GDPR

GDPR Compliance Statement

Last Updated: May 2026

At CantikSenja.com, we are fully committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. This page outlines our adherence to the General Data Protection Regulation (GDPR) applicable to users accessing our platform from the European Economic Area (EEA) and the United Kingdom.

1. Data Controller

CantikSenja.com acts as the Data Controller for the personal data collected from users on this website. This means we determine the purposes and means of processing your personal data.

2. Legal Basis for Processing Personal Data

Under the GDPR, we must have a lawful basis to process your personal data. We rely on the following bases:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose (e.g., subscribing to a newsletter or accepting analytics cookies).
  • Legitimate Interests: The processing is necessary for our legitimate interests (such as improving our cross-cultural content, securing our website, or measuring traffic), provided those interests are not overridden by your fundamental rights and freedoms.
  • Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject.

3. International Data Transfers

Because CantikSenja.com connects a global audience, your personal data (such as IP addresses or email addresses) may be transferred to, and processed in, countries outside of the European Economic Area (EEA), including Indonesia or servers located in the United States. When we transfer your data outside the EEA, we ensure an appropriate level of protection is provided by utilizing Standard Contractual Clauses (SCCs) approved by the European Commission, or by ensuring the destination country has been deemed to provide an adequate level of data protection.

4. Your Data Protection Rights

If you are a resident of the EEA or UK, you have the following data protection rights under the GDPR:

  • The Right to Access: You have the right to request copies of your personal data.
  • The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • The Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data, under certain conditions.
  • The Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • The Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions (e.g., for direct marketing purposes).
  • The Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

5. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this GDPR Compliance Statement and our general Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

6. Automated Decision-Making and Profiling

We do not use your personal data for automated decision-making that produces legal effects concerning you or similarly significantly affects you. Any analytics tools or automated scheduling services we use are strictly for understanding broad audience trends and delivering content consistently, not for individual profiling.

7. How to Exercise Your Rights

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us :

visit our Contact Us page.

If you feel that we have not addressed your concerns satisfactorily, you have the right to lodge a complaint with a Data Protection Authority (DPA) in your country of residence within the EEA.