Privacy Policy

This Privacy Policy explains how lvm.rubrika.co.id (“Site”, “we”, “us”, or “our”) collects, uses, discloses, and protects personal information when you visit or use our travel-insurance content, tools, quote forms, and related services (collectively, the “Services”).

Quick summary: We collect limited usage data to operate and improve this Site. If you request a travel-insurance quote or connect with an insurer/broker, we may process the information you provide and share it with relevant providers to deliver the requested service. You control your choices, including cookies, marketing preferences, and legal rights described below.

1) Scope & Who We Are

This Policy applies to personal information processed by the Site in connection with travel-insurance content, tools, quote requests, and referrals.

Controller/Operator: lvm.rubrika.co.id.
Contact: [email protected]
Postal: [Add your business address here]

2) Information We Collect

A. Information you provide directly

Contact & account: name, email, phone.
Travel & quote details (optional): trip dates, destinations, traveler age range, coverage preferences, budget, existing medical conditions (only if you choose to provide for a quote), and other information you submit in forms.
Documents you upload (optional): e.g., policy documents or claims receipts.
Communications: messages you send to us.

B. Information we collect automatically

Usage & device data: IP address, device/browser type, pages viewed, timestamps, referring URLs.
Cookies & similar tech: described in Cookies, Analytics & Ads.

C. Information from third parties

Insurance providers/brokers/aggregators: quote outcomes, eligibility signals, policy information, or referral status if you proceed.
Analytics & advertising partners: aggregated insights and campaign metrics.

Sensitive data: We do not require sensitive data. If you voluntarily provide health-related details for a quote, we process them only to fulfill your request and share them with relevant insurance partners with your direction/consent.

3) How We Use Information

Provide, operate, and improve the Services and Site content.
Process quote requests, referrals, and customer support.
Personalize content and remember preferences.
Measure performance, conduct analytics, and prevent fraud/abuse.
Comply with legal obligations and enforce terms.
Send service messages; send marketing only with your consent (where required) and with opt-out options.

4) Legal Bases (GDPR/UK GDPR)

Contract/steps prior: to process your quote request.
Consent: for optional cookies/marketing and any health-related details you choose to provide.
Legitimate interests: to secure, improve, and analyze our Services (balanced against your rights).
Legal obligation: to meet compliance and record-keeping duties.

5) Disclosures & Categories of Recipients

Insurance ecosystem: licensed insurers, brokers, managing general agents, or aggregators to obtain quotes or policies at your request.
Service providers: hosting, security, analytics, anti-fraud, communications, customer support.
Advertising/affiliate partners: to measure campaigns and attribute referrals (see Cookies).
Authorities: when required by law or to protect rights and safety.
Business transfers: in connection with a merger, acquisition, or sale of assets.

No selling of personal information for money. We do not sell personal information for monetary consideration. Some jurisdictions treat certain ad/analytics disclosures as a “sale” or “share”; see California Notice.

6) Cookies, Analytics & Ads

We use cookies and similar technologies to operate the Site, remember preferences, measure performance, and—if you opt in—support analytics and advertising.

Types of cookies

Strictly necessary: essential for core functionality.
Performance/analytics: traffic, engagement, and diagnostics.
Functional: preferences such as language or region.
Advertising/attribution: to understand campaign effectiveness and prevent fraud.

Your choices

Use our cookie banner/manager to accept, reject, or customize categories (where available).
Most browsers let you block or delete cookies; doing so may impact functionality.
Some third parties offer their own opt-outs (e.g., analytics/ads). Links may be provided in the cookie banner.

7) Data Retention

We keep personal information only as long as necessary for the purposes described above, including to comply with legal obligations, resolve disputes, and enforce agreements. Typical retention ranges from 6–36 months for operational records unless a longer period is required by law or you request deletion (subject to exceptions).

8) Security

We implement administrative, technical, and physical safeguards designed to protect personal information. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

9) International Transfers

Your information may be processed in countries with different data-protection laws. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) and take steps to ensure an adequate level of protection.

10) Children’s Privacy

Our Services are not directed to children under 13 (or the age defined by local law). We do not knowingly collect personal information from children. If you believe a child provided personal information, please contact us and we will take appropriate steps to delete it.

11) Your Privacy Rights

Your rights depend on your location. Subject to exceptions, you may have the right to:

Access, correct, update, or delete personal information.
Object to or restrict certain processing.
Withdraw consent at any time (where we rely on consent).
Portability: receive a copy in a machine-readable format.

How to exercise: email [email protected] with your request and sufficient information to verify your identity and locate your data.

12) California Notice (CCPA/CPRA)

If you are a California resident, you have rights to:

Know categories and specific pieces of personal information we collected, used, disclosed, “sold,” or “shared.”
Request deletion of personal information (subject to exceptions).
Correct inaccurate personal information.
Opt out of “sale”/“sharing” for cross-context behavioral advertising.
Limit use/disclosure of sensitive personal information to what is necessary.
Not receive discriminatory treatment for exercising your rights.

Opt-out: If we engage in activities considered “sale” or “sharing,” you may use a “Do Not Sell or Share My Personal Information” link (when available) or contact us at [email protected].

Categories collected (last 12 months): Identifiers (e.g., contact data, IP), internet activity (usage, device info), geolocation (coarse), inferences (limited for site improvement), and information you submit in quote forms. Disclosures to service providers, insurance partners (at your request), and advertising/analytics partners are for business purposes as described above.

13) Indonesia Personal Data Protection (PDP) Notice

For users in Indonesia, we process personal data in accordance with the Personal Data Protection Law (Law No. 27 of 2022) and its regulations. You may request access, correction, deletion, processing restrictions, withdrawal of consent, and information on processing activities by contacting [email protected]. We will respond within time limits specified by applicable law.

14) Contact, DPO & Complaints

Primary contact: [email protected]

Data Protection Officer (if appointed): [Add DPO name/contact or remove this line]

You may also have the right to lodge a complaint with your local data-protection authority or the Indonesian supervisory authority.

15) Changes to this Policy

We may update this Privacy Policy from time to time. The “Last updated” date above reflects the latest version. If changes materially affect your rights, we will provide additional notice as required by law.