Konnicard Konnicard
EN ID
Start free
Legal

Privacy Policy

How KonniCard collects, uses and safeguards your information.

Last updated: 4 June 2026

1. Introduction

KonniCard ("we", "us", "our") is a digital business card service operated by PT ALEXA TRADE INTL, a company registered in Indonesia and based in Jakarta. This policy describes what personal information we collect when you visit konnicard.com or use our services, how we handle that information, and the rights you have under Indonesian law, including the Personal Data Protection Act (Undang-Undang Pelindungan Data Pribadi / UU PDP No. 27 Tahun 2022).

By creating an account or continuing to use KonniCard, you confirm that you have read and understood this policy. If you do not agree with any part of it, please do not use the service.

2. Information we collect

We collect the minimum information needed to operate the service:

Information you provide

  • Account details - name, email address, phone number, password (hashed).
  • Profile content - photos, bio, social links, gallery images you upload to your card.
  • Payment details - processed directly by InstaPay; we never see or store your card number or bank account credentials.
  • Support correspondence - emails, chat messages and attachments you send us.

Information collected automatically

  • Device and browser data - user agent, approximate location (city-level), referrer URL.
  • Usage data - pages viewed, cards scanned, links clicked, and timestamps.
  • Lead capture submissions on your public card (these belong to you, not us).

3. How we use your information

We process personal data only for specific, legitimate purposes:

  • Providing and maintaining your digital card and dashboard.
  • Processing payments, issuing invoices and preventing fraud.
  • Sending service notifications (password resets, security alerts, billing receipts).
  • Improving the product - we look at aggregate, non-identifying usage patterns.
  • Responding to support requests.
  • Complying with Indonesian legal and tax obligations.

We do not sell your personal data. Ever. We do not share it with advertisers.

4. Cookies

We use a small number of cookies to keep you signed in, remember your preferences, and measure aggregate traffic. A full list and your controls are documented in our Cookie Policy.

5. Third parties we work with

To run the service we rely on a handful of trusted vendors, each bound by their own privacy commitments:

  • PT Instapay Technology Indonesia - payment processing, licensed by OJK (Otoritas Jasa Keuangan).
  • Amazon Web Services (AWS Singapore region) - hosting and storage.
  • Amazon SES / Postmark - transactional email delivery.
  • Cloudflare - CDN, DDoS protection.
  • Plausible Analytics - privacy-friendly, cookie-free traffic analytics.

6. Payments and InstaPay

All paid subscriptions are processed by InstaPay, an OJK-licensed payment gateway operating under the supervision of Bank Indonesia. When you subscribe, your payment instrument details (credit/debit card, Virtual Account, bank transfer) are entered directly on InstaPay-secured pages and never touch our servers. We store only a transaction reference, amount, PPN (Pajak Pertambahan Nilai) breakdown, and masked payment method for our accounting records.

InstaPay complies with Bank Indonesia Regulation No. 20/6/PBI/2018 on Electronic Money and all relevant OJK regulations on consumer data protection.

7. Data retention

We keep your account data as long as your account exists. If you delete your account, we erase your profile and uploaded media within 30 days, except where Indonesian law requires us to keep records (e.g. tax invoices under Indonesian tax regulations must be retained for 5 years). Backups are purged on a rolling 90-day cycle.

8. Your rights under UU PDP

Under the Personal Data Protection Act (UU PDP No. 27 Tahun 2022), you may at any time:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete information.
  • Erase your personal data (the "right to erasure").
  • Withdraw any consent you previously gave.
  • Object to processing of your data for certain purposes.
  • Raise a grievance with our Data Protection Officer (see Section 12).

You can exercise most of these from Dashboard → Settings. For anything else, email our Data Protection Officer.

9. International data transfers

Your data is primarily stored on AWS servers in the Singapore (ap-southeast-1) region. In limited cases - email delivery, customer support tools - data may be processed in the United States or European Union. We only transfer data to countries that provide an adequate standard of protection, consistent with the requirements of UU PDP and applicable BSSN guidelines.

10. Children

KonniCard is not intended for users under the age of 18. We do not knowingly collect data from minors. If you believe a child has created an account, write to us and we will delete the account and associated data promptly.

11. Changes to this policy

We may update this policy to reflect product or legal changes. If changes are material, we will notify you by email and/or an in-product notice at least 14 days before they take effect. The "Last updated" date at the top of this page will always reflect the current version.

12. Contact us

Questions, requests or concerns? Write to our Data Protection Officer:

Data Protection Officer: Ms. Sari Dewi
Company: PT ALEXA TRADE INTL
Address: Jl. Mangga Besar VI L 131, RT.9/RW.1, Taman Sari, Kec. Taman Sari, Kota Jakarta Barat, DKI Jakarta 11150, Indonesia
Phone: +62 888-0975-7445

We respond to UU PDP-related requests within 30 days.