Privacy Policy

Privacy Policy

Effective Date: [Date of Publication, e.g., 26 July 2025]

This Privacy Policy describes how Secreative Kita (“we,” “us,” or “our”) collects, uses, discloses, and protects your personal data when you register for, participate in, or interact with Singapore Future AI Summit 2025 (“the Event”). We are committed to protecting your privacy in accordance with Law No. 27 of 2022 on Personal Data Protection (PDP Law) of Indonesia and other applicable regulations.

1. What is Personal Data?

“Personal Data” refers to any data about an identified or identifiable individual. The PDP Law categorizes Personal Data into:

  • General Personal Data: Data that, when combined, can identify an individual, such as name, gender, nationality, religion, and marital status.
  • Specific Personal Data: Data that requires stricter protection due to its sensitive nature, including health data, biometric data, genetic data, criminal records, children’s data, financial data, and other data specified by law.

For the purpose of this Event, the personal data we typically collect includes, but is not limited to:

  • Identity Data: Name, gender, nationality, photograph (if taken at the event).
  • Contact Data: Email address, mailing address, phone number, company name, job title, business address.
  • Payment Data: Bank account details, transaction history (for billing purposes; we do not store full credit card details).
  • Professional Data: Industry, professional experience, interests related to the event.
  • Event Interaction Data: Attendance records, session participation, interactions with exhibitors/sponsors (e.g., badge scans), feedback.
  • Technical Data: IP address, browser type, device information, website usage data (e.g., through cookies).

2. Collection of Personal Data

We collect personal data when you:

  • Register for the Event, whether online or offline.
  • Make payments for the Event.
  • Participate in surveys, polls, or provide feedback.
  • Interact with our website, online platforms, or mobile applications related to the Event.
  • Communicate with us via email, phone, or other channels.
  • Consent to your badge being scanned by exhibitors or sponsors at the physical event (if applicable).
  • Are photographed, filmed, or recorded during the Event.

3. Purpose of Collection, Use, and Disclosure

We collect, use, and disclose your personal data only for specific, explicit, legitimate, and transparent purposes as outlined below, in compliance with the PDP Law:

3.1. Event Management and Administration: * To process your registration and manage your participation in the Event. * To facilitate access to the online conference platform and content. * To send you essential communications regarding the Event, including registration confirmations, updates, schedule changes, and logistical information. * To manage billing and payments. * To provide customer support and respond to your enquiries. * To analyze event attendance and engagement for internal planning and improvement of future events. * To ensure the safety and security of participants and the Event premises (if applicable).

3.2. Marketing and Promotional Purposes: * Direct Marketing by Secreative Kita : With your clear and explicit consent, we will use your contact data (e.g., email address, phone number) to send you marketing and promotional communications about our future events, products, services, and special offers. This may include newsletters, promotional emails, and information about upcoming conferences, webinars, or publications that we believe may be of interest to you, based on your profile and participation. * Sharing with Partners for Marketing: We will share necessary personal data (e.g., your name, organization, job title, email address, and areas of interest based on your interactions at the event) with our designated official event partners, including sponsors and exhibitors. These partners may then use this information for their own marketing and promotional purposes, to provide you with information about their relevant products, services, and networking opportunities that align with your interests and the Event’s themes. Our partners are carefully selected and typically include technology providers, industry associations, key sponsors in relevant sectors.

3.3. Research and Analytics: * To conduct surveys, market research, and data analysis to understand attendee demographics, preferences, and interests, helping us to improve future events and services. * To generate aggregated and anonymized statistical data for reporting and analytical purposes.

3.4. Compliance with Legal Obligations: * To comply with applicable laws, regulations, legal processes, or legitimate government requests in Indonesia or elsewhere. * To protect our rights, privacy, safety, or property, and that of our affiliates, you, or other third parties.

4. Legal Basis for Processing Personal Data

We process your personal data based on one or more of the following legal bases as stipulated by the PDP Law:

  • Your explicit consent: This is the primary basis for processing your data for marketing activities and sharing with partners. Your consent will be obtained in a clear and unambiguous manner.
  • Performance of a contract: To fulfill our contractual obligations related to your event registration and participation.
  • Legitimate interests: For internal operational purposes, improving our services, and ensuring the security of our systems, provided these interests do not override your fundamental rights and freedoms as a data subject.
  • Compliance with legal obligations: To meet requirements imposed by Indonesian law or relevant authorities.

5. Consent and Withdrawal of Consent

By registering for the Event and/or explicitly agreeing to the terms of this Privacy Policy, you provide your clear and explicit consent to the collection, use, and disclosure of your personal data for the purposes outlined in Section 3, including for marketing purposes by us and our partners. Your consent will be informed, specific, and freely given.

You have the right to withdraw your consent for the processing of your personal data at any time. Withdrawal of consent must be as easy as providing it. To withdraw your consent, please contact our Data Protection Officer (DPO) at the contact details provided in Section 10.

Please note that:

  • Withdrawing consent will not affect the lawfulness of any processing carried out before your withdrawal.
  • Withdrawing consent may affect your ability to receive certain event-related communications or participate in specific aspects of the Event or its benefits.
  • Upon receiving your withdrawal of consent, we will cease processing the relevant personal data within [e.g., 72 hours or a reasonable timeframe, specify if known, otherwise keep general] and ensure our partners are notified to cease their processing based on that consent.

6. Disclosure of Personal Data

We may disclose your personal data to the following parties, ensuring that any disclosure is in line with the purposes outlined in this policy and complies with the PDP Law:

  • Our Affiliates and Employees: For internal administration and operational purposes related to the Event.
  • Service Providers: Third-party vendors and service providers who assist us in operating the Event, such as event management platforms, payment processors, IT support, marketing agencies, and analytics providers. These service providers are contractually bound to protect your data, only use it for the purposes for which we engage them, and comply with the PDP Law.
  • Event Partners (Sponsors & Exhibitors): As explicitly consented to in Section 3.2, we will share necessary personal data with our designated event partners for their marketing and outreach. We will ensure that these partners are reputable and committed to data protection in line with the PDP Law and relevant agreements.
  • Professional Advisors: Lawyers, auditors, consultants, and other professional advisors.
  • Government and Regulatory Authorities: Where required by Indonesian law, court order, or to respond to valid legal requests from competent authorities.
  • Business Transfers: In connection with a merger, acquisition, sale of assets, or other business transaction, your personal data may be transferred as part of the assets, subject to appropriate safeguards and compliance with the PDP Law.

7. International Data Transfers

Your personal data may be transferred to, stored, and processed in countries outside Indonesia where our service providers or partners are located. When transferring your personal data outside Indonesia, we will ensure that such transfers are conducted in accordance with the PDP Law, which requires:

  • Adequacy of Protection: The recipient country must provide an adequate level of personal data protection equivalent to the PDP Law.
  • Appropriate Safeguards: If adequacy is not ensured, appropriate safeguards such as standard contractual clauses or binding corporate rules will be implemented.
  • Your Explicit Consent: In some cases, your explicit consent for the transfer may be obtained.

We will take all reasonable steps to ensure that your personal data receives an adequate level of protection in the recipient country.

8. Data Security

We implement robust technical, administrative, and physical security measures to protect your personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal, or similar risks, in line with the PDP Law. These measures include [mention general security measures, e.g., encryption, access controls, secure servers, regular security audits, employee training, incident response plans].

However, please be aware that no method of transmission over the internet or method of electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

In the unfortunate event of a personal data breach (failure in protecting personal data in terms of confidentiality, integrity, or availability), we will:

  • Notify the affected personal data subjects promptly.
  • Notify the relevant Indonesian Data Protection Authority within 72 hours, if the breach is likely to result in a high risk to your rights and freedoms or disrupt public services/interests.
  • Take immediate steps to mitigate the impact of the breach and prevent recurrence.

9. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable Indonesian laws and regulations (e.g., for tax, legal, or audit purposes). When your personal data is no longer needed for these purposes, we will take reasonable steps to securely dispose of or anonymize it in a manner that prevents its reconstruction or re-identification.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or Indonesian legal requirements. We will notify you of any significant changes by posting the updated policy on our website or through other appropriate communication channels (e.g., email). Your continued participation in the Event after such modifications constitutes your acknowledgment and acceptance of the updated Privacy Policy.

By proceeding with your registration, you acknowledge that you have read, understood, and agree to this Privacy Policy.

Singapore Future AI Summit 2025

Pasar Minggu, Jakarta Selatan 

12520 DKI Jakarta, Indonesia 

info@sfais.org www.sfais.org