Privacy and the security of data are of paramount importance to all of us at Brick. Please read this document carefully, and if you have any questions or queries about the contents, please email us at email@example.com
PT Brick Keuangan Inklusif (“Brick”) is a company incorporated in Indonesia and having its registered office at Jl. Tulodong Bawah IV No. 20, RT.5/RW.4 Kebayoran Baru, Jakarta Selatan Daerah Khusus Ibukota Jakarta 12110.
Collection of your personal data
When you use our Services we will have access to your personal data that you submit to us and personal data held by Account Servicing Payment Service Providers (i.e. any payment service provider, such as a bank or a credit card issuer that maintains an online payment account on your behalf) (“Data Providers”) (“Personal Data”) for the duration of the transmission.
Such Personal Data may include your date of birth, gender, account information, account balance, transactions, information on loans, insurance data and investments data. The manner in which we access, use, process and store your personal data for the provision of the Services is set out below.
When you use our website (the “Site”) we will collect browser information, including your IP address. We will also store some cookies (see our Cookies section below for more details).
Use of your personal data
Your Provider will direct you to use our Services which will include the following:
You should check your Provider’s rules on data privacy. If your Account Information (including any Personal Data) is transmitted from a Provider to us, or through our software to a Provider, that Provider (and not Brick) is responsible for it.
Our Tool may merge or aggregate Account Information retrieved from your Provider, or a particular Data Provider with Account Information retrieved from other Data Providers where you or your Provider have instructed us to access and transmit such information.
When you have signed up on Brick’s website for marketing purposes we will use your email address to contact you in relation to products, events and service-related matters, where you have provided your consent to do so.
Retention of your personal data
We will not retain your information for any longer than we think is necessary. Information that we collect will be retained for as long as needed in order to:
When determining the relevant retention periods, we consider factors including:
Otherwise, we securely erase your information where we no longer require your information for the purposes collected.
Deletion of Personal Data
We will not keep your Personal Data for longer than necessary. We will delete your Personal Data:
We may share your Personal Data with selected third parties, including business partners, suppliers and sub-contractors that assist us in the provision of our Service to you. The third-party providers
used by us will only collect, use and disclose your information as instructed by us to provide Services to you.
We may also disclose your Personal Data to other third parties in the event that:
Transfer of your personal data outside of Indonesia
The Legal basis for processing personal data
These are our legal reasons for processing your personal data:
When you use our services you may provide us with your Credentials and we require your consent to use those Credentials to:
You or your Provider may provide us with your Personal Data in order to initiate a payment.
The Personal Data we collect about You may be stored and processed to provide, maintain and improve our Services and Tool.
Your Personal Data may be anonymized, to be part of a market study or analytics by us or a third party. On our website, we use Google Analytics and other tools to process data in an anonymous form to provide us information about the use of our Site.
When you have signed up on Brick’s website for marketing purposes you provide your personal information voluntarily and Brick can only send you updates with your consent.
We use industry-standard encryption methods to ensure the security of your Personal Data in accordance with applicable law and regulation but cannot guarantee the security of any data transmitted to a Provider using our Tool. Once we have received your information, we take reasonable precautions to ensure that it is not lost, misused, accessed, disclosed, altered or destroyed. If you have reason to believe that your Personal Data is no longer secure (for example if you feel that the security of your Personal Data has been compromised then please contact us immediately).
Cookies never store any of your banking details. We use the following types of cookies:
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies for the provision of our Service) you may not be able to access all or parts of our site.
Subject Access Requests
You have the right to ask us to provide any personal data we have collected about You, to You. Should You wish to do so, please email us at firstname.lastname@example.org to make a subject access request detailing:
You have the right to ask us at any time to stop processing your Personal Data for direct marketing at any time. We provide for the right for you to unsubscribe from any of our marketing material at any time.
If you would like to access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information about how we process your Personal Data, you can contact us at email@example.com
The Brick End-User Terms of Service is an agreement between Brick Limited (“Brick”, “we”, “us”, “our”) and a customer of our client (“End-User”, “you”) that uses Brick’s services through an application. Please read these terms carefully.
Should you have any queries on the agreement, please email us at firstname.lastname@example.org.
Set out below are the terms of service (“Terms of Service”) which apply when you (the “End-User”) use the Service (defined below) and which set out the legally binding conditions which govern our provision of the Service to you.
Your use of the Service is conditional on your acceptance of these Terms. You should read these Terms of Service carefully and make sure you understand them before agreeing to them. These Terms of Service are available for you to download. You may also request a copy of these Terms of Service from us at any time after your use of the Service by emailing us at email@example.com. The Terms of Service are only available in Bahasa Indonesia.
We are PT Brick Keuangan Inklusif (“Brick”), a company incorporated in Indonesia and having its registered office at Jl. Tulodong Bawah IV No. 20, RT.5/RW.4 Kebayoran Baru, Jakarta Selatan Daerah Khusus Ibukota Jakarta 12110.
Our services to you include the following (together, the “Service”):
We will provide you with a software tool (the “Tool”) which you can use to transmit information relating to payment accounts (“Account Information”) that you hold with any account provider (e.g. any payment service provider (for example, a bank or credit card issuer) that maintains a payment account on your behalf that is accessible online) (“Data Provider”) to your account information or other service provider (the “Service Provider”), according to these Terms of Service.
To use the Tool you will need to provide the same identifying information that you use to access the relevant payment accounts when you log in yourself (the “Credentials”).
The Tool will allow you to use your Credentials to retrieve such Account Information as you choose to transmit to the Service Provider. Schedule 1 lists the information that you can elect to retrieve and transfer using the Tool.
Our Tool may merge or aggregate Account Information retrieved from a particular Data Provider with Account Information retrieved from other Data Providers where you have instructed us to access and transmit such information.
We may use internet providers, web browsers or other third parties to access your Data to provide you with the Service.
The Account Information collected from your Data Provider is not checked for accuracy so we cannot check that the aggregated information provided to your Service Provider(s) is accurate, although we will of course use all reasonable efforts to ensure that our aggregation of that Account Information is accurate.
The services provided by each Service Provider and Data Provider are dealt with by the agreements that you have with each of them. As a result, we have no responsibility for the products and services provided to you by the Service Provider (save for where your Service Provider is operating as an agent of Brick), any relevant Data Provider, or any other third party and are not liable to you for any harm, damage or loss arising from your use of those products and services.
In particular, you should check your Data Provider and Service Provider’s rules on data privacy. Once your Account Information (including any personal data) is transmitted through our software to a Service Provider, that Service Provider (and not Brick) becomes responsible for it.
We are not authorized to provide financial or investment advice, and our provision of the Service does not amount to financial or investment advice. If you require financial or investment advice you should contact an appropriately authorized adviser.
We will not charge you for your use of the Service. Service Providers or other third parties may, however, charge you for your use of applications and other products that make use of the Tool or other services provided by Brick.
We will not provide your Credentials to any Service Provider.
Any Account Information that we access or Credentials that you provide will be encrypted with a multi-key encryption mechanism. Service Providers will only be able to access your Account Information where you have explicitly given them permission to do so. This ensures that the Service Provider that referred you to us can only see the Account Information that you have selected through the Tool. Please refer to Schedule 2 for more details on how we protect your Credentials and Account Information.
You are only permitted to use the Service if you are aged 18 or older. By agreeing to these Terms of Service you represent that this is the case.
We are providing the Service to you only so you should not share your access to the Service or your Credentials with anyone else.
You are only entitled to access and use the Service in accordance with this Terms of Service.
We need to know we are transmitting Account Information relating to the right person. You must provide us with information which is accurate, and must not misrepresent your identity or any other information about you.
By using the Service, you:
You agree that you will be liable for any losses sustained by Brick as a result of your breach of these Terms of Service and will compensate Brick in full for any such losses.
We are the owner or the licensee of all intellectual property rights in the Service, the Site and in the material published on the Site. All of those works are protected by copyright and other intellectual property laws and treaties around the world. All rights are reserved to the relevant owner or licensee of those works.
While we will provide the Service with reasonable care and skill, the content and all services and products associated with the Service or provided through the Site or the Service are provided to you on an “as-is” and “as available” basis.
Subject to the section below, under ‘What is things go wrong?’, we make no express representations or warranties of any kind:
as to the content or operation of the Service;
We are responsible to you for foreseeable loss and damage caused by us. If we fail to comply with these terms, we are responsible for loss or damage you suffer that is a foreseeable result of our breaking these Terms of Service or our failing to use reasonable care and skill. We are not responsible for any losses that you suffer as a result of our failure to comply with these Terms of Service except those losses which are a foreseeable consequence of the breach. Loss or damage is foreseeable either if it is obvious that it will happen or if, at the time you agreed to these Terms of Service, both we and you knew it might happen.
We will not be liable nor responsible for any harm, damage or loss to you arising from or relating to hacking, tampering or any unauthorized access to your Account Information, Credentials or other data outside of the Service that we provide. You warrant that you have undertaken all reasonable efforts to ensure and secure your Credentials and Account Information outside of the Service that we provide. Subject to the section below, our liability to you for any cause whatever and regardless of the form of the action, if proven, will at all times be limited. You can read more about our security measures in Schedule 2.
We are not liable to you for any harm, damage or loss to you arising from the acts or omissions of any third parties, including in particular Data Providers and Service Providers (except where your Service Provider is an appointed agent of Brick).
We do not exclude or limit in any way our liability to you where it would be unlawful to do so. This includes liability for death or personal injury caused by our negligence or the negligence of our employees, agents or subcontractors; for fraud or fraudulent misrepresentation; or for breach of your legal rights in relation to the Service.
If you suspect that somebody else has access to your Credentials and is fraudulently using them to access the Service, you must contact us immediately by email to the following address: firstname.lastname@example.org
Where your Service Provider is acting as an appointed agent of Brick and you feel that there may have been a breach of the agreement between you and your Service Provider, then please notify your Service Provider copying email@example.com.
These Terms of Service will apply each time you use our Service.
We may at any time terminate or withhold your access to all or any part of our Service at any time, effective immediately:
Each time you use our Service you will be bound by the Terms of Service in force at that time.
From time to time, we may change these Terms of Service. If we do this then we will publish those changes on our Site and you will be bound by those new terms the next time you use our Service. If you do not agree to those changes you should not use our Service. You can always ask us for the terms of service which were in force when you used the Tool.
The courts of South Jakarta will have exclusive jurisdiction to settle any disputes arising under or in connection with these Terms of Service.
These Terms of Service and any dispute or claim arising out of or in connection with them or their subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the laws of Indonesia.
Should you wish to raise a complaint in relation to the service with your Data Provider or your Service Provider, please refer to the complaints policy of your Data Provider and/ or Service Provider. You have the right to raise complaints with Brick, where your Service Provider is an appointed agent of Brick.
Should you wish to raise a complaint with us, please write to us at firstname.lastname@example.org
These Terms of Service constitute the entire agreement and understanding between the parties in respect of the Service and supersede any previous agreement between the parties relating to such matter. Each of the parties represents and undertakes that in entering these Terms of Service it does not rely on, and shall have no remedy in respect of, any statement, representation, warranty or undertaking (whether negligently or innocently made) of any person (whether party to these Terms of Service or not) other than as expressly set out in these Terms of Service.
If any provision or part-provision of these Terms of Service is or becomes invalid, illegal or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed deleted. Any modification to or deletion of a provision or part-provision under this clause shall not affect the validity and enforceability of the rest of these Terms of Service.
A waiver of any right or remedy under these Terms of Service or by law is only effective if given in writing.
A failure or delay by either party to exercise any right or remedy provided under these Terms of Service or by law shall not constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict any further exercise of that or any other right or remedy. No single or partial exercise of any right or remedy provided under these Terms of Service or by law shall prevent or restrict the further exercise of that or any other right or remedy.
All covenants, agreements, representations and warranties made in these Terms of Service shall survive your acceptance of these Terms of Service and the termination of these Terms of Service.
Your Account Information (as defined in the Terms of Service and Customer Agreement) includes, but is not limited to, the following types of financial and personal information:
Personal information: name, date of birth, full address(es), email address, phone number, gender; Payment account information:
The Service uses bank grade security standards to protect your Account Information and Credentials (as defined in the Terms of Service) and ensure users' privacy. Security measures are implemented for both your Account Information and Credentials at rest and data in transport.
Our database servers encrypt Account Information and Credentials (your username, PIN, password etc.) using the standard AES 256bit encryption. We generate a multi-part encryption key, one for you, one for us, and one that we store on behalf of the user and in a separate network.
The encrypted information needs all of the three keys simultaneously in order to be decrypted. The encryption keys are rotated and our segments of the key are managed in a network separated from the database and application servers. All the application secrets and keys are stored in a fault- tolerant key management cluster with limited access. The master key is kept in an air-gapped, secure vault to ensure a maximum level of security.
All data served over our REST API uses HTTPS. We regularly audit our security setup to ensure that the certificates we serve are up to date. We force HTTPS for all connections to our API server to ensure that the information is always encrypted during the transport from our server to the Service Provider (as defined in the Terms of Service) application. It is important that you use the same methods to ensure that the information is encrypted all the way to the end user.
We log all the API calls and track the interactions with Brick API for later review.
If you have any questions about the security we use at Brick, please contact us by email at email@example.com
Do you have other questions? firstname.lastname@example.org