Privacy Policy

Monetin ("we", "our", "Service") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our social media automation services.

1. Information We Collect

1.1 Information You Provide

When you register and use our Service, we collect:

• Account Information:
  • Full name
  • Email address
  • WhatsApp number
  • Telegram username (optional for notifications)
  • Password (hashed using bcrypt)
• Social Media Credentials:
  • X/Twitter username
  • X/Twitter password (encrypted using AES-256)
  • X/Twitter session cookies (for automated authentication)
  • Authentication tokens (if using OAuth)
• Payment Information:
  • Transaction history (transaction ID, amount, date)
  • Selected subscription package
  • Payment status (active, expired, pending)
  • Note: Credit card information is processed by Midtrans and NOT stored on our servers
• Terms and Conditions Acceptance:
  • ToS acceptance time (timestamp)
  • IP address at time of acceptance (for legal audit)

1.2 Information Collected Automatically

When you use the Service, we automatically collect:

• Technical Information:
  • IP address
  • Browser type and version
  • Operating system
  • Referrer URL (where you came from)
  • Access time and timezone
• Service Usage Data:
  • Bot activity (number of follows, likes, replies performed)
  • Bot job status (running, completed, error)
  • Error logs and bug reports
  • Dashboard feature usage patterns
• Cookies and Tracking Technologies:
  • Session cookies for authentication
  • Preference cookies (language settings, theme)
  • Analytics cookies (if implemented)

1.3 Information from Third Parties

We may receive information from:

• Midtrans: Payment confirmation, transaction status
• X/Twitter: Public profile information, engagement statistics (via API or scraping)
• Telegram: Chat ID for notifications

2. How We Use Your Information

2.1 Primary Purposes

We use your information to:

• Provide the Service:
  • Run automation bots on your behalf
  • Manage linked X/Twitter accounts
  • Process authentication and authorization
  • Send Telegram notifications about bot activities
• Manage Your Account:
  • Create and maintain your user account
  • Process payments and subscriptions
  • Provide customer support
  • Verify your identity (via WhatsApp OTP)
• Improve the Service:
  • Analyze usage patterns for optimization
  • Identify and fix bugs
  • Develop new features
  • Conduct product research and development
• Communications:
  • Send transaction confirmation emails
  • Notify you of service changes
  • Send important updates regarding your account
  • Respond to customer support inquiries
• Security and Compliance:
  • Prevent fraud and abuse
  • Enforce our Terms and Conditions
  • Comply with legal obligations
  • Protect our rights, property, or safety and that of other users

2.2 Legal Basis for Processing

We process your personal data based on:

• Consent: You provide explicit consent when registering
• Contract Performance: Necessary to provide the Service you requested
• Legitimate Interests: To improve services and prevent fraud
• Legal Obligation: To comply with Indonesian law and related regulations

3. Sharing Information with Third Parties

3.1 Service Providers

We share your information with third-party service providers who help us operate the Service:

• Midtrans: Payment processing (receives name, email, payment amount)
• Telegram: Notification service (receives your chat ID and notification messages)
• Hosting Providers: Data storage and server infrastructure
• Email Services: For sending transactional and support emails

3.2 Social Media Platforms

To operate automation bots, we interact with:

• X/Twitter: Using your credentials to perform automated actions (follow, like, reply)
• Important Note: These interactions occur on your behalf. X/Twitter can see these activities and associate them with your account.

3.3 Legal Obligations

We may disclose your information if required by law or in response to valid legal process, including:

• Court orders or subpoenas
• Law enforcement requests
• To protect our rights, property, or safety or that of others
• To enforce our agreements

3.4 Business Transfers

If Monetin is involved in a merger, acquisition, or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different Privacy Policy.

3.5 No Data Sales

We DO NOT sell, rent, or trade your personal information to third parties for marketing purposes.

4. Data Security

4.1 Technical Security Measures

We implement industry-standard security measures to protect your data:

• Data Encryption:
  • X/Twitter credentials encrypted using AES-256
  • Passwords hashed using bcrypt with salt
  • Communication protected with HTTPS/TLS
• Access Controls:
  • Limited access to employees who need it
  • Multi-factor authentication for admin access
  • Audit logs for all sensitive data access
• Security Infrastructure:
  • Firewalls and intrusion detection systems
  • Regular security updates
  • Regular data backups
  • 24/7 monitoring for suspicious activity

4.2 Security Limitations

While we take reasonable steps to protect your data, no system is 100% secure. You acknowledge that:

• Data transmission over the internet has inherent security risks
• We cannot guarantee absolute security
• Security breaches can occur despite best efforts

4.3 Your Responsibility

You are responsible for:

• Maintaining the confidentiality of your account password
• Not sharing your login credentials
• Immediately notifying us if you suspect unauthorized access
• Using strong and unique passwords

5. Data Storage and Retention

5.1 Storage Location

Your data is stored on servers located in:

• Indonesia (primary servers)
• Backups may be stored in other geographic locations for security and redundancy

5.2 How Long We Retain Your Data

We retain your information for:

• While your account is active: All your data is retained to operate the Service
• After you delete your account: Data deleted within 30 days, except:
  • Transaction history: Retained for 7 years (Indonesian tax obligation)
  • ToS acceptance logs: Retained for 7 years (legal protection)
  • Data required for legal obligations or dispute resolution
• Anonymous/aggregated data: May be retained indefinitely for analytics

6. Your Rights

6.1 Access and Portability Rights

You have the right to:

• Access: Request a copy of the personal data we hold about you
• Portability: Receive your data in a machine-readable format (JSON/CSV)

To request your data, contact support@monetin.id with subject "Personal Data Request".

6.2 Correction Rights

You can update your personal information at any time through:

• Your account dashboard (for name, email, Telegram)
• Contacting customer support for other changes

6.3 Deletion Rights ("Right to be Forgotten")

You can request deletion of your personal data by:

• Closing your account through the dashboard
• Sending an email to support@monetin.id

Exceptions: We may retain certain data if required by law (e.g., transaction history for taxes).

6.4 Processing Restriction Rights

You can request that we limit processing of your data in certain circumstances, such as:

• When you contest the accuracy of the data
• When processing is unlawful but you don't want data deletion

6.5 Objection Rights

You can object to:

• Marketing emails (click "unsubscribe" in any email)
• Telegram notifications (disable in settings)
• Non-essential cookies (configure your browser)

6.6 Right to File Complaints

If you believe we have violated your privacy, you can:

• Contact us at support@monetin.id
• File a complaint with Indonesian data protection authorities (if applicable)

7. Cookies and Tracking Technologies

7.1 Types of Cookies We Use

• Essential Cookies:
  • Session cookies for authentication (expires after logout)
  • CSRF tokens for security
  • These cookies are necessary for basic Service functionality
• Preference Cookies:
  • Language settings
  • Theme preferences (light/dark)
  • Dashboard settings
• Analytics Cookies (if implemented):
  • Google Analytics or privacy-focused alternatives
  • Aggregated/anonymous data only

7.2 Managing Cookies

You can control cookies through your browser settings. However, disabling essential cookies may affect Service functionality.

8. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and aware that your child has provided us with personal information, please contact us to have it removed.

9. International Data Transfers

Your data may be transferred to and processed in countries other than Indonesia, particularly if we use international service providers. We ensure such transfers are protected by adequate safeguards in accordance with applicable data protection laws.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will:

• Update the "Last Updated" date at the top
• Post a notice on our website
• Send an email if changes significantly affect your rights

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

• Email: support@monetin.id
• Telegram: @monetin_support
• Address: [Office Address - to be determined]

We will strive to respond to your request within 30 business days.

12. Your Consent

By using our Service, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described herein.