Privacy Policy

1. Data Controller
PT Tiefenrausch Bali Divecenter
Jl. I Ketut Natih, Purwakerti, Kec. Abang, Kabupaten Karangasem
Bali 80852, Indonesia
Email: info@tiefenrauschbali.com | Tel: +62 859 2044 0011

2. Purpose and Legal Basis
We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Indonesian Law UU No. 27/2022 (UU PDP).

• Contractual Necessity (Art. 6(1)(b) GDPR): For bookings and providing diving services.

• Consent (Art. 6(1)(a) GDPR): For inquiries or marketing communications.

• Health Data (Art. 9(2)(a) GDPR): Processing of medical self-assessments is strictly based on your explicit consent to ensure diving safety.

3. Website Data Collection

• Server Logs: IP address, browser type, and timestamps are stored for 7 days for security purposes.

• Cookies: Necessary cookies are used for website functionality. Analytical cookies (e.g., Google Analytics) require your prior consent.

4. Diving-Specific Data
We collect certification data (PADI/SSI/SDI etc.) and insurance details. Medical forms are kept strictly confidential and stored according to industry standards (usually 7 years) for liability and insurance purposes.

5. Data Disclosure and International Transfers
Data is only shared with third parties:

• To issue certifications via diving federations (e.g., PADI, SSI).

• To comply with Indonesian law (e.g., Police, Marine Park authorities).

• In medical emergencies (Art. 6(1)(d) GDPR – vital interests).

• Note: By using our services, you acknowledge and consent to the transfer of your data to Indonesia.

6. Your Rights
You have the right to access, rectify, delete ("right to be forgotten"), and restrict the processing of your data. You may withdraw your consent at any time with future effect.