Trustlink Title

Overview
Overview
consumers
ConsumersIn this Privacy Policy, TrustLink will sometimes be referred to as “we”, “us”, or “our”. Customers of a Provider will be referred to as “End User”, “You”, or “Your”.
developers
DevelopersPlease note that this Policy does not extend to the practices of developers of the apps you use, and we recommend reviewing the privacy policies or terms of service of those apps for relevant details.
Overview
In this Privacy Policy, TrustLink will sometimes be referred to as “we”, “us”, or “our”. Customers of a Provider will be referred to as "End User", “You”, or “Your”. The management of Personal Data is fundamental to TrustLink services, and we are committed to protecting, restricting, and monitoring access to your sensitive data. In addition, security measures will be built through a secure network to protect data from cyber-attacks. Therefore, this Privacy Policy (“Policy”) is meant to help you the end user understand how we at TrustLink collect, use, and share End User Data to operate, improve, develop, and help protect our services, and as otherwise outlined in this Policy. Please read this Policy carefully and see the headings below to get more detailed information on how TrustLink handles User Personal Data and on any topics of interest in TrustLink privacy policy.
About This Privacy Policy
Our objective with this Policy is to offer a simple and transparent explanation of the data collected by TrustLink from and about you, and how it is used and shared. We highly prioritize transparency and seek to present you with a clear and concise depiction of how we handle your information.
Please note that this Policy does not extend to the practices of developers of the apps you use, and we recommend reviewing the privacy policies or terms of service of those apps for relevant details.
We may change this Policy from time to time. If we make changes to our Policy, we will announce such changes on the TrustLink website (https://withtrustlink.com) and other communication channels within 5 working days after the changes take effect with the effective date updated at the top of this Policy. In the event of any inconsistency with other TrustLink policies regarding data, information, and system security measures, this Policy shall prevail.
The provisions in this Policy apply to the user who will use TrustLink Sites / Services. Thus, please read all Policy below before using TrustLink Sites.
Definitions
This section describes our data practices relating to our processing of information about you. We also provide summaries of our practices organized by category of information collected and by product at the end of this Policy in the Summaries of Processing Activities section.
  • You are every individual who is eligible according to our Terms of Service and intends to access our Sites / Services.
  • API Provider is entity which provide financial information to Developer based on End User’s consent.
  • End User Data is information and/or data that could be used to identify you, either alone or in combination with other information.
  • Sites is a website and/or mobile apps managed by TrustLink and/or its Partners as updated from time to time.
  • Financial information is financial account name and account number balance, and transactions history.
  • Commercial information is data relating to which of our services you use through developer apps and the dates and times of your use.
  • Aggregate data is different from End User’s Data. Please note that aggregated data does not contain information about specific User data. Aggregate data is information data about a group of individuals where names and address information are omitted, then the remaining data is combined from User data and then analyzed or evaluated as a whole, so that no particular User can be reasonably identified.
  • Anonymous data is any information that we have disguised in a way that causes the information to no longer identify the User, either directly or indirectly, and therefore it cannot be categorized as Personal Data or End User Data.
  • De-identification Information, namely information that has been limited to identifying data so that the User's identity cannot be reasonably identified.
Our Products
TrustLink gathers banking data and financial information from API Providers on behalf of End Users and provides it to API Users. During this process, TrustLink receives the End User Data, and in order to keep, maintain, and process your data, we ensure that we obtain your consent from both API Providers and/or API Users.
Where and When TrustLink Get End User Data
TrustLink collect End User Data in the following ways:
  • When API Provider provide End User Data upon request from API User;
  • If User contact TrustLink with a complaint, query, request;
  • From legally authorized third parties.
Information Gathering and Source Categories
The information we collect, utilize, and share is contingent on the Trustlink products and services utilized by you or the connected app's developer. Depending on the specific Trustlink products or services in use, the following information may be collected:
  1. Information you share with us.
  2. Information we collect from financial partners when you connect your financial account.
  3. Information acquired from the app developer you are connected to.
  4. Information that we receive about you from other sources
Information You Share with Us
When utilizing Trustlink’s products or services, such as connecting your financial accounts (e.g., bank accounts) to a developer’s app through Trsutlink, we may collect the following data from you:
  1. Identifiers like your name, email address, and phone number.
  2. Login data, as required by your account provider, including your username, password, account and routing number, or a security token.
  3. When necessary, data to verify your identity and/or link your accounts, such as your date of birth, security questions and answers, documentary ID, and one-time password (OTP).
By providing this data, you grant Trustlink the permission and authority to act on your behalf, accessing and transmitting your data to and from the relevant bank or financial service provider holding your financial account (referred to as "financial partners" in this Policy).
Information we collect from financial partners when you connects your financial account
Depending on the Trustlink products utilized by you or your app's developer, and the nature and accessibility of information provided by your financial product and service providers, we may collect the following data when you connect your financial accounts through Trustlink:
1. Identity and Contact information
TrustLink may collect User’s name, e-mail, ID card number, telephone number, date of birth, gender that we receive from Provider for the following purposes:
  • To identify authenticate User,
  • To communicate with User and respond to User inquiries.
2. Financial information
The information we receive from the financial product and service providers that maintain your financial accounts vary based on various factors, including what and how information is made available by those providers and the specific TrustLink services developers use, or in cases where we offer services directly to you, the TrustLink services you use. Depending on these factors, the information we collect may include identifiers, commercial information, financial information, and professional information from your financial product and service providers. More specifically, this may include the following types of information:
  • Account information, including financial institution name, account name, account type, account ownership, branch number, IBAN, BIC, account number, routing number, and sort code;
  • Information about an account balance, including current and available balance;
  • Information about credit accounts, including due dates, balances owed, payment amounts and dates, transaction history, credit limit, repayment status, and interest rate;
  • Information about loan accounts, including due dates, repayment status, balances, payment amounts and dates, interest rate, guarantor, loan type, payment plan, and terms;
  • Information about investment accounts, including transaction information, type of asset, identifying details about the asset, quantity, price, fees, and cost basis;
  • Identifiers and information about the account owner(s), including name, email address, phone number, date of birth, and address information;
  • Information about account transactions, including amount, date, payee, type, quantity, price, location, involved securities, and a description of the transaction; and
  • Professional information, including information about your employer, in limited cases where you’ve connected your payroll accounts or provided us with your pay stub information.
Information acquired from the app developer you are connected to.
In situations where Trustlink's services require it, developers of the apps you use may share with us identifiers and commercial information about you. This can encompass details like your name, email address, phone number, or information related to your financial accounts and transactions. An example of such a service is the Trustlink Identity Verification services which are used by developers to verify your identity, identify potential fraud, and screen their users against watchlists.
Information that we receive about you from other sources
TrustLink also receive identifiers and commercial information about you directly from the relevant developer or other third parties, including our service providers, bank partners, and identity verification services. For example, developers may provide information such as your full name, Social Security number, email address, phone number, or information about your financial accounts and account transactions, and our bank partners or service providers may provide information such as the status of a transaction you have initiated.
Insights derived from the information we collect
TrustLink may use the information we collect about you to derive insights. Here are a few examples of the types of inferences we may derive from data we have collected about you from you or other sources:
  • We may infer your geolocation or your annual income;
  • We may infer the type of account or subaccount you’ve chosen to connect―for example, when you connect your loan accounts, we can let the developer know whether the account is for a mortgage, student loan, or credit card;
  • We may derive inferences from your financial information, including your transaction data, and from other sources to help enable the developers of your connected applications to provide a better user experience to you, like providing you with faster access to your funds.
How We Use Your Information
With your consent, we use your Information for a number of business and commercial purposes, including to operate, improve, and protect the services we provide, and to develop new services. More specifically, we use End User Data:
  1. To provide, operate, and maintain our services, which you intend to avail of;
  2. To improve, modify, add to, and further develop our services;
  3. To develop new services and in some cases insights based on the data we’ve collected about you;
  4. To help protect you, our partners, us, and others from fraud, malicious activity, and other privacy and security-related concerns;
  5. To provide customer support to you, including to help respond to your inquiries related to our service or developer’s application;
  6. To investigate any misuse of our service, criminal activity, or other unauthorized access to our services;
  7. To comply with contractual and legal obligations under applicable law and for other legal purposes such as to establish and defend against claims;
  8. To notify you about our latest service that may be tailored to your need; and
  9. For any other purpose notified subject to your explicit consent and taking into account the objectives, needs, and balance of the interests of TrustLink and the rights of the Data Subject.
De-identified, Aggregated, and Anonymized Information
We may use End User Data to generate de-identified, aggregated or anonymized information that does not reveal End User’s Data identity. TrustLink uses this information to conduct research, compile aggregate data sets, statistics and reports, and to perform analytics on our services, service standards, business operations, and trends.
TrustLink may share de-identified, aggregated or anonymized information with our clients for reporting purposes, including usage of our services, and with third party service providers to use in creating marketing materials, case studies and statistical analyses. This allows TrustLink, its clients and TrustLink’s respective third-party service providers to understand how TrustLink is performing, or develop relevant products, services or offers.
How and to whom do we share your Information with?
TrustLink may share End User Data for a number of business purposes:
  • With the developer of the application you are using and as directed by that developer (such as with another third party if directed by you);
  • To enforce any contract with you;
  • With our data processors and other service providers, partners, or contractors in connection with the services they perform for us or developers;
  • With your connected financial institution(s) to help establish or maintain a connection you’ve chosen to make;
  • TrustLink affiliates, including the parent company and/or subsidiaries of TrustLink, including but not limited to third-party service providers who are required to keep your information confidential and secure and are restricted from using or disclosing information for reasons other than performing services on TrustLink behalf or to comply with legal requirements;
  • If, in good faith, disclosure is appropriate to comply with applicable law or legal process;
  • In connection with a change in ownership or control of all or a part of our business (such as a merger, acquisition, reorganization, or bankruptcy);
  • Between and among TrustLink and our current and future parents, affiliates, subsidiaries and other companies under common control or ownership;
  • As we believe reasonably appropriate to protect the rights, privacy, safety, or property of you, developers, our partners, TrustLink, and others;
  • Government, regulatory and law enforcement agencies to meet our compliance, regulatory, and risk management obligations or to comply with the law; or
  • For any other notified purpose with your consent or at your direction.
TrustLink will not share End User Data to be available for the public, including parties related to insurance companies. We may share End User Data to other parties that do or do not have legal relationship with us. However, if User share End User Data to other parties, they may have other policies to use End User Data which is not connected or different to our policies as stipulated in this Policy. Please review the privacy policy that the other parties have carefully. TrustLink is not responsible for any consequences occurred upon User choice to share End User Data to other parties.
Storage of your Information
TrustLink with its best efforts to protect and secure End User Data from access, collection, use or disclosure by unauthorized persons and from unlawful processing, accidental loss, destruction and damage or similar risks. However, sending information over the internet is not completely secure. Although TrustLink will try its best to protect End User Data, User acknowledges that TrustLink cannot guarantee the integrity and accuracy of any personal information that User submits through the TrustLink Sites. TrustLink and/or its technology provider/vendor may store your End User Data in its databases located in Singapore. If User are visiting our Sites from a country other than Indonesia, your communication through our Sites or any of our services may result in the transfer of information across international boundaries. By using TrustLink Sites or any of TrustLink services, User consent to the collection, storage, and processing of User information in Indonesia.
Accessing End User Data
When requested in writing, we will inform User of the existence, use, and disclosure of End User Data that TrustLink maintain. We may not be able to provide User with all the information User request, depending on the circumstances, and there may be a charge for copies of End User Data.
How Long TrustLink Keep Your End User Data
We only keep your information as long as you engaged with Developer or legally necessary. When TrustLink no longer need the information, it is either destroyed or de-identified.
We retain your information for as long as necessary, for example, to comply with a contractual relationship between you and Developer. We may retain your data for 5 (five) years, or if necessary to file, enforce or defend a lawsuit. Once the retention period of 5 (five) years has elapsed, TrustLink store User information in an aggregated and anonymous form. The information is not identifying Personal Data may be stored for an indefinite period of time for analytical purposes.
How we Secure End User Data
We use reasonable physical, technological, organizational and contractual safeguards, appropriate to the sensitivity of the information, to protect End User Data in TrustLink possession or under our control, from unauthorized access, disclosure or use.
We implement the standard of data privacy policy. End User Data may be saved in our database by our service providers as necessary for them to provide their services to us. We will provide security to protect and secure all End User Data in our Sites according to prevailing laws and regulations.
We restrict access to our personnel, affiliates or representatives. We limit access to your information only to authorized parties based on their functions and job descriptions. We also require the appointed party to implement and maintain End User Data information both administratively, physically and technically.
Managing Disturbances
TrustLink will provide its best effort in order that the use of TrustLink Sites is protected from disturbances such as including but not limited to virus and malware. TrustLink will notify the User in writing in the event of a system failure and/or failure in connection with the processing of the End User Data no later than 14 days after the discovery of the disturbance and/or failure.
Disclaimer
TrustLink shall only responsible for losses or damages suffered by User which proven caused by negligence or deliberation actions of TrustLink. User, at the time being and, in the future, shall exempt and release TrustLink from all claims, demands, or charge from anyone that is not directly connected with this Policy.
We are not authorized to provide financial, investment, marketing and advertising advice in our Service. If you require financial or investment advice you may contact an appropriate relevant consultant. We are not responsible for any consequences occurred due to the decision you made after using our Service.
Changes to Privacy Policy
TrustLink is entitled, at its discretion, to change, modify, add, or remove the provisions in this Policy from time to time. Please check these terms periodically for changes. TrustLink may share the information through our Sites or send to User by e-mail.
TrustLink may review and change this Policy on TrustLink discretion to ensure that this Policy follow the development of TrustLink in the future, and/or changes in law or regulation requirement from time to time. If TrustLink decide to change this Privacy Policy, TrustLink will notify you regarding such changes. If TrustLink continue to use TrustLink after changes in this Policy, therefore User accept such changes and shall comply to the provisions under Privacy Policy.
If any provision of the terms in this Policy is found to be invalid, void, or unenforceable, the remaining provisions hereof will not be affected, and such invalid, void, or unenforceable provision will be amended by TrustLink and adjusted to prevailing laws and regulations.
Your Data Protection Rights
Under applicable law, and subject to limitations and exceptions provided by law, you may have certain rights in relation to the End User Data collected about you and how it is used, including the right to:
  • Obtain the information concerning of clarity of identity, legal basis, usage of End User Data, and accountability of party requesting End User Data;
  • Access and obtain copies of End User Data;
  • Obtain proof from TrustLink at the latest 3x24hours upon request from End User in order to stop, to limit and to postpone the process of data;
  • Obtain written notification from TrustLink at the latest for 3x24hours in condition that there is a failure of End User Data protection;
  • Access End User Data collected about you;
  • Request that we rectify or update your End User Data that is inaccurate or incomplete;
  • Request, under certain circumstances, that we restrict the processing of or erase your End User Data;
  • Object to our processing of your End User Data under certain conditions provided by law;
  • Where processing of your End User Data is based on consent, withdraw that consent;
  • Request that we provide End User Data collected about you in a structured, commonly used and machine-readable format so that you can transfer it to another company, where technically feasible;
  • Claim and file a lawsuit, receive compensation for violation of End User Data process;
  • Use and send End User Data to a third party, as long as their systems may be used to communicate securely;
  • End the process, to delete, and/or to destroy End User Data; and
  • Request a complaint for a decision which is based on automatic process, profiling, any action which arises legal consequent or has a significant effect for User.
Governing Law
The terms and conditions of this Policy are governed by the laws of Indonesia. In the event of any disputes arising from this Policy, User must first contact TrustLink Legal Officer regarding User concern and use User best endeavours to amicably settle any dispute in good faith. TrustLink will also use TrustLink best endeavours to amicably settle User concerns in good faith. However, if no amicable resolution is reached within thirty (30) days, User agree the dispute shall be settled through Account Bank in Jakarta and use Indonesian language.
Miscellaneous
By reading this Privacy Policy and registered in TrustLink Sites, User are understanding and willing to comply to provisions provided by TrustLink through this Privacy Policy and other provisions in relation with TrustLink Sites.
How to Contact Us
If you have questions or concerns regarding our Privacy Policy and your privacy as a Data Subject, please contact on Trustlink website.
For any questions or concerns regarding this Policy, you may send them to email or chat, through the widget in the lower right corner, with our Support Team at https://withtrustlink.com/.
This policy was last revised in October 2022.