Privacy policy of “Maxim Online Transportation” services

This policy governs the collection and processing of personal and other confidential data of natural persons via automation through the internet and adopted by "Maxim Online Transportation" services:

 

General provisions

1. For the purpose of this agreement, the following terms shall mean:

1.1. Personal data: Any information directly or indirectly related to a certain person (personal data subject).

1.2. Maxim: it refers to PT Teknologi Perdana Indonesia operating under the name "Maxim Online Transportation" services, its affiliates, partners, subsidiaries, employees, and other corporate entities related to PT Teknologi Perdana Indonesia.

1.3. Specialist: a person who independently organizes or executes the processing of the personal data, also states the goal of such processing and determines the combination of data to be processed and the activities executable on such data.

1.4. Website: a complex of computer software and other existing data in the information system that can be accessed through the internet by the inputting of domain names and/or network addresses. The website address is: https://taximaxim.com, https://id.taximaxim.com, https://client.taximaxim.com. Maxim uses these webistes to provide services to the applicants.

1.5. Services: The services is information provided to the applicant by Maxim in order for the applicant’s order to be accepted, processed and transmitted to the Partners and the execution of such order be communicated back to the applicant.

1.6. Applicant: A natural person who has ordered services of Maxim via the website, mobile application or calling and has provided his/her personal data for this purpose.

1.7. Partner: A person and or legal entity who independently and with his/her own means provide transportation services by car, cargo delivery services or other services to the applicant. Maxim is not a transportation company and as such does not provide transportation services.

1.8. Order: A request by the applicant for obtaining services from the Partners.

1.9. Processing of personal data: any activity or activities done on personal data, with or without automation, including collection, recording, systematizing, saving, storing, organizing (updating, correcting) abstracting, using, communicating (distributing, providing, accessing), making un-private, blocking, deleting and eliminating personal data.

1.10. Automatic processing of personal data: processing personal data by computer devices.

1.11. Providing personal data: activities in order to obtain the personal data of one person or a group.

1.12. Blocking personal data: temporary halt in processing of personal data (excluding instances when processing is necessary to identify personal data)

1.13. Eliminating personal data: activities that result in making the existing personal data unrecoverable and/or result in eliminating the personal data containers.

1.14. The personal data information system: the totality of personal data in the database and information technologies and technical instruments that make their processing possible.

1.15. Cookies: a complex of data sent by the website that is stored on the computer, mobile or other devices that the applicant uses to access the website and is used to store information about the applicant’s activities on the site.

1.16. Device ID: unique information that identifies the applicant’s device and is provided by the device itself or the mobile application.

2. When making order via the website, mobile application or call Maxim the applicant agrees to this policy, including his agreement to the processing of his personal data by Maxim in the instances when applicable laws require such agreement.

 

Personal data

3. In the processing of personal data, the applicant is entitled to:

3.1. Receive the information about the processing of his personal data, including:

3.1.1. Confirmation of the processing of personal data

3.1.2. Legal basis and the goal of the processing of personal data

3.1.3. The methods and goals used for the processing of personal data

3.1.4. Information about the title and location of the person processing the personal data, information about persons (other than the Maxim employees) who have access to the personal data or about persons to whom the personal data can be disclosed, by virtue of other agreements or applicable laws.

3.1.5. Persons to whom the personal data can be disclosed, by virtue of other agreements or applicable laws.

3.1.6. The processed personal data and its obtaining source should there be no other mechanism in the applicable law for providing them.

3.1.7. The duration of the processing of personal data and the duration of its storage

3.1.8. Knowledge of his/her rights and methods of enforcing them according to the applicable laws

3.1.9. Information about transmitting those data over the borders and the instances for doing so.

3.1.10. Last and first name, the name of the father and the address of the person who is in charge of the processing, if there is or there will be such a person.

3.1.11. Other information required by law

3.2. Require Maxim to complete, block or eliminate the data, if they are incomplete, imprecise, obtained by illegal means or unnecessary for stated goals of the processing and also do the necessary activities required by law to protect his/her rights.

3.3. Suing Maxim for commission or omission in court with jurisdiction regarding personal privacy and personal data, should the applicant think that Maxim in the processing of his/her personal data has breached the legal bounds or has prejudiced his/her personal rights and freedom in any other way.

3.4. Protecting his rights, including compensation even for moral damages through courts.

4. In the processing of the personal data, the “service” undertakes to:

4.1. Provide the following information upon the request of the applicant:

4.1.1. Confirmation of the processing of personal data

4.1.2. Legal basis and the goal of the processing of personal data

4.1.3. The methods and goals used for the processing of personal data

4.1.4. Name and the address of its headquarters, information about persons (other than employees) that have access to personal data or persons to whom the personal data may be disclosed due to contract or federal legislation.

4.1.5. The processed personal data and their obtaining source, should there be no other mechanism in the applicable law for providing them.

4.1.6. The duration of the processing of personal data and the duration of their storage

4.1.7. Knowledge of his rights and methods of enforcing them according to the applicable laws

4.1.8. Information about transmitting those data over the borders and the instances for doing so.

4.1.9.Last and first name, the name of the father and the address of the person who is in charge of the processing, if there is or there will be such a person.

4.1.10. Other information required by law

4.2. Implement measures to prevent unauthorized access to the applicant’s personal data.

4.3. Publish or give access in an unlimited manner to a document that reflects the policy of processing the personal data; also giving access to information regarding the execution of privacy policy in processing personal data.

5. The goal of the agreement between the applicant and the “service” is to collect and process the applicant’s personal data.

6. The applicant’s personal data is stored in electronic containers and is processed by automated systems for processing personal data.

7. Maxim collects and processes the following personal data:

7.1. First name, last name, and the father’s name.

7.2. Date of birth

7.3. The registered phone number

7.4. Residence Address

7.5. E-mail address

8. The applicant may provide the following information to Maxim at his own discretion. Also, he can edit or delete them at his own discretion:

8.1. First and last name, father’s name

8.2. Date of birth

8.3. Residence address

8.4. Email address

9. In the following instances the applicant’s personal data will be eliminated by the service:

9.1. After 5 years after completion of providing services

9.2. If the applicant retracts its agreement to processing his personal data.

10. The elimination of the personal data will be done in such a way as to be unrecoverable.

11. Only those who have a direct relation to providing services have access to the personal data. Maxim may not disclose the applicant’s personal data. Also, it does not grant access to the third parties except, for instances, when the applicable laws require such disclosure to governmental authorities.

12. Maxim employs the following measures to prevent unauthorized access to the applicant’s personal data.

12.1. Employs staff in charge of organizing the processing of the personal data.

12.2. Implement organizational and technical measures to ensure the security of applicant’s personal data. Such measures are:

12.2.1. Identify the security threats in the system while processing the personal data.

12.2.2. Employ a security system for premises that contain the information systems in a way to prevent unauthorized persons from entering said premises.

12.2.3. Provide for storage of personal data containers.

12.2.4. Confirms the list of persons who have access to personal data by virtue of their jobs.

12.2.5. Uses the necessary means to protect the personal data from unauthorized access.

12.2.6. Evaluates the employed measures.

12.2.7. Makes the detection of unauthorized access to personal data possible.

12.2.8. Recovers the data that has been deleted or corrupted due to unauthorized access (if such recovery is possible).

12.2.9. Regulates the access to personal data in the system after their processing.

12.2.10. Control the measures employed for securing the personal data and the level of security of information systems.

13. The applicant may request Maxim to complete, block or eliminate (delete) the personal data. This request should be sent with contacting support via his/her account (Menu – Support) in the application or by sending the request to Maxim in the written form via e-mails or registered mails to the addresses provided on Maxim website. This request on complete, block or eliminate of the personal data shall be completed in 30 business days since receiving of such requests or notices by the Maxim.

 

Geographical location information

14. Maxim obtains the geographical location of the applicant via the mobile application. This information is only transmitted to Maxim while using the mobile application. The applicant may prevent such transmitting at his/her own discretion through the settings in his/her device.

15. In order to execute the request, Maxim may share the applicant’s geographical location information to the partners who have accepted the order in order to execute it.

 

Payment information

16. For purpose of receiving services provided by the partners, the applicant can link a bank card to its Personal account to pay without cash and through bank cards. This is done independently by the applicant on the mobile application and by filling the following information:

16.1. Bank card number

16.2. Bank card validation duration

16.3. CVV2

17. Payments without cash via bank cards are done in accordance with regulations of international payment systems, Bank Indonesia and Financial Services Authority of Indonesia (Otoritas Jasa Keuangan) according to the principles of respecting privacy and the security of payment. The security of applicant’s information is ensured by payment card industry data security standard and nobody, not even Maxim can receive them. Filling the bank card information is done on the protected payment page of the supporting bank that facilitates such payment.

 

Cookies

18. Maxim may use the following cookie files:

18.1. Very necessary cookie files. These cookies are needed to transmit and use the requested services on the website. These cookies are used when registering the applicant and entering the system. Without them, the services requested by the applicant will be unavailable. These cookies are principle files and can be either transient or persistent. Without them, the site won’t work properly.

18.2. Exploitation cookies. These cookies will collect data about website usage statistics. They don’t collect the applicant’s personal data. All data collected by them are statistical and unidentifiable. The goal of using them is to:

18.2.1. Obtain the site usage statistics.

18.2.2. Evaluating the effectiveness of advertising companies.

These cookies can be persistent and transient and they can be principal or secondary cookie files.

18.3. Operational cookies. These are used to keep the information provided by the applicant in memory. (For example, applicant’s name, language, and location) These files use anonymous information and do not track the applicant’s activities on other sites. The goal of using them is to:

18.3.1. Keeping in memory if certain services have been provided to the applicant.

18.3.2. Improving the quality of cooperation with the site, usually by saving the priorities of the applicant.

These cookies can be persistent and transient and they can be principal or secondary cookie files.

18.4. Advertising cookies. These cookies are used to limit visiting the advertisements. Also to evaluate the performance of advertising agencies. These cookies are used to manage the advertising content on the site. These cookies are put on the site by third parties, for example by third parties and their agents. They can be persistent or transient. These are related to the advertisement on the site that is provided by third parties.

19. Blocking or deleting cookies, and limiting their activities can be done through the applicant’s browser’s settings.

 

Information about applicant’s device

20. The information collected about the applicant’s device does not include any personal data.

21. The goal of obtaining such information is to internally compute the applicants of the mobile application.

 

Data about telecommunication operator

22. Maxim obtains data about telecommunication operator which provides services to the applicant through the mobile application.

23. Such data does not include applicant’s personal data.

24. The goal of obtaining such information is to automatically fill the information about the country of residence of the applicant and choosing the language of the applicant’s interface in the setting part of the mobile application.

 

Request records

25. Maxim saves the route records of the applicant. These records include the time of initiation of the request, the address to which the vehicle arrives, the destination address and the routes taken, the applicable tariff, payment method, and other information provided by the applicant.

26. The goal of collecting such information is to improve the quality of services through auto-filling the parameters of the request by previously provided information to shorten the request time.

27. This privacy policy can be changed and/or renewed from time to time without any announcement before. Maxim suggests to the applicant to read carefully and check this privacy policy page in periodically for knowing any changes. With accessing and using this application it means the applicant agreed with any changes in this privacy policy.