Hello, Privacymu Buddies!

The need in society to protect individual rights related to the processing of personal data, both electronically and non-electronically, is the reason for Regulation 27 of 2022 concerning Personal Data Protection, better known as the PDP Law.

Article 16 Paragraph 1 states that actions included in processing personal data include obtaining and collecting, processing and analyzing, storing, correcting and updating, displaying, announcing, transferring, disseminating, or disclosing and/or deletion or destroying.

With the act of processing personal data and the rights possessed by individuals, knowledge of the rights of individuals as Data Subjects is required. Furthermore, the rights possessed by the Data Subject are regulated in Chapter V from Article 5 to Article 15.

Rights Stipulated in the PDP Regulation

The following is a summary of the rights possessed by the Data Subject in relation to the processing of personal data:

1. Data subjects have the right to information regarding the purpose of requesting and using personal data and accountability of the party requesting personal data (Article 5),
2. Personal data processed pursuant to the purpose of the processing shall be ensured to be accurate, which the Data Subject is entitled to complete, update and/or correct if there is an error (Article 6),
3. The right to access and copies of personal data held (Article 7),
4. The right to end processing, delete and/or destroy his/her personal data (Article 8),
5. The right to withdraw the consent that has been given (Article 9),
6. The right to object to decision-making based solely on automated processing, including profiling that has legal consequences or has a significant impact on the Data Subject (Article 10),
7. The right to suspend or restrict processing in proportion to the purpose of processing personal data (Article 11),
8. The right to sue and receive compensation in case of violation of personal data processing (Article 12),
9. Has the right to receive and/or use personal data about him from the Personal Data Controller in a commonly used structure and/or form or format that can be read by electronic systems and has the right to request that personal data about him be sent and used by other Personal Data Controllers, provided that because the systems used can communicate securely with each other by the principles of personal data protection (Article 13).

The above rights are not freely entitled, but there are still exceptions to the rights of the Data Subject. Among others, it is excluded for the interests of national defense and security, law enforcement processes, public interests in the framework of State administration, the interests of supervision of the financial services sector, monetary, payment system, and financial system stability. These interests are carried out in the context of state administration or statistical interests and scientific research, where the exception is only in implementing the regulation's provisions.

As mentioned above, in addition to the existence of a Data Subject, there is also a Personal Data Controller. The definition of a Personal Data Controller is set out in Article 1 Paragraph 4, i.e. any person, public body and international organization acting individually or jointly in determining the purposes and exercising control over the processing of Personal Data.

In addition, there is also a so-called Personal Data Processor in Article 1 Paragraph 5, namely any person, public body, and international organization acting individually or jointly in processing Personal Data on behalf of the Personal Data Controller.

General Explanation of Article 26 of Regulation Number 19 of 2016 concerning Amendments to Regulation Number 11 of 2008 concerning Information and Electronic Transactions or ITE Regulation explains the importance of personal data protection that in the use of information technology, personal data protection is one part of personal rights where personal rights contain the understanding as the right to enjoy a private life and be free from all kinds of interference,  the right to be able to communicate with others without spying, and the right to supervise access to information about a person's private life and data.

That's all the explanation about "Know Your Data Privacy Rights in the PDP Regulation!". Don't forget to visit our official website at........to get insights related to Personal Data Protection.

Writer:

Shafira Nadya Nathasya

Source:

Law Number 27 of 2022 concerning Personal Data Protection

Law Number 19 of 2016 concerning Amendments to Law Number 11 of 2008 concerning Electronic Information and Transactions