Updated on July 2022
A. Obtainment and Collection of Users’ Personal Data
Bridestory collects Users’ Personal Data for the purpose of processing User transactions, managing and ease the process of using the Site, and for other purposes insofar as permissible under the applicable laws and regulations. The collected Users’ Personal Data are as follows:
- Data provided independently by the User, including but not limited to the data provided at the time the User:
- Creates or updates the Bridestory account:
- For Buyers, including among others username, partner’s name, e-mail address, telephone number, password, photos, domicile, wedding date, wedding location, and other identifiable information of the Buyer.
- For Sellers, including among others username, business name, email address, telephone number, password, photos (profile picture, portfolio, and products), address, business location, social media, website, price list and data used for the purpose of Know Your Customer, namely: Bank account, Identification Card (KTP), Taxpayer Registration Number (NPWP), Deed of the establishment of the company, Taxable Entrepreneur Statement Leatter (SPPKP), Tax Registration Certificate (SKT), Non-Taxable Entrepreneur Statement, Business Identification Number (NIB), Company Registration Certificate (TDP), Business License (SIUP), Power of Attorney, Account Authorization Letter, obtained when contacting Bridestory including through customer service;
- Fills out a survey sent by Bridestory or other parties officially appointed to represent Bridestory;
- Interacts with other Users through messaging feature, review, rating, quotation submission, Resolution Center (as defined in the Terms and Conditions) and interactive features (whether one or two-way) available on the Site;
- Uses the services on the Site, including detailed transaction data, among others the type, number and/or description of products or services being purchased, date of services, payment channel being used, number of transactions, date and time of the transaction, as well as other transaction details;
- Fills in payment data at the time the User conducts a payment transaction activity through the Site, including but not limited to bank account data, credit card, virtual account, instant payment, internet banking, retail stores; and/or
- Uses features on the Site which require access permission to the relevant data stored in the User’s device.
- Creates or updates the Bridestory account:
- Data stored at the time the User uses the Site, including but not limited to:
- Real or approximate location data such as IP address, Wi-Fi location and geo-location;
- Data of the time of every user activity in relation to the use of the Site, including the time of registration, login and transaction;
- User usage or preference data, such as others User interactions in using the Site, saved selection and selected setting. The data is obtained using cookies, pixel tags and similar technologies that create and maintain a unique identifier;
- Device data, such as the device type used to access the Site, including the hardware model, operating system and its version, software, language selection, unique device identifier, advertising identifier, serial number, device movement information, and/or cellular network information; and/or
- Log data, such as logs on the server receiving the data such as device IP address, access date and time, application features or pages viewed, application work process and other system activities, browser type, and/or third party sites or services used by the User before interacting with the Site.
- Data obtained from other sources, including but not limited to:
- Data in the form of geo-location (GPS) from Bridestory’s business partners that help Bridestory in developing and offering services on the Site to Users, among other payment service providers, site infrastructure partners and other partners;
- Data of email, telephone number, name, gender, and/or date of birth of Bridestory’s business partners where the User creates or accesses the Bridestory account, such as social media services, or sites/applications that use the application programming interface (API) of Bridestory or those used by Bridestory;
- Data from financial service providers, including but not limited to credit rating agencies or bureaus or Credit Information Management Institutions (Lembaga Pengelola Informasi Perkreditan or LPIP);
- Data from financial service providers (if the User uses specific features such as applying for a loan through Bridestory Site/Application); and/or
- Data of email from marketing service providers.
B. Use of Users’ Personal Data
Bridestory may use the Personal Data that obtained and collected from users as mentioned in the previous section for the following purposes:
- Processing of all forms of requests, activities and transactions made by Users through the Site.
- Provision of features to provide, create, maintain and improve our products and services, including:
- to offer, obtain, provide, or facilitate marketplace services such as home page, browsing, search, Bridestory Ads, product recommendations, financing, loans, or other products through the Site;
- to enable features to personalize the User account, such as Homepage and Favorite Vendor; and/or
- to carry out internal activities necessary to provide services on Bridestory site/application, such as solving software issues, bug, operational issues, conducting data analysis, testing, and research, and to monitor and analyze usage trends and activities.
- Assisting Users when communicating with Bridestory Customer Service, including to:
- check and resolve Users’ problems;
- direct Users’ questions to the appropriate customer service officer in order to resolve the problem;
- monitor and improve Bridestory’s customer service responses;
- contact Users by email, letter, telephone, facsimile and other communication methods, including but not limited to assisting and/or completing transaction process or problem resolution process, and to deliver news or other notifications in relation to the protection of Users’ Personal Data by Bridestory, including the failure to protect Users’ Personal Data;
- use information obtained from Users for the purpose of research, analysis, development and testing of products in order to improve the security of the services on the Site, as well as develop new features and products; and
- inform Users regarding to products, services, promotion, studies, survey, news, latest update, events and other information, either through the Site or through other media. Bridestory may also use such information to promote and process contests and sweepstakes, award prizes, and serve relevant ads and contents regarding Bridestory services and its business partners.
- Monitoring and investigating suspicious transactions or transactions indicated to contain elements of fraud or violation of the Terms and Conditions or applicable legal provisions, as well as taking the necessary actions as a follow-up to the results of the monitoring or investigation of such transactions.
- In certain event, Bridestory may be required to use or disclose Users’ Personal Data for the purpose of law enforcement or to fulfill the requirement and obligation under the applicable laws and regulations, including in the event of a dispute or proceeding between a User and Bridestory, or alleged criminal offence such as fraud or data theft.
- Facilitating transactions of merger, sales of company’s assets, consolidation or restructuring, financing or acquisition involving Bridestory.
- Displaying seller data such as price list, email, telephone, social media, website, address and location on the site.
C. Disclosure and Transfer of Users’ Personal Data
- Bridestory is committed to keep the confidentiality of Users’ Personal Data which is under Bridestory's control and warrants that there is no disclosure, sale, transfer, distribution and/or borrowing of Users’ Personal Data to other third parties, without the consent of the User, except in the following cases:
- Bridestory may disclose Users’ Personal Data, in this case the name and email address to related vendors, if Users perform the following actions: send messages to vendors, save vendors, and view email addresses, phone numbers or other communication applications of vendors (line, whatsapp, messenger, etc.).
- It is necessary to disclose the User’s Personal Data to partners or other third parties assisting Bridestory in providing services that are available or services that will later be available on the Site and in processing all forms of the User’s activities on the Site, including processing transactions, verification of payments, and promotions.
- Bridestory may provide Users’ Personal Data to business partners in accordance with the User’s consent to use the business partner’s services, including among others other applications or sites that have integrated their APIs or services with each other, or business partners that have cooperated with Bridestory to organize promotions, competitions, or special services available on the Site.
- Bridestory may provide Users’ Personal Data to vendors, consultants, marketing partners, research firms/agencies, or similar service providers for the purpose of marketing activities conducted by third parties, improvement and maintenance of the quality of Bridestory services, as well as other publication activities.
- Users shall contact Bridestory through public media such as blog, social media, and certain features on the Site, where the communication between Users and Bridestory can be viewed and known by the public.
- Bridestory may share Users’ Personal Data to its subsidiary and affiliate to assist the provision of services or conduct data processing for and on behalf of Bridestory.
- Bridestory discloses Users’ Personal Data in an effort to comply with legal obligations and/or official request from law enforcement or authorized state agencies.
- Cookies mean small files that will automatically take place on the User's device which performs the function of storing User preferences and configurations while visiting a site.
- Cookies are not intended to be used when accessing other data that the User has on the User's computer device, other than what the User has agreed to submit.
- Although the User’s computer device will automatically accept cookies, the User may choose to make modifications through the User’s browser setting, namely by choosing to reject cookies (this option may hinder the optimal availability of Bridestory services when the User accesses the Site).
- Bridestory is using Google Analytics Demographics and Interest features. Data obtained by Bridestory from such features, such as age, gender, User’s interest and other User identifiable information, will be used by Bridestory for the development of features, facilities and/or contents available on Bridestory Site. If the User does not wish for Google Analytics to track the User’s data, the User may use Add-On Google Analytics Opt-Out Browser.
- Bridestory may use the features provided by third parties for the purpose of improving Bridestory services and contents, including among others the assessment, adjustment and serving of advertisements to every User based on their interest or visit history. If the User does not wish for any advertisement to be displayed based on such adjustment, the User may set it via browser.
E. User Selection and Transparency
- Mobile devices in general (iOS and Android) have settings so that the Bridestory application cannot access certain data without the consent of the User. The iOS device will notify the User when the Bridestory application first requests access to the data, while the Android device will notify the User when the Bridestory application is first installed. By using the application and providing access to the application, the User is deemed to have given their consent to the collection and use of the User’s Personal Data on their device.
- Buyers (as defined in the Terms and Conditions) have the opportunity to rate and review Sellers. This information may be publicly viewable with the User’s consent.
- Users may access and modify information such as of email address, telephone number, wedding details for Buyers. For sellers: telephone number, bank account, location, business address, social media, website and price list.
- Users may opt-out from information or notifications such as of newsletters, business reports, activities (reviews, tagged projects, subscription info), private messages, or private messages from Admin sent by Bridestory through the settings feature on the Site. Bridestory may still send messages or emails in the form of transaction information or information related to the User’s account.
- Insofar not in contradiction with the provisions of the applicable laws and regulations, the User may contact Bridestory to withdraw the consent for the obtainment, collection, storage, management and use of the User’s data. In such events, the User understands the consequence that the User may no longer use the services of the Site and other Bridestory services.
F. Security, Storage and Removal of Users’ Personal Data
- Bridestory protects every User’s Personal Data stored in its system, and protects such data from any unauthorized access, use, modification, collection and/or disclosure by using a number of security measures and procedures, including password and OTP (One Time Password) code of the User.
- Even though Bridestory has used its best effort to secure and protect Users’ Personal Data, it should be noted that data transmission over the Internet is never fully secured. Therefore, Bridestory is unable to guarantee 100% the security of the data provided or transmitted to Bridestory by the User and the provision of information by the User shall be at the User’s own risk.
- Bridestory shall delete and/or anonymize Users’ Personal Data that is under Bridestory’s control in the event (i) Users’ Personal Data is no longer required to fulfill the purpose of its collection; and (ii) retention is no longer required for the purpose of compliance with the applicable laws and regulations.
- Please attention, that there remains a possibility that some Personal Data of the User is stored by other parties, including the authorized state agencies. In the event that we share the User’s Personal Data with the authorized state agencies and/or other agencies that may be appointed by the authorized government or having cooperation with Bridestory, the User agrees and acknowledges that the retention of the User’s Personal Data by such agency will follow the data retention policy of each agency.
G. Access and Correction of Users’ Personal Data or Consent Withdrawal
- Bridestory shall take reasonable measures to ensure that the User’s Personal Data is processed accurately and completely. However, it is important for the User to promptly notify Bridestory of any change in the User’s Personal Data or in the event of any inaccuracy of the User’s Personal Data that is under Bridestory’s control.
- Bridestory may charge administration fees to the User to handle the User’s request for access or correction of the User’s Personal Data.
H. Complaints related to Protection of Users’ Personal Data
- Bridestory shall investigate the User’s complaint and attempt to provide a response to such complaint within a reasonable period of time after receiving the complaint submitted by the User.
I. Contact Us
Bridestory will retain information so long as the User’s account remains active and may conducting deletion in accordance with the provisions of the applicable legal regulations.