Article 32 Indonesian Data Protection Law 2020
Obligation to grant access to personal data
(1) The personal Data Controller is obliged to grant access to the personal Data owner the processed personal data and the record of processing of Personal data in accordance with the retention period of the personal data.
(2) The access as intended in paragraph (1) shall be given at least 3 x 24 (three times twenty four) hours since the personal Data controller receives an access request.