Body Studio Bali<\/strong> \u2014 operated by PT New Beginnings Retreat<\/strong><\/p>\n Effective date: 28 April 2026 Version: 1.0 (English)<\/p>\n This English text is provided for the convenience of international clients. The Bahasa Indonesia version of this Privacy Policy is the legally controlling version in accordance with Law of the Republic of Indonesia No. 24 of 2009 (UU 24\/2009). In case of any inconsistency between the two versions, the Bahasa Indonesia version prevails.<\/p><\/blockquote>\n The Data Controller for personal data processed in connection with bodystudiobali.com<\/strong> and the services offered at the premises of Body Studio Bali is:<\/p>\n PT New Beginnings Retreat<\/strong>, trading as Body Studio Bali Uluwatu St No.184, Ungasan, South Kuta, Badung Regency, Kuta Selatan, 80361, Bali, Indonesia Email: info@bodystudiobali.com WhatsApp: +62 822-2160-0336 Indonesian business classification: SPA \/ Salon Kecantikan (KBLI). Registration details available on request.<\/p><\/blockquote>\n Questions about this Privacy Policy or about your data can be sent to info@bodystudiobali.com<\/strong>.<\/p>\n This Privacy Policy applies to:<\/p>\n We process personal data in accordance with:<\/p>\n We collect and process the following categories of personal data, depending on how you interact with us.<\/p>\n When you complete the Health Intake & Informed Consent Form<\/strong>, you disclose health-related information including: medical conditions, current medications, pregnancy status, surgical history, implants and medical devices, allergies, and any other health information relevant to the service you are about to receive.<\/p>\n Under Indonesian PDP Law, health data is specific personal data<\/strong> (“data pribadi yang bersifat spesifik”) and under GDPR it is a special category of personal data<\/strong>. We process it on a strict need-to-know basis (Section 5).<\/p>\n If you apply for a job with us through our website or by other means, we collect: name, age, marital status, email, phone, education, previous workplaces, area of residence, and any photo \/ CV you submit. This data is processed by our bsb-applications<\/strong> plugin and stored in our Supabase database (Section 7).<\/p>\n When you visit bodystudiobali.com we may collect:<\/p>\n We collect personal data:<\/p>\n We do not<\/strong> sell your personal data, and we do not<\/strong> use it for automated decision-making with legal or similarly significant effects on you.<\/p>\n We share personal data only with the recipients listed below, on a need-to-know basis and under appropriate confidentiality and data-processing arrangements.<\/p>\n We do not<\/strong> disclose your data to advertisers, brokers, or other third parties for their own marketing purposes.<\/p>\n Some of our processors are based outside Indonesia. In particular, Supabase, Inc.<\/strong> (and the cloud infrastructure on which it relies) processes data outside Indonesia. Where personal data is transferred outside Indonesia, we apply the safeguards required by Article 56 of UU PDP<\/strong> and, for clients to whom GDPR applies, the safeguards required by Chapter V of GDPR<\/strong> (such as adequacy decisions, standard contractual clauses, or your explicit informed consent for the specific transfer).<\/p>\n You may request more information about the transfer mechanism applicable to your data by writing to info@bodystudiobali.com.<\/p>\n We retain personal data only for as long as necessary for the purposes for which it was collected, and as required by applicable law:<\/p>\n After the applicable retention period, we securely delete or anonymise your data.<\/p>\n bodystudiobali.com uses cookies and similar technologies to:<\/p>\n Essential cookies are set automatically. Non-essential cookies (analytics, social-media embeds) are only set with your consent<\/strong> through our cookie banner. You can change or withdraw your consent at any time via the cookie banner or your browser settings. Blocking essential cookies may affect the functionality of the website.<\/p>\n A more detailed Cookie Notice may be published in due course; until then, this Section sets out our cookie practice.<\/p>\n Subject to the conditions and limitations in UU PDP and, where it applies, GDPR, you have the right to:<\/p>\n To exercise any of these rights, write to info@bodystudiobali.com<\/strong>. We will respond within 30 (thirty) days and may ask you to verify your identity before we act on your request.<\/p>\n We apply reasonable organisational and technical safeguards to protect personal data against unauthorised access, loss, alteration, or disclosure. These include access controls (only authorised staff can access intake forms and booking data), secure storage of paper forms, encryption in transit for online communication, application passwords for our WordPress administration, and role-based access to our Supabase database.<\/p>\n No system is perfectly secure. If we become aware of a personal-data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the competent authority as required by UU PDP and (where applicable) GDPR.<\/p>\n Our services are not directed at children under 13. Clients between 13 and 18 are minors under our Terms of Use; their data is processed only with parental \/ guardian consent (Section 9 of the Terms of Use).<\/p>\n We may update this Privacy Policy from time to time. The current version is the version published at bodystudiobali.com\/privacy-policy\/. For material changes, we will notify you at your next booking confirmation or by email.<\/p>\n This Privacy Policy is governed by the laws of the Republic of Indonesia. It is issued in English and in Bahasa Indonesia; the Bahasa Indonesia version is the legally controlling version<\/strong> in accordance with UU 24\/2009. The English version is provided for the convenience of international clients only.<\/p>\n PT New Beginnings Retreat \u2014 Body Studio Bali<\/strong> Uluwatu St No.184, Ungasan, South Kuta, Badung Regency, 80361, Bali, Indonesia Email: info@bodystudiobali.com WhatsApp: +62 822-2160-0336<\/p><\/blockquote>\n End of Privacy Policy.<\/em><\/p>","protected":false},"excerpt":{"rendered":" Privacy Policy Body Studio Bali \u2014 operated by PT New Beginnings Retreat Effective date: 28 April 2026 Version: 1.0 (English) This English text is provided for the convenience of international clients. The Bahasa Indonesia version of this Privacy Policy is the legally controlling version in accordance with Law of the Republic of Indonesia No. 24 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"class_list":["post-3","page","type-page","status-publish","hentry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/bodystudiobali.com\/nl\/wp-json\/wp\/v2\/pages\/3","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bodystudiobali.com\/nl\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/bodystudiobali.com\/nl\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/bodystudiobali.com\/nl\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bodystudiobali.com\/nl\/wp-json\/wp\/v2\/comments?post=3"}],"version-history":[{"count":2,"href":"https:\/\/bodystudiobali.com\/nl\/wp-json\/wp\/v2\/pages\/3\/revisions"}],"predecessor-version":[{"id":2575,"href":"https:\/\/bodystudiobali.com\/nl\/wp-json\/wp\/v2\/pages\/3\/revisions\/2575"}],"wp:attachment":[{"href":"https:\/\/bodystudiobali.com\/nl\/wp-json\/wp\/v2\/media?parent=3"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n1. Who we are (Data Controller)<\/h2>\n
2. Scope and applicable law<\/h2>\n
\n
\n
3. Categories of personal data we collect<\/h2>\n
3.1 Identification and contact data<\/h3>\n
\n
3.2 Booking, transaction, and service-history data<\/h3>\n
\n
3.3 Health data (sensitive \/ specific category)<\/h3>\n
3.4 Photographs and audio-visual data<\/h3>\n
\n
3.5 Recruitment \/ job-application data<\/h3>\n
3.6 Website usage data<\/h3>\n
\n
3.7 Communication data<\/h3>\n
\n
4. How we collect personal data<\/h2>\n
\n
5. Why we process your data (purposes and legal basis)<\/h2>\n
\n\n
\n \nPurpose<\/th>\n Categories used<\/th>\n Legal basis (UU PDP \/ GDPR)<\/th>\n<\/tr>\n<\/thead>\n \n Confirming and delivering a booking<\/td>\n identification, contact, booking, health<\/td>\n performance of a contract (Art. 20(2)(b) UU PDP \/ Art. 6(1)(b) GDPR)<\/td>\n<\/tr>\n \n Pre-service health screening (Intake form)<\/td>\n identification, health<\/td>\n client’s explicit consent on the Intake & Consent Form (Art. 20(2)(a) UU PDP \/ Art. 9(2)(a) GDPR)<\/td>\n<\/tr>\n \n Issuing receipts, processing payments, and complying with tax \/ accounting law<\/td>\n identification, transaction<\/td>\n legal obligation (Art. 20(2)(c) UU PDP \/ Art. 6(1)(c) GDPR)<\/td>\n<\/tr>\n \n Communicating with you about appointments, vouchers, and packages<\/td>\n identification, contact, booking<\/td>\n performance of a contract \/ our legitimate interest in operational communication<\/td>\n<\/tr>\n \n Marketing communications (only if you have opted in)<\/td>\n identification, contact<\/td>\n your consent (Art. 20(2)(a) UU PDP \/ Art. 6(1)(a) GDPR), withdrawable at any time<\/td>\n<\/tr>\n \n Publishing “before \/ after” photographs<\/td>\n photographs<\/td>\n your written, opt-in consent on the Intake & Consent Form, withdrawable at any time<\/td>\n<\/tr>\n \n Processing job applications<\/td>\n recruitment data<\/td>\n steps to enter into an employment contract \/ your consent<\/td>\n<\/tr>\n \n Operating, securing, and improving our website<\/td>\n usage data, cookies<\/td>\n our legitimate interest in operating a functional website (subject to consent for non-essential cookies \u2014 Section 9)<\/td>\n<\/tr>\n \n Defending or pursuing legal claims<\/td>\n as relevant<\/td>\n legitimate interest \/ establishment, exercise, or defence of legal claims<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n 6. Data sharing (recipients)<\/h2>\n
\n
7. International transfers<\/h2>\n
8. Retention<\/h2>\n
\n
9. Cookies and similar technologies<\/h2>\n
\n
10. Your rights<\/h2>\n
\n
11. How we keep your data secure<\/h2>\n
12. Children<\/h2>\n
13. Changes to this Privacy Policy<\/h2>\n
14. Governing law and language precedence<\/h2>\n
15. Contact<\/h2>\n
\n