The collection, use or disclosure of your personal data as aforesaid shall also include the sending or transferring of your personal data overseas that the Bank has proceeded in accordance with the said principles.
3. Persons or entities to whom the Bank may disclose your personal data
The Bank may be required to disclose your personal data to other persons or entities located in Indonesia or overseas in order to achieve the purposes stated in this Privacy Notice, namely:
3.1 The controlling shareholders of the Bank and affiliated parties of the Bank as published on the Bank’s website;
3.2 The Bank’s business partners, such as, business partners of the Bank relating to financial business, banking, service provision, investment, marketing, transportation, telecommunication, healthcare center, general insurance, life insurance, health (non-life) insurance or any person involved in any promotion or loyalty program or data analysis; or platform provider or person whose name or logo appears in an agreement with the Bank, or electronic card, website or any other service channels of the Bank;
3.3 Third Parties involved in the Bank’s provision of services, such as, those who act as intermediaries in banking transactions, settlement or payment service providers, the Bank’s service partners, outsource service providers, the Bank’s contractors or sellers of goods or services or the Bank’s agents both domestically and internationally, with whom the Bank has agreement or contract, e.g. infrastructure development service providers, internet service providers, telecommunication and communication service providers, technical infrastructure service providers, electronic system or information technology development service providers, logistics and warehousing service providers, cloud service providers, and research service providers, data analysis service providers, communication service providers, survey service providers, event and activities organizers, identity verification system service providers, Dip Chip service providers, identity verification service providers, credit rating agencies, courier service providers, producing of, and recording of data on, electronic cards service providers, the service providers who offers to sell the Bank's financial products or services and security and fraud prevention service providers;
3.4 Persons or authorities prescribed by laws. The Bank may be required to disclose your personal data in order to comply with laws, rules, regulations or orders of government agencies, regulatory authorities or where the Bank believes that any action is necessary for compliance with the laws for protection of the rights of the Bank or any other person, for the safety of any person, for prevention and investigation of, or dealing with fraud, or for security or safety in various aspects;
3.5 The Bank’s consultants, such as financial consultant, legal consultant, notary, technical consultant and auditor;
3.6 Assignees of rights, obligations or claims of the Bank, including those involved in corporate restructuring, business transfer, investment, merger and acquisition, purchase or sale of assets, shares, or business, in which case the persons involved in such actions will also comply with this Privacy Notice;
3.7 Other persons related to you, such as, owners of a joint saving or deposit account, joint debtors, trustees, beneficiaries, estate administrators, authorized persons, guarantors or any persons placing assets as security for your debt payment to the Bank, administrator or receiver;
3.8 Associations, organizations, clubs and agencies, such as, the National Bankers' Association, banks and financial institutions;
3.9 Websites and social media, such as, LinkedIn, Facebook, Google, or Instagram.
4. Storage and retention period of your personal data
4.1 Retention of your personal data. The Bank has established security measures for protection of your personal data, whether in document and electronic form, in order to prevent loss, unauthorized or unlawful access, use, alteration, correction or disclosure of personal data.
4.2 Retention period of your personal data. The Bank will collect your personal data for the purposes notified to you in this Privacy Notice as required by the laws and for a maximum of 10 (ten) years from the cessation date of your relationship with the Bank;
unless the Bank is otherwise justified by laws or such personal data are data that cannot be deleted or destroyed due to technical limitations.
5. Outbound transfer of your personal data
In case the Bank is required to send or transfer your personal data to a person overseas, such as, your counter party or the Bank's counter party, the Bank’s representative, the Bank’s overseas branches, the Bank’s affiliates, or international agency or organization, it must be noted that the recipient country may have inadequate standard for personal data protection as required by laws. The Bank will nevertheless provide appropriate measures to ensure that your personal data sent to such recipient is sufficiently secured.
6. The data collection through the Bank’s website and/or applications
The Bank will automatically collect certain information from your use of the Bank’s website and/or applications for the purposes stated in this Privacy Notice, for example, the information recorded or collected by cookies and similar technologies utilized by the Bank will be used for statistical analysis, other activities of the Bank’s website, and/or applications or the Bank's business so as to enable the Bank to enhance your experience when browsing the Bank’s website and/or applications, as well as improving the efficiency and quality of the Bank's website and/or applications services.
7. Rights of the personal data subject
Subject to the exception provided by the prevailing laws and regulations, your rights as the personal data subject are as follows:
7.1 Right to request access and obtain a copy of personal data
You have the right to request access to and obtain a copy of your personal data in the Bank's responsibility in accordance with the provisions of laws and regulations in a form that conforms to the structure and/or format commonly used or can be read by electronic systems.
7.2 Right to obtain or send or transfer personal data to another data controller
You have the right to obtain your personal data provided to the Bank with your consent, or collected by the Bank as may be necessary for the performance under the agreement or application made to the Bank or as prescribed by the relevant Personal Data Protection laws and regulations, where the Bank has made such personal data in a form readable or generally usable by means of automated tools or devices and such personal data can be used or disclosed by automated means. In addition, you also have the right to (1) request the Bank to send or transfer personal data in the said form to another data controller when it can be processed via automated means and (2) request to obtain personal data sent or transferred by the Bank in the above-mentioned form to another data controller unless it cannot be technically effected.
7.3 Right to object
You have the right to object to the Bank’s collection, use or disclosure of your personal data in the event that:
unless it is necessary to perform the Bank’s task for public interest.
7.4 Right to erase or destroy personal data
You have the right to request the Bank to erase, destroy or anonymize your personal data if:
7.5 Right to suspend the use of personal data
You have the right to suspend the use of your personal data in the event that:
7.6 Right to rectify personal data
You have the right to request the Bank to rectify your personal data so as to be accurate, up-to-date, complete and not misleading.
7.7 Right to withdraw consent
You have the right to withdraw your consent given to the Bank for the collection, use and disclosure of your personal data at any time.
7.8 Right to give notice of revocation of consent
You have the right to revoke your consent for the collection of personal data already collected by the Bank before Law No. 27 Year 2022 regarding Personal Data Protection came into effect by giving a notice of revocation of consent to a main branch or unit of the Bank from which you utilize or used to utilize the Bank’s services.
7.9 Right to lodge a complaint
You have the right to lodge a complaint to any competent agency or any entity with legal authority in the event that the Bank or its data processor, including employees or contractors of the Bank violate or do not comply with laws on personal data protection.
If you wish to exercise any rights under Clauses 7.1 to 7.7 set forth above, you can submit a request to the Bank through any branch of the Bank or through any other channel prescribed by the Bank. Once the Bank receives your request, the Bank will consider your request in accordance with the rules and regulations prescribed by the laws, comply with your request, and notify you of the result of the consideration and action taken within 30 (thirty) calendar days from the date of receipt of the request and all the supporting documents.
If you exercise any right of personal data subject, you may not be able to utilize certain services of the Bank while the Bank is in the process of considering or complying with your request.
The Bank will not charge a fee for exercising the said right, unless the Bank deems that your request is excessive or unreasonable. The Bank may charge a fee for compliance with your request at the rate announced by the Bank.
Provided that you may request to exercise your rights as from the date Law No. 27 Year 2022 regarding Personal Data Protection comes into effect.
8. Amendment to this Privacy Notice
The Bank may amend this Privacy Notice from time to time as it deems appropriate and the Bank will notify you of such amendment through the Bank's branches, websites and applications. The Bank recommends that you read and check the details of Privacy Notice every time any such amendment is made.
9. Contact Information
If you wish to contact or would like to receive more information or explanations on the collection, use and disclosure of your personal data, as well as the exercise of rights of the personal data subject specified in this Privacy Notice, please contact a main branch or unit of the Bank from which you utilize or used to utilize the Bank’s service.
Furthermore, you can contact Data Protection Office at email address dpo@permatabank.co.id.
Updated October 2024
Terms of Use
The use and content of this website are provided for your convenience. The information presented in this website is provided for you, without any kind of guarantee, either written or implied, included but not limited to the guarantee on tradeworthy goods and/or services, the compatibility for any purpose, promotion for a product without violating any rule.
This website may contain technical guidance that is inaccurate and typographical errors. Permata Bank reserves the right to correct and/or modify the information in this website at any time and by any methods, without prior notice.
Permata Bank is not responsible or liable for any material and non-material loss, which may be suffered by anyone or any party, as directly or indirectly resulted from the use of the information contained in this website, either in part or in entirety.
For your convenience, Permata Bank can also provide some links to other sites in the Internet, which are owned and/or operated by any party. Please note that those sites are not under Permata Bank control, and therefore, Permata Bank is not responsible for the content of such websites.