Privacy Policy
Privacy Policy – PT Smart Milenium Effisiensi
01Introduction
PT Smart Milenium Effisiensi (“Smartme”, “we”, “our”, or “us”) respects your privacy and is committed to protecting personal data processed through our websites, applications, communication platforms, and related services.
This Privacy Policy explains how we collect, use, store, protect, share, and delete personal data when you access or use our services, including services connected with Meta, Facebook, Instagram, WhatsApp Business Platform, and other third-party integrations.
02Data We May Collect
Depending on the service used, we may collect the following data:
- Account information, such as name, business name, email address, phone number, user role, and login information.
- Business information, such as company name, business portfolio information, WhatsApp Business Account information, ad account information, and related configuration data.
- Communication data, such as customer messages, conversation history, message status, delivery status, timestamps, and support interactions.
- Technical data, such as IP address, browser type, device information, log data, API request metadata, and system activity.
- Integration data, such as Meta Business ID, WhatsApp Business Account ID, Phone Number ID, Page ID, Instagram account ID, webhook events, access permission status, and related identifiers.
- Billing and operational data, such as usage records, invoice references, payment readiness status, and subscription or service package information.
- Support data, such as helpdesk tickets, issue reports, approvals, audit trails, and service requests.
We do not intentionally collect sensitive personal data unless it is required for a specific service, legal requirement, or customer-authorized business process.
03How We Use Data
We may use collected data for the following purposes:
- To provide, operate, and maintain our communication platform and related services.
- To enable WhatsApp Business, Meta, Facebook, Instagram, advertising, messaging, campaign, inbox, automation, and customer engagement features.
- To authenticate users and manage access control, roles, and permissions.
- To process messages, conversations, notifications, campaign activities, and service requests.
- To troubleshoot, monitor, secure, audit, and improve our services.
- To provide customer support and respond to inquiries.
- To comply with legal, regulatory, contractual, and security obligations.
- To prevent fraud, misuse, unauthorized access, and service abuse.
- To generate usage reports, billing records, and operational analytics.
- To support integrations authorized by customers or business users.
04Meta, Facebook, Instagram, and WhatsApp Data
When our services are connected to Meta platforms, including Facebook, Instagram, and WhatsApp Business Platform, we may process data authorized by the customer or business user, such as:
- Business portfolio and asset identifiers.
- WhatsApp Business Account and phone number information.
- Message, conversation, webhook, and delivery status data.
- Page, Instagram, ad account, campaign, or pixel/dataset information if the customer grants access.
- Permissions and access status needed to operate the integration.
We only use Meta-related data to provide the requested service, operate the integration, support the customer, maintain security, and comply with Meta platform requirements and applicable laws.
We do not sell Meta user data or customer data.
05Legal Basis for Processing
We process personal data based on one or more of the following grounds:
- The performance of a contract or service agreement.
- The customer’s or user’s consent.
- Compliance with legal obligations.
- Legitimate business interests, including service operation, security, troubleshooting, fraud prevention, and platform improvement.
- Customer instruction as a data processor or service provider.
06Data Sharing
We may share data only when necessary with:
- Authorized employees, contractors, or support personnel.
- Customers or tenant administrators authorized to access their own business data.
- Technology providers, hosting providers, communication providers, and integration partners.
- Meta, Facebook, Instagram, WhatsApp, or other third-party platforms when required to operate authorized integrations.
- Regulators, law enforcement, or government authorities when legally required.
- Professional advisers, auditors, or legal representatives where necessary.
We do not sell personal data to third parties.
07Data Retention
We retain data only for as long as necessary to provide services, meet operational needs, comply with legal obligations, resolve disputes, enforce agreements, and maintain security records.
Retention periods may vary depending on the type of data, service agreement, legal requirement, or customer instruction.
When data is no longer required, we will delete, anonymize, or securely archive it according to applicable policy and technical capability.
08Data Security
We apply reasonable technical and organizational safeguards to protect data, including access control, authentication, authorization, audit logging, encryption where appropriate, monitoring, and operational security procedures.
However, no electronic transmission or storage system is completely secure. Users and customers are responsible for maintaining the confidentiality of their accounts, credentials, and access permissions.
09User Rights
Subject to applicable law, users may have the right to:
- Access their personal data.
- Correct inaccurate data.
- Request deletion of personal data.
- Withdraw consent where processing is based on consent.
- Object to or restrict certain processing.
- Request information about how their data is processed.
Requests can be submitted through the contact details listed in this policy.
10Data Deletion Requests
Users may request deletion of personal data associated with our services or Meta integrations.
Please visit our Data Deletion Instructions page:
http://localhost:10003/data-deletion/
or contact us using the contact information below.
11Cookies and Tracking
Our website and services may use cookies or similar technologies to support login sessions, security, analytics, user preferences, and service performance.
Users may manage cookie settings through their browser, but disabling certain cookies may affect service functionality.
12International Data Processing
Data may be processed or stored in systems, servers, or services located in Indonesia or other jurisdictions, depending on the service architecture and third-party providers used.
Where required, we will apply safeguards consistent with applicable data protection requirements.
13Third-Party Services
Our services may contain links or integrations with third-party platforms, including Meta, Facebook, Instagram, WhatsApp, cloud providers, payment providers, and communication services.
Use of third-party services may be subject to their own privacy policies and terms. We are not responsible for the privacy practices of third-party platforms outside our control.
14Children’s Privacy
Our services are intended for business and professional use. We do not knowingly collect personal data from children.
15Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Updates will be posted on this page with the latest effective date.
Continued use of our services after an update means users acknowledge the updated policy.
16Contact Us
For privacy, data protection, or data deletion requests, please contact:
PT Smart Milenium Effisiensi
Email: info@smartme.co.id
Website: https://www.smartme.co.id/
Address: Jl Gading Kirana Utara Blok E10 No. 29-30, Kelapa Gading Barat, Kelapa Gading, Jakarta Utara, DKI Jakarta 14240