PRIVACY AND PERSONAL DATA PROTECTION POLICY
This Policy explains how Firebird Ventures Pte Ltd (owner of the JAVAN mobile phone application) and/or its affiliates (“Firebird Ventures”, “we”) collects, uses, discloses, and protects your personal data when you use the JAVAN application and services. This Policy applies to customers in Indonesia, however some data may be accessed in Singapore.
Where privacy rules differ between Singapore and Indonesia, we highlight the specific provisions, taking into consideration Singapore’s Personal Data Protection Act (PDPA) and Indonesia’s Personal Data Protection Law (PDP Law). Where not otherwise explicitly stated in this document, the provisions of the relevant jurisdictional regulations and legislation are applicable and adhered to by Firebird Ventures.
Introduction & Consent
By registering a profile and using our services, you acknowledge that you have read and understood this Privacy and Personal Data Protection Policy and consent to the processing of your personal data. You may withdraw your consent at any time by contacting us.
We may collect and use your personal data for any or all of the following purposes:
(a) performing obligations in the course of or in connection with our provision of the JAVAN service requested by you;
(b) verifying your identity;
(c) responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
(d) managing your relationship with us;
(e) processing payment or credit transactions;
(f) complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
(g) any other purposes for which you have provided the information;
(h) transmitting to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore, Indonesia or abroad, for the aforementioned purposes; and
(i) any other incidental business purposes related to or in connection with the above.
(a) performing obligations in the course of or in connection with our provision of the JAVAN service requested by you;
(b) verifying your identity;
(c) responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
(d) managing your relationship with us;
(e) processing payment or credit transactions;
(f) complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
(g) any other purposes for which you have provided the information;
(h) transmitting to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore, Indonesia or abroad, for the aforementioned purposes; and
(i) any other incidental business purposes related to or in connection with the above.
Personal Data We Collect
We collect a wide range of personal data (general and specific), which may include:
• Identity Data: name, email, username, password, phone number, profile photo, Facebook ID, Apple ID, Google Account (for profile establishment and log-in)
• Contact Data: phone number, email.
• Financial & Payment Data: payment history, transaction data.
• Location Data: real-time geographic information, GPS, and Wi-Fi location.
• Transaction Data: purchases, preferences, and survey responses.
• Device Information: device-specific information including operating system version, unique identifiers, and details like the name of your mobile network, IP address, device's language settings, brand, type, operating system and version.
• Identity Data: name, email, username, password, phone number, profile photo, Facebook ID, Apple ID, Google Account (for profile establishment and log-in)
• Contact Data: phone number, email.
• Financial & Payment Data: payment history, transaction data.
• Location Data: real-time geographic information, GPS, and Wi-Fi location.
• Transaction Data: purchases, preferences, and survey responses.
• Device Information: device-specific information including operating system version, unique identifiers, and details like the name of your mobile network, IP address, device's language settings, brand, type, operating system and version.
How We Collect Data
• Directly when you register a profile, transact, or contact customer support.
• Automatically when you use our services (cookies, usage logs, GPS tracking, analytics).
• From third parties, including payment providers and business affiliates.
• From information you provide about others, where you must have their consent.
We use cookies and similar technologies to improve our services, personalize your experience, and for advertising purposes. You may disable cookies in your browser, though some features may not work properly.
• Automatically when you use our services (cookies, usage logs, GPS tracking, analytics).
• From third parties, including payment providers and business affiliates.
• From information you provide about others, where you must have their consent.
We use cookies and similar technologies to improve our services, personalize your experience, and for advertising purposes. You may disable cookies in your browser, though some features may not work properly.
How We Use Your Personal Data
• Creating, verifying, and managing your account.
• Processing listing payments.
• Providing customer support and resolving disputes.
• Conducting analytics and fraud prevention.
• Complying with legal obligations in both Singapore and Indonesia.
• Processing listing payments.
• Providing customer support and resolving disputes.
• Conducting analytics and fraud prevention.
• Complying with legal obligations in both Singapore and Indonesia.
Sharing & Disclosure
We may share your personal data with:
- Our affiliates, subsidiaries, contracted specialists and app developers for service delivery and operations.
- Service providers (e.g., payment processors, IT support, Developer Team, which may be outside Indonesia).
- Other users (e.g., sellers to buyers) where necessary to complete transactions.
- Regulators, government agencies, or law enforcement when required by law.
- Business partners in connection with promotions or collaborations.
- Third parties in case of mergers, acquisitions, restructuring, or financing.
- Insurance providers for claims processing.
We do not sell or rent your personal data.
- Our affiliates, subsidiaries, contracted specialists and app developers for service delivery and operations.
- Service providers (e.g., payment processors, IT support, Developer Team, which may be outside Indonesia).
- Other users (e.g., sellers to buyers) where necessary to complete transactions.
- Regulators, government agencies, or law enforcement when required by law.
- Business partners in connection with promotions or collaborations.
- Third parties in case of mergers, acquisitions, restructuring, or financing.
- Insurance providers for claims processing.
We do not sell or rent your personal data.
Protection of Personal Data
To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as minimised collection of personal data, authentication and access controls (such as good password practices, need-to basis for data disclosure, etc.).
You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
Data Transfers & Storage
Our main data warehouse is located in Indonesia through Amazon Web Services to provide cloud-based data storage services. These services provide durable and advanced secure solutions for storing and managing your JAVAN related data. We ensure that cross-border data transfers comply with applicable legal safeguards.
Data Retention
We retain your data as long as necessary to provide services, comply with laws, fulfill business needs, and protect our rights. Data may be anonymised or deleted when it is no longer required.
• In Singapore: Data is retained for as long as there is a business or legal purpose.
• In Indonesia: Data is retained for the statutory minimum retention period and may be deleted upon request when permissible.
• In Singapore: Data is retained for as long as there is a business or legal purpose.
• In Indonesia: Data is retained for the statutory minimum retention period and may be deleted upon request when permissible.
Withdrawing Consent and Accessing Data
If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer/ Data Controller at the contact details provided below.
• If you are residing in Singapore: Withdrawal of consent may affect your ability to continue using our services. We will explain the consequences before finalising your withdrawal.
• If you are a citizen of Indonesia or residing in Indonesia: You may exercise your rights to withdraw consent, and request correction or deletion of your data, in accordance with applicable Indonesian data protection regulations.
• If you are residing in Singapore: Withdrawal of consent may affect your ability to continue using our services. We will explain the consequences before finalising your withdrawal.
• If you are a citizen of Indonesia or residing in Indonesia: You may exercise your rights to withdraw consent, and request correction or deletion of your data, in accordance with applicable Indonesian data protection regulations.
Your Rights
Depending on your jurisdiction, you may have the right to:
- Access, correct, or delete your personal data.
- Withdraw consent to processing.
- Request information about how your data is used and shared.
- File a complaint with the relevant data protection authority.
• If you are residing in Singapore: You can withdraw consent at any time, by giving us one month notice (reasonable notice as prescribed by the Personal Data Protection Act (PDPA)). We will then stop collecting, using or disclosing your personal data. However, Firebird Ventures may keep your data for as long as there is a business or legal necessity.
• If you are a citizen of Indonesia or residing in Indonesia: You can withdraw consent for the processing of your personal data at any time. We will delete your data and uphold your rights under Law No. 27 of 2022 on Personal Data Protection Law (PDP Law). You have the right to object to certain processing of information (however this may limit our ability to provide our services to you), and you have the right to file complaints with us and/or the Indonesian Personal Data Protection Authority (Badan Siber Sandi Negara).
- Access, correct, or delete your personal data.
- Withdraw consent to processing.
- Request information about how your data is used and shared.
- File a complaint with the relevant data protection authority.
• If you are residing in Singapore: You can withdraw consent at any time, by giving us one month notice (reasonable notice as prescribed by the Personal Data Protection Act (PDPA)). We will then stop collecting, using or disclosing your personal data. However, Firebird Ventures may keep your data for as long as there is a business or legal necessity.
• If you are a citizen of Indonesia or residing in Indonesia: You can withdraw consent for the processing of your personal data at any time. We will delete your data and uphold your rights under Law No. 27 of 2022 on Personal Data Protection Law (PDP Law). You have the right to object to certain processing of information (however this may limit our ability to provide our services to you), and you have the right to file complaints with us and/or the Indonesian Personal Data Protection Authority (Badan Siber Sandi Negara).
Security and Data Breach
We use reasonable security measures (as well as measures implemented by AWS) to protect your data against unauthorised access, alteration, disclosure, or destruction. However, no system is completely secure. You are responsible for safeguarding your account credentials. In the event of a data breach, we will
1. Contain the data beach to prevent further compromise of personal data.
2. Assess the breach by gathering all the facts including those affected customers and take action to remediate any risk of harm
3. Notify affected customers and the Indonesian PDP Agency (Badan Siber Sandi Negara) and IMDA in Singapore
4. Review the incident and consider what action needs to be taken to prevent a similar recurrence.
1. Contain the data beach to prevent further compromise of personal data.
2. Assess the breach by gathering all the facts including those affected customers and take action to remediate any risk of harm
3. Notify affected customers and the Indonesian PDP Agency (Badan Siber Sandi Negara) and IMDA in Singapore
4. Review the incident and consider what action needs to be taken to prevent a similar recurrence.
Marketing & Communications
We may send you promotional messages, surveys, and offers. You may opt out at any time by contacting us.
Children & Minors
Our services are not intended for users under 18. If you are under 18, parental or guardian involvement, supervision and consent is required. If consent is not obtained, you must stop using our services.
Data Protection Officer / Data Controller
You may contact our Data Protection Officer/Data Controller if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request or complaint, in the following manner:
Email : admin@javan.com
DPO/ Data Controller : Mr. S. Straton
Email : admin@javan.com
DPO/ Data Controller : Mr. S. Straton
Updates to this Policy
We may revise this Privacy and Personal Data Protection Policy to reflect changes in our practices or applicable laws. Updated versions will be published on our website with a new "Last Updated" date.
Further Information
If you have any other questions, requests, or complaints about this Privacy and Personal Data Protection Policy, please contact us at: admin@javan.com.
Changing the way Indonesians trade second-hand motorbikes. Fast, safe, and trusted.
© 2025 JAVAN. All rights reserved.