top of page

Privacy Policy

Your privacy is important to us

In this policy, “we”, “us”, “our” or “HMRP” means Hutauruk Mirdiyan Roem And Partners (HMRP Attorney at Law), “you”, “your” or “yours” means the persons to whom this policy applies and “HMRP Group” means HMRP Attorney at Law., its related corporations, and affiliates.

The security of your personal data is important to us. HMRP has in place safeguards to protect the personal data stored with us. This policy describes how we may collect, use, disclose, process and manage your personal data.

This policy applies to any individual’s personal data which is in our possession or under our control.

What personal data we collect

“Personal data” is data that can be used to identify a natural person. Some examples of personal data that we may collect are:

  1. personal particulars (e.g. name, contact details, residential address, date of birth, identity card/passport details, and/or education details);

  2. specimen signature(s);

  3. financial details (e.g. income, expenses, and/or credit history);

  4. images and voice recordings of our conversations with you;

  5. employment details (e.g. occupation, directorships and other positions held, employment history, salary, and/or benefits);

  6. tax and insurance information;

  7. information about your risk profile, investments, investment objectives, knowledge and experience and/or business interests and assets;

  8. banking information (e.g. account numbers and banking transactions); and/or

  9. personal opinions made known to us (e.g. feedback or responses to surveys);

Usage of your personal data

We may use your personal data for our core business purposes, such as:

  1. developing and providing products or services (whether made available by us or through us), including but not limited to:

    1. carrying out research, planning and statistical analysis; or

    2. analytics for the purposes of developing or improving our products, services, security, service quality, and advertising strategies;

  2. assessing and processing applications, instructions or requests from you or our customers;

  3. communicating with you, including providing you with updates on changes to publication and services (whether made available by us or through us) including any additions, expansions, suspensions and replacements of or to such products and services and their terms and conditions;

  4. managing our infrastructure and business operations and complying with internal policies and procedures;

  5. responding to queries or feedback;

  6. addressing or investigating any complaints, claims or disputes;

  7. verifying your identity for the purposes of providing products or services;

  8. conducting screenings or due diligence checks as may be required under applicable law, regulation or directive;

  9. complying with all applicable laws, regulations, rules, directives, orders, instructions and requests from any local or foreign authorities, including regulatory, governmental, tax and law enforcement authorities or other authorities;

  10. enforcing obligations owed to us;

  11. monitoring products and services provided by or made available through us;

  12. complying with obligations and requirements imposed by us from time to time by any credit bureau or credit information sharing services of which we are a member or subscriber;

  13. financial reporting, regulatory reporting, management reporting, risk management, audit and record keeping purposes;

  14. enabling any actual or proposed assignee or transferee, participant or sub-participant of HMRP’s rights or obligations to evaluate any proposed transaction;

  15. enforcing obligations owed to us; and/or

  16. seeking professional advice, including legal advice.


We may also use personal data for purposes set out in the terms and conditions that govern our relationship with you or our clients.

Use of personal data for marketing purposes

We may use your personal data to offer you products or services, including special offers, promotions, contests or entitlements that may be of interest to you or for which you may be eligible. Such marketing messages may be sent to you in various modes including but not limited to electronic mail, direct mailers, short message service, telephone calls, facsimile and other mobile messaging services. In doing so, we will comply with the Indonesia Bar Association / Indonesia Financial Services Authority and other applicable data protection and privacy laws.

In respect of sending telemarketing messages to your Indonesia telephone number via short message service, telephone calls, facsimile and other mobile messaging services, please be assured that we shall only do so if we have your clear and unambiguous consent in writing or other recorded form to do so or if you have not otherwise made the appropriate registration of that number with the Do Not Call Registry.


You may at any time request that we stop contacting you for marketing purposes via selected or all modes.

To find out more on how you can change the way we use your personal data for marketing purposes, please contact us (please see the “How to contact us” section below).


Nothing in this section shall vary or supercede the terms and conditions that govern our relationship with you.

Disclosure and sharing of personal data

We may from time to time and in compliance with all applicable laws on data privacy, disclose your personal data to any personnel of HMRP Group or to third parties, whether located in Indonesia or elsewhere, in order to carry out the purposes set out above. Please be assured that when we disclose your personal data to such parties, we require them to ensure that any personal data disclosed to them are kept confidential and secure.

For more information about the third parties with whom we share your personal data, you may, where appropriate, wish to refer to the agreement(s) and/or terms and conditions that govern our relationship with you or our customer. You may also contact us for more information (please see the “How to contact us” section below).

We wish to emphasise that HMRP does not sell personal data to any third parties and we shall remain fully compliant of any duty or obligation of confidentiality imposed on us under the applicable agreement(s) and/or terms and conditions that govern our relationship with you or our customer or any applicable law.

We may transfer, store, process and/or deal with your personal data outside Indonesia. In doing so, we will comply with the Indonesia Bar Association / Indonesia Financial Services Authority and other applicable data protection and privacy laws.

Cookies and related technologies

Our web sites and mobile applications (“apps” or an “app”) use cookies. A cookie is a small text file placed on your computer or mobile device when you visit a web site or use an app. Cookies collect information about users and their visit to the web site or use of the app, such as their Internet protocol (IP) address, how they arrived at the web site (for example, through a search engine or a link from another web site) and how they navigate within the web site or app. We use cookies and other technologies to facilitate your internet sessions and use of our apps, offer you products and/or services according to your preferred settings, track use of our web sites and apps and to compile statistics about activities carried out on our web sites and/or through our apps.

A pixel tag, also known as a web beacon, is an invisible tag placed on certain pages of our web site but not on your computer. Pixel tags are usually used in conjunction with cookies and are used to monitor the behaviour of users visiting the web site.

You may set up your web browser to block cookies which will in turn disable the pixel tags from monitoring your web site visit. You may also remove cookies stored from your computer or mobile device. However, if you do block cookies and pixel tags, you may not be able to use certain features and functions of our web sites.

Other web sites

Our web sites may contain links to other web sites which are not maintained by HMRP. This privacy policy only applies to the web sites of HMRP. When visiting these third party web sites, you should read their privacy policies which will apply to your use of the web sites.

Retention of personal data

Your personal data is retained as long as the purpose for which it was collected remains and until it is no longer necessary for any other legal or business purposes.

Access and correction

You may request access or make corrections to your personal data held by HMRP. HMRP may charge a fee for processing your request for access. Such a fee depends on the nature and complexity of your access request. We will inform you of the fee beforehand and take your further instructions before it is charged to you.


Please contact us (please see the “How to contact us” section below) for details on how you may request such access or corrections.

How to contact us

To contact us on any aspect of this policy or your personal data or to provide any feedback that you may have, please visit our office or get in touch with our customer centre officer in the following ways:


If you are our client or a non-client, you may contact our email at

Amendments and updates of HMRP Privacy Policy

We may amend this policy from time to time to ensure that this policy is consistent with any developments to the way HMRP uses your personal data or any changes to the laws and regulations applicable to HMRP. We will make available the updated policy on our web site ( and at our branches in Indonesia. All communications, transactions and dealings with us shall be subject to the latest version of this policy in force at the time.

bottom of page