/ Legal

Privacy Policy

PT Adan Digital Innova · Effective: May 2026 · Version 1.0
Contents
01 Overview 02 Data Collected 03 Use of Data 04 Data Sharing 05 Data Retention 06 Security 07 Your Rights 08 Cookies 09 Third Parties 10 Contact
01

Overview

PT Adan Digital Innova ("Adan", "we", "us", or "our") is a technology company headquartered in Jakarta, Indonesia. We build and operate AI-powered SaaS products including Brandcomm.ID, Idolla, and Nuanta.

This Privacy Policy explains how we collect, use, store, and protect information when you use our products and services, visit our websites, or interact with us via any channel — including WhatsApp Business messaging.

By using our services, you agree to the practices described in this policy. If you do not agree, please discontinue use of our services and contact us at hello@adan.co.id.

02

Data We Collect

We collect the following categories of information depending on the service you use:

  • Account information — name, email address, job title, department, and organization name when you register for or are onboarded to one of our platforms.
  • Usage data — actions taken within our platforms (task updates, file uploads, approval events, login timestamps) for operational and audit purposes.
  • Communication data — messages sent via in-app channels, WhatsApp Business notifications, and email correspondence with our team.
  • Device and access data — IP address, browser type, and session metadata collected automatically for security and performance monitoring.
  • Uploaded content — creative assets (images, videos, documents) uploaded to our platforms are stored on your behalf and are not accessed by Adan staff except for technical support purposes with your explicit consent.

We do not collect sensitive personal data (health, financial, or biometric data) unless explicitly required by a specific service and disclosed separately.

03

How We Use Your Data

We use collected data solely to:

  • Provide, operate, and improve our products and services
  • Authenticate users and enforce role-based access controls
  • Send operational notifications (task updates, approvals, reports) via in-app, email, or WhatsApp Business
  • Generate AI-assisted reports and summaries using anonymized or aggregated task data
  • Monitor system performance and security
  • Comply with applicable Indonesian law and regulations

We do not use your data for advertising, profiling, or sale to third parties.

04

Data Sharing

We share data only with trusted infrastructure providers necessary to operate our services:

  • Supabase — database, authentication, and serverless functions (Singapore region)
  • Cloudflare — asset storage (R2), DNS, and DDoS protection
  • Netlify / Cloudflare Pages — frontend hosting and CDN
  • Anthropic — AI API for report narrative generation (no personally identifiable information is sent)
  • Resend — transactional email delivery
  • Meta (WhatsApp Business) — notification delivery via WhatsApp Cloud API

All providers are bound by their own privacy policies and data processing agreements. We do not sell, rent, or trade your personal data to any third party.

05

Data Retention

We retain your data for as long as your account is active or as needed to provide services. Specifically:

  • Task and activity logs are retained for a minimum of 12 months for audit and reporting purposes
  • Uploaded creative assets are retained until explicitly deleted by an authorized user or admin
  • Account data is retained until account deletion is requested and confirmed
  • WhatsApp message logs are subject to Meta's retention policies

To request data deletion, contact us at hello@adan.co.id.

06

Security

We implement industry-standard measures to protect your data:

  • All data transmitted over HTTPS / TLS encryption
  • Row-Level Security (RLS) enforced at the database level — users can only access data their role permits
  • Authentication via Supabase JWT tokens with automatic expiry
  • Asset storage via presigned URLs — credentials are never exposed to the browser
  • Regular security reviews as part of our development process

No system is 100% secure. In the event of a data breach that affects your personal data, we will notify affected parties within 72 hours of becoming aware of the incident, in accordance with applicable law.

07

Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated personal data
  • Object to or restrict certain processing activities
  • Receive a copy of your data in a portable format

To exercise any of these rights, contact us at hello@adan.co.id. We will respond within 14 business days.

08

Cookies & Local Storage

Our products use browser cookies and local storage for:

  • Session management and authentication token storage
  • User preference persistence (e.g., language selection)
  • Performance monitoring (anonymized, no third-party tracking)

We do not use advertising cookies or third-party tracking pixels. You may clear cookies via your browser settings at any time; however, this may affect your ability to remain logged in to our services.

09

Third-Party Services & WhatsApp

Our services integrate with WhatsApp Business via the Meta Cloud API. When you receive or interact with WhatsApp notifications from our systems:

  • Your WhatsApp phone number is used solely to deliver operational notifications (task approvals, status updates, reports)
  • We do not send marketing or promotional messages via WhatsApp
  • Message delivery and read receipts are subject to Meta's WhatsApp Privacy Policy
  • You may opt out of WhatsApp notifications by contacting your account administrator

Our websites and products may contain links to third-party services. We are not responsible for the privacy practices of those services and encourage you to review their policies independently.

10

Contact & Updates

For questions, requests, or concerns regarding this Privacy Policy, contact us:

We may update this policy from time to time. The effective date at the top of this page will reflect the most recent revision. Continued use of our services after changes constitutes acceptance of the updated policy.