Privacy Policy
Effective Date: July 15, 2026
1. Introduction
Bali Day (“we,” “our,” or “us”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website bali.day, including our booking platform for tours, activities, and transfers in Bali, Indonesia.
2. Information We Collect
Personal Data: Name, email address, phone number, billing address, passport/national ID (for transfers), and payment information.
Booking Data: Pickup/dropoff locations, dates, times, vehicle preferences, special requests, and passenger details.
Technical Data: IP address, browser type, device information, cookies, and usage analytics.
Location Data: Your pickup location and travel routes within Bali (via Google Maps).
3. How We Use Your Information
- To process and manage your bookings for tours, activities, and transfers
- To communicate with you about your bookings, including confirmations and changes
- To provide customer support
- To improve our services and website experience
- To comply with legal obligations under Indonesian law
- To send promotional communications (only with your consent)
4. Legal Basis (GDPR & UU PDP)
We process your data based on: (a) your consent, (b) performance of a contract (booking), (c) legal obligations under Indonesian UU PDP No. 27/2022, and (d) legitimate business interests.
5. Data Sharing
We share your data only with:
- Service providers: Payment gateways, Google Maps, email delivery services
- Transport partners: Driver/operator details needed for your transfer or tour
- Legal authorities: When required by Indonesian law
We do not sell your personal data to third parties.
6. Data Retention
We retain your personal data for as long as necessary to provide our services and comply with legal obligations (typically 5 years per Indonesian tax law). Booking records are kept for 3 years after the service date.
7. Your Rights (UU PDP)
Under Indonesia’s Personal Data Protection Law (UU No. 27/2022), you have the right to:
- Access your personal data
- Correct inaccurate data
- Delete your data (subject to legal retention requirements)
- Restrict processing
- Data portability
- Withdraw consent at any time
- Lodge a complaint with Kominfo
8. Data Security
We implement HTTPS encryption, firewalls, access controls, and regular security audits to protect your data. However, no method of transmission over the Internet is 100% secure.
9. International Data Transfers
Your data may be processed on servers located outside Indonesia (e.g., Germany, United States). We ensure appropriate safeguards are in place via Standard Contractual Clauses.
10. Cookies
We use cookies for: essential site functionality, analytics (Google Analytics), and personalization. You can manage cookie preferences through your browser settings. Third-party cookies from Google Maps and payment gateways are governed by their respective privacy policies.
11. Children’s Privacy
Our services are not directed to children under 18. We do not knowingly collect data from minors.
12. PSE Registration
This platform is registered as an Electronic System Operator (PSE) with the Ministry of Communication and Informatics of the Republic of Indonesia (Kominfo) in accordance with Government Regulation No. 71/2019.
13. Data Protection Officer
For any privacy-related inquiries, please contact our Data Protection Officer:
Email: privacy@bali.day
14. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date.
15. Governing Law
This Privacy Policy is governed by the laws of the Republic of Indonesia.
