Legal & Privacy Policy

Updated 1 September 2020

Privacy Policy

Overview

Privacy and the security of data are of paramount importance to all of us at Brick. Please read this document carefully, and if you have any questions or queries about the contents, please email us at support@onebrick.io

In this Privacy Policy, Brick will sometimes be referred to as ‘we’, ‘us’, or ‘our’. Additionally, there are references to “You”. In these instances, “You” may be a visitor to our site, or a user of our Services (“Provider”), or a customer of a Provider (“End User”).

PT Brick Keuangan Inklusif (“Brick”) is a company incorporated in Indonesia and having its registered office at Jl. Tulodong Bawah IV No. 20, RT.5/RW.4 Kebayoran Baru, Jakarta Selatan Daerah Khusus Ibukota Jakarta 12110.

Personal Data

Collection of your personal data

When you use our Services we will have access to your personal data that you submit to us and personal data held by Account Servicing Payment Service Providers (i.e. any payment service provider, such as a bank or a credit card issuer that maintains an online payment account on your behalf) (“Data Providers”) (“Personal Data”) for the duration of the transmission.

Such Personal Data may include your date of birth, gender, account information, account balance, transactions, information on loans, insurance data and investments data. The manner in which we access, use, process and store your personal data for the provision of the Services is set out below.

When you use our website (the “Site”) we will collect browser information, including your IP address. We will also store some cookies (see our Cookies section below for more details).

Use of your personal data

Your Provider will direct you to use our Services which will include the following:

  • We will provide you with a software tool (“Tool”) which you can use to transmit information (including personal data) relating to payment accounts (“Account Information”) that you hold with Data Providers to your Provider, and for Payment Initiation, which you can use to consent to and authorize a payment as specified by your Provider; this may require that your Provider sends us your bank account details;
  • To use our Services you may need to provide the same identifying information that you use to login to your online bank account to access your relevant payment accounts with your bank (“Credentials”).
  • The Tool may allow you to use your Credentials to retrieve such Account Information as you choose to transmit to the Provider. Schedule 1 to the Terms of Service lists the information that you can elect to retrieve and transfer using the Tool.

You should check your Provider’s rules on data privacy. If your Account Information (including any Personal Data) is transmitted from a Provider to us, or through our software to a Provider, that Provider (and not Brick) is responsible for it.

Our Tool may merge or aggregate Account Information retrieved from your Provider, or a particular Data Provider with Account Information retrieved from other Data Providers where you or your Provider have instructed us to access and transmit such information.

When you have signed up on Brick’s website for marketing purposes we will use your email address to contact you in relation to products, events and service-related matters, where you have provided your consent to do so.

Retention of your personal data

We will not retain your information for any longer than we think is necessary. Information that we collect will be retained for as long as needed in order to:

  • fulfil the purposes outlined in the ‘Use of your personal data’ section above;
  • in line with our legitimate interest;
  • or for a period specifically required by applicable regulations or laws, such as retaining the information for regulatory reporting purposes.

When determining the relevant retention periods, we consider factors including:

  • our contractual obligations and rights in relation to the information involved;
  • legal obligation(s) under applicable law to retain data for a certain period of time;
  • statute of limitations under applicable law(s);
  • our legitimate interests where we have carried out balancing tests (see section on 'How we use your personal information' above);
  • fraud and risk management;
  • (potential) disputes; and
  • guidelines issued by relevant data protection authorities.

Otherwise, we securely erase your information where we no longer require your information for the purposes collected.

Deletion of Personal Data

We will not keep your Personal Data for longer than necessary. We will delete your Personal Data:

  • as soon as it is no longer needed to provide the Services to you;
  • upon termination of the Terms of Service; and / or
  • if You withdraw Your consent, and Your consent is necessary for us to retain the data.

Disclosure

We may share your Personal Data with selected third parties, including business partners, suppliers and sub-contractors that assist us in the provision of our Service to you. The third-party providers

used by us will only collect, use and disclose your information as instructed by us to provide Services to you.

We may also disclose your Personal Data to other third parties in the event that:

  • We reasonably consider that we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or
  • in order to enforce or apply our Terms of Service and other agreements; or
  • to protect the rights, property, or safety of Brick, our customers, or others.

Transfer of your personal data outside of Indonesia

The data that we collect from you will not be transferred to, or stored in Indonesia. We will take reasonable steps to ensure that your Account Information (including any Personal Data) is handled securely and in accordance with this Privacy Policy.

The Legal basis for processing personal data

These are our legal reasons for processing your personal data:

  • For the performance of a contract with You or Your Provider;
  • For the purpose of furthering Brick’s legitimate interests including providing better products, services, websites and applications, to operate our websites and applications.
  • With your consent to provide you with updates of Bricks, products, events and service- related matters.

Consent

When you use our services you may provide us with your Credentials and we require your consent to use those Credentials to:

  • retrieve your Account Information (including any Personal Data);
  • to provide such Account Information to the Providers which referred you to us;
  • improve the Services or the Tool.
  • temporarily access your payment account to debug any issues and to improve our automated processes for retrieving data.

You or your Provider may provide us with your Personal Data in order to initiate a payment.

The Personal Data we collect about You may be stored and processed to provide, maintain and improve our Services and Tool.

Your Personal Data may be anonymized, to be part of a market study or analytics by us or a third party. On our website, we use Google Analytics and other tools to process data in an anonymous form to provide us information about the use of our Site.

When you have signed up on Brick’s website for marketing purposes you provide your personal information voluntarily and Brick can only send you updates with your consent.

Security

We use industry-standard encryption methods to ensure the security of your Personal Data in accordance with applicable law and regulation but cannot guarantee the security of any data transmitted to a Provider using our Tool. Once we have received your information, we take reasonable precautions to ensure that it is not lost, misused, accessed, disclosed, altered or destroyed. If you have reason to believe that your Personal Data is no longer secure (for example if you feel that the security of your Personal Data has been compromised then please contact us immediately).

Cookies

When you browse the Site, we automatically receive your computer’s internet protocol (IP) address. We collect data about how you interact with our website through the use of cookies. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer, if you agree. Cookies contain information that is transferred to your computer's hard drive.

Our Site uses cookies to distinguish you from other users of our website. It helps us to remember your preferences. When you visit our Site, Cookies allow us to keep track of how many times you’ve visited us, how long you’ve visited us for and what you’ve done whilst you’ve been on our Site.

We use cookies to enhance your online experience of our Site and to better understand how our Site is used. Cookies help to ensure that what you see online is more relevant to you and your interests, based on information you’ve previously entered on our Site. The length of time the cookie is stored depends on that cookie, but this can vary from between a few minutes to up to two years.

Cookies never store any of your banking details. We use the following types of cookies:

  • ‘Session cookies’ which exist only while your browser is open. These cookies let us see where you’ve spent time on our Site and which part of the Site is the most or least effective. These are deleted automatically once you close your browser; and
  • ‘Persistent cookies’ which survive after your browser is closed. They can be used by the site to recognise your computer or mobile device when you open your browser and browse the Internet again.
  • ‘Third Party cookies’ these are cookies set by a domain other than our Site or a third party. These work by sharing your browser identification with that third party (like Facebook, Google), so that they can show you ads on their sites.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies for the provision of our Service) you may not be able to access all or parts of our site.

Your Rights

Subject Access Requests

You have the right to ask us to provide any personal data we have collected about You, to You. Should You wish to do so, please email us at support@onebrick.io to make a subject access request detailing:

  • your name,
  • your address,
  • the details of your Provider, and
  • the period of data you’d like access to.

Object to Direct Marketing

You have the right to ask us at any time to stop processing your Personal Data for direct marketing at any time. We provide for the right for you to unsubscribe from any of our marketing material at any time.

Changes to this Privacy Policy

Any changes we make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

Questions and Contact Information

If you would like to access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information about how we process your Personal Data, you can contact us at support@onebrick.io

End-User Terms of Service

The Brick End-User Terms of Service is an agreement between Brick Limited (“Brick”, “we”, “us”, “our”) and a customer of our client (“End-User”, “you”) that uses Brick’s services through an application. Please read these terms carefully.

There are a few other relevant policies that are linked here, which may be read in conjunction with the Agreement, or as stand alone documents such as Brick’s Privacy Policy.

Should you have any queries on the agreement, please email us at support@onebrick.io.

Introduction

Set out below are the terms of service (“Terms of Service”) which apply when you (the “End-User”) use the Service (defined below) and which set out the legally binding conditions which govern our provision of the Service to you.

Your use of the Service is conditional on your acceptance of these Terms. You should read these Terms of Service carefully and make sure you understand them before agreeing to them. These Terms of Service are available for you to download. You may also request a copy of these Terms of Service from us at any time after your use of the Service by emailing us at support@onebrick.io. The Terms of Service are only available in Bahasa Indonesia.

Who we are

We are PT Brick Keuangan Inklusif (“Brick”), a company incorporated in Indonesia and having its registered office at  Jl. Tulodong Bawah IV No. 20, RT.5/RW.4 Kebayoran Baru, Jakarta Selatan Daerah Khusus Ibukota Jakarta 12110.

Our services

Our services to you include the following (together, the “Service”):

We will provide you with a software tool (the “Tool”) which you can use to transmit information relating to payment accounts (“Account Information”) that you hold with any account provider (e.g. any payment service provider (for example, a bank or credit card issuer) that maintains a payment account on your behalf that is accessible online) (“Data Provider”) to your account information or other service provider (the “Service Provider”), according to these Terms of Service.

To use the Tool you will need to provide the same identifying information that you use to access the relevant payment accounts when you log in yourself (the “Credentials”).

The Tool will allow you to use your Credentials to retrieve such Account Information as you choose to transmit to the Service Provider. Schedule 1 lists the information that you can elect to retrieve and transfer using the Tool.

Our Tool may merge or aggregate Account Information retrieved from a particular Data Provider with Account Information retrieved from other Data Providers where you have instructed us to access and transmit such information.

We may use internet providers, web browsers or other third parties to access your Data to provide you with the Service.

The Account Information collected from your Data Provider is not checked for accuracy so we cannot check that the aggregated information provided to your Service Provider(s) is accurate, although we will of course use all reasonable efforts to ensure that our aggregation of that Account Information is accurate.

The services provided by each Service Provider and Data Provider are dealt with by the agreements that you have with each of them. As a result, we have no responsibility for the products and services provided to you by the Service Provider (save for where your Service Provider is operating as an agent of Brick), any relevant Data Provider, or any other third party and are not liable to you for any harm, damage or loss arising from your use of those products and services.

In particular, you should check your Data Provider and Service Provider’s rules on data privacy. Once your Account Information (including any personal data) is transmitted through our software to a Service Provider, that Service Provider (and not Brick) becomes responsible for it.

We are not authorized to provide financial or investment advice, and our provision of the Service does not amount to financial or investment advice. If you require financial or investment advice you should contact an appropriately authorized adviser.

We will not charge you for your use of the Service. Service Providers or other third parties may, however, charge you for your use of applications and other products that make use of the Tool or other services provided by Brick.

How we protect your Credentials and Account Information

We will not provide your Credentials to any Service Provider.

Any Account Information that we access or Credentials that you provide will be encrypted with a multi-key encryption mechanism. Service Providers will only be able to access your Account Information where you have explicitly given them permission to do so. This ensures that the Service Provider that referred you to us can only see the Account Information that you have selected through the Tool. Please refer to Schedule 2 for more details on how we protect your Credentials and Account Information.

What we need from you

You are only permitted to use the Service if you are aged 18 or older. By agreeing to these Terms of Service you represent that this is the case.

We are providing the Service to you only so you should not share your access to the Service or your Credentials with anyone else.

You are only entitled to access and use the Service in accordance with this Terms of Service.

We need to know we are transmitting Account Information relating to the right person. You must provide us with information which is accurate, and must not misrepresent your identity or any other information about you.

What happens when you use the Service

By using the Service, you:

  • represent that you are allowed to use the Credentials for this purpose, without any obligation by us to pay any fees or subject to any other limitations including any agreements with third parties.
  • give us your explicit consent to retrieve, merge and/or aggregate your Account Information for you using the Tool and transmit it to the relevant Service Providers for the purpose of providing the Service when you access the Tool through your Service Provider;
  • agree that you will not:
  • use any robot, spider, scraper, deep link or other similar automated data gathering or extraction tools, program, algorithm or methodology to access, acquire, copy or monitor our website or any other Brick domain (the “Site”) or the Service or any portion of them without our express written consent, which may be withheld at our sole discretion;
  • use or attempt to use any engine, software, tool, agent, or other device or mechanism (including without limitation browsers, spiders, robots, avatars or intelligent agents) to navigate or search the Service, other than the search engines and search agents available through the Service;
  • post or transmit any file which contains viruses, worms, Trojan horses or any other contaminating or destructive features, or that otherwise interfere with the proper working of the Site or the Service; or
  • attempt to decipher, decompile, disassemble, or reverse-engineer any of the software comprising or in any way making up a part of the Service for any purpose other than those provided for by us and in conjunction with the operation of the Service.

We take your privacy seriously and we use your personal data in line with our Privacy Policy. You agree to us processing your personal data in accordance with the Privacy Policy and these Terms of Service for the purpose of providing the Service to you. If you are not comfortable with how we handle your personal data as explained in the Privacy Policy, you should not use our Service.

Liability

You agree that you will be liable for any losses sustained by Brick as a result of your breach of these Terms of Service and will compensate Brick in full for any such losses.

Our ownership of the Site and the Service

We are the owner or the licensee of all intellectual property rights in the Service, the Site and in the material published on the Site. All of those works are protected by copyright and other intellectual property laws and treaties around the world. All rights are reserved to the relevant owner or licensee of those works.

Disclaimer of Representations and Warranties

While we will provide the Service with reasonable care and skill, the content and all services and products associated with the Service or provided through the Site or the Service are provided to you on an “as-is” and “as available” basis.

Subject to the section below, under ‘What is things go wrong?’, we make no express representations or warranties of any kind:

as to the content or operation of the Service;

  • as to the accuracy, reliability or completeness of the content of the Service (except for our aggregation methods); or
  • that the content that may be available through the Service is free of infection from any viruses or other code or computer programming routines that contain contaminating or destructive properties or that are intended to damage, surreptitiously intercept or expropriate any system, data or personal information.
  • and expressly disclaim any warranties of non-infringement or fitness for a particular purpose.

What if things go wrong?

We are responsible to you for foreseeable loss and damage caused by us. If we fail to comply with these terms, we are responsible for loss or damage you suffer that is a foreseeable result of our breaking these Terms of Service or our failing to use reasonable care and skill. We are not responsible for any losses that you suffer as a result of our failure to comply with these Terms of Service except those losses which are a foreseeable consequence of the breach. Loss or damage is foreseeable either if it is obvious that it will happen or if, at the time you agreed to these Terms of Service, both we and you knew it might happen.

We will not be liable nor responsible for any harm, damage or loss to you arising from or relating to hacking, tampering or any unauthorized access to your Account Information, Credentials or other data outside of the Service that we provide. You warrant that you have undertaken all reasonable efforts to ensure and secure your Credentials and Account Information outside of the Service that we provide. Subject to the section below, our liability to you for any cause whatever and regardless of the form of the action, if proven, will at all times be limited. You can read more about our security measures in Schedule 2.

We are not liable to you for any harm, damage or loss to you arising from the acts or omissions of any third parties, including in particular Data Providers and Service Providers (except where your Service Provider is an appointed agent of Brick).

We do not exclude or limit in any way our liability to you where it would be unlawful to do so. This includes liability for death or personal injury caused by our negligence or the negligence of our employees, agents or subcontractors; for fraud or fraudulent misrepresentation; or for breach of your legal rights in relation to the Service.

If you suspect that somebody else has access to your Credentials and is fraudulently using them to access the Service, you must contact us immediately by email to the following address: support@onebrick.io

Where your Service Provider is acting as an appointed agent of Brick and you feel that there may have been a breach of the agreement between you and your Service Provider, then please notify your Service Provider copying support@onebrick.io.

About this agreement

These Terms of Service will apply each time you use our Service.

We may at any time terminate or withhold your access to all or any part of our Service at any time, effective immediately:

  • if you have breached any provision of these Terms of Service (or have acted in a manner which clearly shows that you do not intend to, or are unable to comply with the provisions of these Terms of Service); or
  • if we, in our sole discretion, believe we are required to do so by law (for example, where the provision of the Service to you is, or becomes, unlawful).

Changes to these Terms of Service

Each time you use our Service you will be bound by the Terms of Service in force at that time.

From time to time, we may change these Terms of Service. If we do this then we will publish those changes on our Site and you will be bound by those new terms the next time you use our Service. If you do not agree to those changes you should not use our Service. You can always ask us for the terms of service which were in force when you used the Tool.

Who Decides Disputes?

The courts of South Jakarta will have exclusive jurisdiction to settle any disputes arising under or in connection with these Terms of Service.

These Terms of Service and any dispute or claim arising out of or in connection with them or their subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the laws of Indonesia.

Should you wish to raise a complaint in relation to the service with your Data Provider or your Service Provider, please refer to the complaints policy of your Data Provider and/ or Service Provider. You have the right to raise complaints with Brick, where your Service Provider is an appointed agent of Brick.

Should you wish to raise a complaint with us, please write to us at support@onebrick.io

Entire Agreement

These Terms of Service constitute the entire agreement and understanding between the parties in respect of the Service and supersede any previous agreement between the parties relating to such matter. Each of the parties represents and undertakes that in entering these Terms of Service it does not rely on, and shall have no remedy in respect of, any statement, representation, warranty or undertaking (whether negligently or innocently made) of any person (whether party to these Terms of Service or not) other than as expressly set out in these Terms of Service.

If any provision or part-provision of these Terms of Service is or becomes invalid, illegal or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed deleted. Any modification to or deletion of a provision or part-provision under this clause shall not affect the validity and enforceability of the rest of these Terms of Service.

A waiver of any right or remedy under these Terms of Service or by law is only effective if given in writing.

A failure or delay by either party to exercise any right or remedy provided under these Terms of Service or by law shall not constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict any further exercise of that or any other right or remedy. No single or partial exercise of any right or remedy provided under these Terms of Service or by law shall prevent or restrict the further exercise of that or any other right or remedy.

All covenants, agreements, representations and warranties made in these Terms of Service shall survive your acceptance of these Terms of Service and the termination of these Terms of Service.

Schedule 1 – Account Information

Your Account Information (as defined in the Terms of Service and Customer Agreement) includes, but is not limited to, the following types of financial and personal information:

Personal information: name, date of birth, full address(es), email address, phone number, gender; Payment account information:

  • Account type (e.g. current, saving, investment, credit card);
  • Account name;
  • IBAN/Account number/Sort code/SWIFT;
  • Currency;
  • Account balance information:
  • Current balance;
  • Available balance (credit cards);
  • Overdraft balance;
  • Interest rate;
  • Payment due date (credit cards);
  • Next closing date (credit cards);
  • Minimum payment due (credit cards);
  • Information on transactions:
  • Time;
  • Description;
  • Amount; and/or
  • Metadata (arbitrary data that banks associate with a transaction e.g. category).

If you have any questions about your Account Information or how it is used, please see our Privacy Policy or contact us by email at support@onebrick.io

Schedule 2 – Security

The Service uses bank grade security standards to protect your Account Information and Credentials (as defined in the Terms of Service) and ensure users' privacy. Security measures are implemented for both your Account Information and Credentials at rest and data in transport.

Data Encryption

Our database servers encrypt Account Information and Credentials (your username, PIN, password etc.) using the standard AES 256bit encryption. We generate a multi-part encryption key, one for you, one for us, and one that we store on behalf of the user and in a separate network.

The encrypted information needs all of the three keys simultaneously in order to be decrypted. The encryption keys are rotated and our segments of the key are managed in a network separated from the database and application servers. All the application secrets and keys are stored in a fault- tolerant key management cluster with limited access. The master key is kept in an air-gapped, secure vault to ensure a maximum level of security.

Transmission Security

All data served over our REST API uses HTTPS. We regularly audit our security setup to ensure that the certificates we serve are up to date. We force HTTPS for all connections to our API server to ensure that the information is always encrypted during the transport from our server to the Service Provider (as defined in the Terms of Service) application. It is important that you use the same methods to ensure that the information is encrypted all the way to the end user.

Logging

We log all the API calls and track the interactions with Brick API for later review.

Contact Us

If you have any questions about the security we use at Brick, please contact us by email at support@onebrick.io

Do you have other questions? support@onebrick.io

Download Privacy PolicyDownload End-User Terms of Services
Mockup
PT BRICK KEUANGAN INKLUSIF
Jl. Tulodong Bawah IV No. 20, RT. 005 / RW. 004 Kebayoran Baru, Jakarta Selatan, Daerah Khusus Ibu Kota Jakarta 12110
FOLLOW US
MockupMockupMockupMockup
MEMBER OF
MockupMockup
TRUSTED PARTNER OF
MockupMockup
REGISTERED IN
MockupMockup

Product

BrickPay - Bulk Disbursement dashboard
BrickFlex - Post-paid disbursement
BrickFlow - API Infrastructure
Brick Data
Brick Verification

Solution

COMPANY SIZE
Small Medium Business
Mid-market
Enterprise
Startup
INDUSTRY
Outsourcing
Creative Agency
Marketplace
Investment Platform
HRIS

Company

INFORMATION
About Us
Career
Pricing
Promo
LEGAL
Privacy Policy
Terms and Conditions (Data & Verification)
Terms and Conditions (Payments)

Support

FAQ
Tech Support
Book A Demo
Brick provides B2B payments and data aggregation platform to help companies build bulk payment capabilities and personalized products tailored to business needs. We aim to empower innovators to build amazing products to improve financial inclusion in Southeast Asia. Brick is the official partner of PT Ionpay Networks