Privacy Policy

Last Updated: April 2026

Identity of Data Controller and Contact Information

ETFLIN, operating as a journal publisher and software company, acts as the data controller for the personal information collected through its services. The organization is officially headquartered at Baliase Office, Jalan Mutiara, Block P No. 21, Kelurahan Baliase, Kecamatan Marawola, Kota Sigi 94222, Indonesia.

ETFLIN is fully committed to protecting your personal data in strict accordance with the laws of the Republic of Indonesia and global data protection standards. All correspondence regarding data privacy may be directed to our dedicated Data Privacy Officer via email at halo@etflin.com or via WhatsApp at +62 822 1633 5184.

Our privacy officer ensures that all data processing activities remain compliant with the regulations set forth by the Ministry of Communication and Information Technology (Kominfo).

Categories of Collected Information

Information is collected through two primary mechanisms: voluntary provision and automated collection. Voluntarily provided data includes account information such as name, email address, password, institutional affiliation, and areas of expertise. For billing purposes, we collect physical addresses and VAT/Tax IDs, although all payment transactions are handled exclusively by secure third-party service providers.

Intellectual contributions, including manuscripts, peer reviews, and editorial comments, are also recorded as part of the formal academic record.

Automatically, our systems collect technical data including IP addresses, browser types, operating systems, time zones, and website interaction clickstream data. ETFLIN does not intentionally collect sensitive personal data, such as health or religious information, unless such data is voluntarily shared as part of a research submission.

Individual Rights and Data Governance

Data subjects are entitled to guaranteed legal rights, including the right to access their personal data, the right to rectification of inaccurate information, and the right to erasure (the right to be forgotten). Furthermore, individuals may withdraw their consent for data processing at any time, request data portability, or place restrictions on specific processing activities.

Regarding data retention, financial records are maintained for seven years to satisfy legal obligations, while marketing data is purged following 24 months of user inactivity. Given the archival nature of scholarly publishing, manuscripts and records of scientific contributions are retained indefinitely to maintain the integrity of the historical scientific record.

Security Protocols and Breach Notification

ETFLIN employs rigorous technical and organizational security measures to prevent unauthorized access or data leakage. Our security protocols include SSL/TLS encryption for all data transmissions, active intrusion detection systems, and a "need-to-know" access policy for internal personnel. In the event of an unforeseen data breach, ETFLIN is committed to providing a formal notification to affected users and relevant authorities within 72 hours of the incident being identified.

International Data Transfers and Governing Law

This privacy policy is governed by and construed in accordance with the laws of the Republic of Indonesia. Any disputes arising from this policy shall be resolved under the jurisdiction of the District Court of Palu.

Acknowledging the global nature of scientific publication, data may be transferred to and processed in locations outside of Indonesia. In such cases, ETFLIN ensures equivalent safeguards, such as the implementation of Standard Contractual Clauses, to maintain cross-border data security in alignment with international standards.