Privacy Policy

Welcome to the company's Privacy Policy. This document outlines how we collect, use, disclose, and protect your personal information when you visit our website or purchase tickets for Indonesia's magnificent UNESCO World Heritage Sites. Your privacy is paramount to us, and we are committed to safeguarding your data with the utmost care and transparency.

Information We Collect

When you interact with our website, we collect personal information necessary to process your bookings and enhance your experience. This typically includes your name, email address, phone number, passport or ID details for entry, and payment information. For premium experiences or group bookings, we may also collect details about your group members or specific dietary requirements. We gather this data directly from you when you register, make a purchase, or communicate with us.

Use of Data

We use the collected data primarily to process your ticket purchases, confirm your bookings, and help access to Borobudur, Prambanan, Ratu Boko, and other associated experiences. Your information also enables us to communicate important updates regarding your visit, such as schedule changes or event details. What's more, we may use your data to personalize your experience, respond to your inquiries, and improve our services, ensuring a fluid and enriching cultural journey. This includes sending you relevant information about future events or special offers, always aligned with your preferences.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting requirements. The retention period is determined by the nature of the data, the purposes for processing, and our legal obligations under Indonesian law. Once your data is no longer required, it will be securely deleted or anonymized.

Transfer of Data

Your information, including personal data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. For instance, payment processors or cloud service providers may be located internationally. We ensure that any such transfers comply with applicable Indonesian data protection laws and that appropriate safeguards, such as standard contractual clauses, are in place to protect your data.

Security of Data

We implement tough technical and organizational security measures designed to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include encryption, firewalls, and secure socket layer (SSL) technology for data transmission. While we strive to use commercially acceptable means to protect your personal data, worth remembering: that no method of transmission over the Internet or method of electronic storage is 100% secure.

Your Rights

Under Indonesian law, you have certain rights regarding your personal data held by us. These rights include the ability to access, correct, update, or request the deletion of your personal information. You also have the right to object to or restrict certain processing activities, or to withdraw consent where processing is based on consent. To exercise any of these rights, please contact us using the details provided in this policy, and we will respond to your request in accordance with applicable regulations.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the 'Last updated' date at the top. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

Contact Us

Email: support@candiconnect.com

Address: Jl. Senayan No. 179, Jakarta 14872