Kebijakan Privasi

Last Updated: January 20, 2026

1. Introduction

DoneTix ("we", "us", or the "Platform") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our event ticket purchasing platform.

2. Data We Collect

2.1 Account Registration Data

When you register an account, we collect:

  • Full Name
  • Email Address
  • Phone Number (optional)
  • Password (stored in encrypted/hashed form)
  • Social login data (Google/Facebook), if you use these features

2.2 Ticket Purchase Data

When purchasing tickets (either as a registered user or as a guest), we collect:

  • Attendee Full Name (per ticket)
  • Attendee Email Address (per ticket)
  • National ID Number (NIK) – only if the event requires identity verification
  • Selfie Photo – only if the event requires facial verification

Note: National ID numbers and selfie photos are collected only for events that enable ticket redemption and explicitly require identity verification.

2.3 Additional Widget Data

Some events may request additional information, such as:

  • T-shirt size
  • Meal preferences
  • School or institution name
  • Other information required by the event organizer

2.4 Transaction & Payment Data

  • Ticket purchase history
  • Selected payment method (excluding direct credit/debit card details, which are processed by third-party payment gateways)
  • Payment status and proof of transfer (for manual payments)
  • Coupon or promo codes used

2.5 KYC (Know Your Customer) Data

For organizers or users who require fund withdrawals:

  • Identity documents (ID card or other valid identification)
  • Bank account information

2.6 Customer Support Data

When you contact customer support, we collect:

  • Name and email address
  • Support message or ticket content
  • File attachments (if any)

2.7 Technical Data & Cookies

  • IP address
  • Browser type and device information
  • Language preferences
  • Cookies for website functionality
  • Device tokens for push notifications (if permitted)

2.8 Location Data

  • Geographical location data (only if you use nearby event search features and grant permission)

2.9 Newsletter & Subscriptions

  • Email address for newsletters, updates, and promotional communications

3. Purposes of Data Use

We use your personal data for the following purposes:

Purpose Legal Basis
Processing ticket purchases and delivering e-tickets Performance of a contract
Identity verification during ticket redemption Legitimate interest (event security)
Sending transaction confirmations and notifications Performance of a contract
Providing customer support services Performance of a contract
Sending newsletters and promotional communications (if subscribed) Consent
Preventing fraud and misuse of the platform Legitimate interest
Complying with legal obligations Legal obligation
Processing organizer fund withdrawals Performance of a contract

4. Data Sharing with Third Parties

4.1 Event Organizers

Attendee data (such as name, email address, and selected widget information) is shared with event organizers for the purposes of:

  • Check-in and ticket redemption verification
  • Event coordination
  • Merchandise distribution (if applicable)

4.2 Payment Gateway (Tripay)

Payment processing is handled by Tripay. We do not store your credit or debit card details directly. Please review Tripay’s Privacy Policy at https://tripay.co.id/page/privacy-policy.

4.3 Service Providers

We may share data with trusted service providers, including:

  • Hosting and cloud storage providers
  • Email delivery services
  • Firebase for push notifications

4.4 Legal Authorities

We may disclose your data if required by law, regulation, or court order.

5. Data Storage & Retention

Data Type Retention Period
Account data While the account is active + 30 days after deletion
Ticket data 2 years after the event date
Selfie verification photos 6 months after the event ends
Transaction data In accordance with tax obligations (minimum 5 years)
Technical logs 90 days
Support ticket data 1 year after ticket closure

6. Data Security

We implement the following security measures:

  • Password encryption using bcrypt
  • HTTPS/SSL for all data transmissions
  • Input validation to prevent SQL injection and XSS attacks
  • File upload sanitization for selfie photos (MIME type, size, and content validation)
  • Unique hashed access for selfie photos (not publicly accessible)
  • Rate limiting to prevent brute-force attacks
  • Two-Factor Authentication (2FA) available for accounts

7. Your Rights

In accordance with applicable data protection laws, you have the right to:

  1. Right of Access – Request a copy of your personal data
  2. Right to Rectification – Correct inaccurate or incomplete data
  3. Right to Erasure – Request deletion of your personal data (subject to legal limitations)
  4. Right to Restrict Processing – Limit how your data is processed
  5. Right to Data Portability – Receive your data in a machine-readable format
  6. Right to Object – Object to processing for direct marketing purposes

To exercise your rights, please contact us at: support@donetix.com

8. Cookies

We use cookies for the following purposes:

  • Essential cookies: Website functionality (login sessions, CSRF protection)
  • Preference cookies: Storing language preferences
  • Consent cookies: Recording your cookie consent

You can manage cookie preferences through your browser settings.

9. Guest Checkout

If you purchase tickets without logging in:

  • An account will be automatically created using the information you provide
  • A default password will be sent to your email address
  • You may log in to access your tickets and order history

10. Children’s Data

Our Platform is not intended for children under the age of 13. If you become aware that a child has provided personal data to us without parental consent, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated through:

  • Website banners
  • Email notifications to registered users

12. Contact Information

For privacy-related inquiries or to exercise your rights:

Email: support@donetix.com

13. Data Controller

The data controller for the DoneTix Platform is:

PT Arqami Teknologi Indonesia

By using the DoneTix Platform, you agree to the collection and use of your data in accordance with this Privacy Policy.

We may use cookies or any other tracking technologies when you visit our website, including any other media form, mobile website, or mobile application related or connected to help customize the Site and improve your experience. learn more

Allow