Privacy Indonesian Protection of Personal Data Law 2020

Indonesian Protection of Personal Data Law 2020

Chapter I
General Provisions
Article 1
Definitions
Article 2
Material Scope
Chapter II
Types of Personal Data
Article 3
Personal data consists of
Chapter III
Proprietary Rights of Personal Data
Article 4
Right to request information
Article 5
Right to completion of personal data
Article 6
Right to access personal data
Article 7
Rights to update and/or correct personal data
Article 8
Right to terminate processing of personal data
Article 9
Right to withdraw the processing of personal data
Article 10
Right to object to a decision-making action
Article 11
Right to processing of personal data through a pseudonymous mechanism
Article 12
Rights to delay or restrict the processing of personal data
Article 13
Right to claim and receive damages for data breach
Article 14
Right of data portability
Article 15
Implementation of HAK personal data
Article 16
Right of dahttps://privacad.com/privacy-indonesian-data-protection-law-article-16/ta owners do not apply to
Chapter IV
Processing of personal data
Article 17
Personal data processing includes
Article 18
Personal data processing valid agreement for specific purposes
Article 19
Consent for processing personal data
Article 20
Null and void consent
Article 21
Confidentiality of Personal data
Article 22
Visual data processing in public places
Chapter V
Obligations of data controller and data processor
Part One
The public
Article 23
Data controllers and data processors include
Part Two
Personal data controller obligations
Article 24
Information provided by data controller prior to consent
Article 25
Withdrawal of consent and processing of personal data
Article 26
Delays and restriction of processing
Article 27
Data controllers and data processors includeProtect and ensure security of personal data
Article 28
Data controller supervision of data processor
Article 29
Protection from unauthorised processing
Article 30
Prevention of unauthorised processing
Article 31
Recording of all processing activities
Article 32
Obligation to grant access to personal data
Article 33
Refusal of access or request to change personal data
Article 34
Update and/or correct errors and/or inaccuracies
Article 35
Guarantee accuracy, completeness and consistency
Article 36
Processing in accordance with approved purposes
Article 37
Retention period of personal data
Article 38
Erasure of personal data
Article 39
Obligation to destroy personal data
Article 40
Notification in the event of failure of protection of personal data
Article 41
Obligation to demonstrate responsibility accountability
Article 42
Personal data control obligations do not apply in case of
Part Three
Personal data processor obligations
Article 43
Instructions for designated data processor
Article 44
Obligations of data processors
Part Four
Officials or Officers implementing personal data protection functions
Article 45
Appointment of data protection officer(s)
Article 46
Tasks of data protection officer(s)
Chapter VI
General Provisions
Part One
Transfer of data within the Republic of Indonesia
Article 47
Obligations of recipient of personal data
Article 48
Merger, separation, takeover or consolidatyion by legal entity
Part Two
Transfer of data outside the Republic of Indonesia
Article 49
Conditions for transfers of personal data outside the Republic of Indonesia
Chapter VII
Administrative sanctions
Article 50
Violation of articles with administrative sanctions
Chapter VIII
Prohibition in the use of personal data
Article 51
Prohibition to process personal data to the benefit of oneself
Article 52
Prohibition of visual processing of personal data in public space
Article 53
Prohibition to use processing tools or visual data processors
Article 54
Prohibition to sell or purchase personal data
Chapter IX
Establishing the data controller Code of Conduct
Article 55
Personal data controller’s code of conduct
Chapter X
Dispute resolution and events
Article 56
Settlement of data protection disputes
Chapter XI
International cooperation
Article 57
Other state governments or international organisations
Chapter XII
Government and community roles
Article 58
Role of the government
Article 59
Authorized state attorney
Article 60
Role of the community
Chapter XIII
Criminal Provisions
Article 61
Collection of personal data to the benefit of oneself
Article 62
Visual data processor in a public space
Article 63
Deliberate use against the law
Article 64
Intentional falsification of personal data
Article 65
Sentences and additional deprivations
Article 66
Criminal offences by corporations
Article 67
Payment of fines
Article 68
Foreclosures and freezing
Article 69
Additional criminal payment of compensation
Chapter XIV
Transitional provisions
Article 70
Transition period of 2 years
Chapter XV
Closing Provisions
Article 71
Confliction provisions
Article 72
Date of entry into force

author avatar
Privacy Professor

Professor mr drs Romeo F. Kadir MA MSc LLM LLM (Adv) EMBA EMoC

At present Romeo Kadir serves as the President of the Global Association of Data Protection Professionals Europe (GADPPRO). GADPPRO is a thought leader self-regulatory association of data protection professionals based in the European Union, active around the globe and the first European Association of data protection professionals open for members outside the EU. Please visit www.gadppro.org for more information.

First appointed Data Protection Officer (DPO) ever in the Netherlands (European Union) at a semi-public entity. Seasoned European Privacy and Data Protection Expert (22+ years of practical experience in EU Privacy and Data Protection Law, Business Management, Compliance and Ethics).

Studied European and International Law, Political Sciences and Business Administration. Romeo Kadir is EIPACC EADPP Professor European Privacy & Data Protection Law at Universitas Padjadjaran UNpad (Indonesia) and Honorary Visiting Research Fellow with O.P. Jindal Global University (New Delhi), Senior Associate Fellow with Vidhi Centre for Legal Policy (New Delhi), Lecturer Science Honours Academy and Lecturer at the International Molengraaff Institute, Utrecht University (UU, Netherlands). In 2010 he was founder of the first European Data Protection Academy focusing on privacy-only executive education.

Present Occupations in European Data Protection Law

Member of the International Bar Association (IBA)
Member of the International Board of Experts with EuroPrivacy Certification Scheme (Geneva and Luxembourg)
Member of the International Strategic Board with EuroPrivacy Certification Scheme (Geneva and Luxembourg)
Member of the Swiss-Chinese Law Association (SCLA)

Former Occupations in European Data Protection Law

President European Institute for Privacy, Audit, Compliance & Certification (EIPACC)
Co-Founder/Vice-President European Association for Data Protection Professionals (EADPP)
Chair EADPP Certification Committee Data Protection Professionals,
Chair EADPP Academic Board
Chair EADPP Expert Committee on Cybersecurity
Chair EADPP Expert Committee on Artificial Intelligence (AI)
President Supervisory Board of the Dutch Privacy Complaints Office (NPKI)
Rapporteur to UN Monitoring Commission Human Rights on behalf of the Dutch Privacy Foundation (SPN)

Publications

'Handbook DPO - A Practical Guide', Privacy Publishing Group (2017)
Editor-in-Chief of ‘Data Protection Dictionary’, authored, edited and coordinated ‘Handbook for the Data Protection Officer – A practical Guide’, ‘The Ultimate GDPR Business Guide – Six Volumes’ and other relevant books in the field of privacy and data protection (www.dataprotectionbooks.com)

www.romeokadir.eu

You may also like

Children Safety Encryption www.privacad.com
Apple’s New Step to Protect Child Abuse via Encryption Feature
20 August, 2021
DNA Technology and Privacy www.privacad.com
DNA Technology Regulation Bill and Violation of Privacy for Minority Groups
19 August, 2021
www.privacad.com
India accuses Twitter of not complying with new IT rules
18 August, 2021