How We Handle Your Account Data
This is the airasia4d privacy policy — the page that tells you, in plain English, what we collect when you open an account, why we collect it, and...
Privacy Posture & Jurisdiction Notes
Our privacy practices follow Indonesia's personal data protection rules where local law permits, and we apply the same posture across supported regions. We collect the minimum needed to run your account: identity fields at signup, device and session signals while you browse the lobby, and transaction references when you move funds through DANA, OVO, GoPay or QRIS. We do not sell your
data to third parties. We share only with the processors we need — payment rails, fraud screening, hosting — under contracts that bind them to the same standards we hold ourselves to. You can request access, correction or deletion at any point, and we'll respond inside the windows your jurisdiction sets.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
Privacy Contact Paths
If you have a privacy question, here's how to reach the team that handles it. Each channel below routes directly to our data desk — not the general lobby support queue — so your request gets logged against the right ticket type and answered by someone trained on the policy.
Privacy Inbox
Email our data desk for access, correction or deletion requests. We acknowledge inside one business day and resolve standard requests within the window your jurisdiction prescribes for personal data handling.
Live Chat Escalation
Open chat from any lobby page and ask for the privacy team. The agent flags your session, attaches your account reference, and routes the thread to a data handler rather than general support.
Written Notice
Prefer paper? Send a signed written notice to our registered correspondence address. Include your account email so we can match the request without asking for extra identity documents you didn't expect.
How We Keep This Policy Honest
A privacy policy only matters if someone reviews it. Here's the editorial work behind this page so you know it isn't a copy-paste job sitting untouched for years.
Quarterly Review
Our compliance team reads the full policy every quarter against current Indonesia data rules. If anything in the lobby flow changes how data moves, the wording on this page updates before the feature ships.
Plain-English Edit
Every clause goes through a plain-English pass. If a sentence needs a lawyer to decode, we rewrite it. You shouldn't need a glossary to understand what we keep against your account.
Version History
We keep dated versions of this policy on file. If you signed up under an older version and want to compare, the data desk can send you the exact text that applied on your registration date.
Processor Audits
The third parties that touch your data — payment rails, hosting, fraud screening — are audited annually. We drop processors that can't show current certifications, and we note material changes in this policy.
Incident Disclosure
If something goes wrong, you hear from us. We commit to notifying affected accounts inside the window Indonesia rules require, with a clear description of what happened and what you should do next.
Independent Review
External counsel reviews the policy annually. Their notes go to our compliance lead, and material recommendations land in the next published version rather than sitting in a drawer until renewal.
Consistency Across Our Policy Pages
This privacy policy lines up with the other legal pages on airasia4d. Here's how the wording stays consistent so you don't get conflicting answers depending on which page...
What This Policy Page Covers
Rather than a wall of legal text, we've organised the policy around the questions you'd actually ask. Here's what each block on this page is for, so you can jump to the part you...