Link Net Policy


PT Link Net Tbk (“Link Net”) is running business in the high-speed broadband internet service provider business in Indonesia, and also enters into cooperation with PT First Media Television as paid television service provider.

Link Net is committed to apply the standard-based Integrated Management System standard ISO 37001:2016 for the provision of data provider and tv cable internet service for Business Process Improvement function in office center, ISO standard 20400:2017 for non-project goods and service procurement on provision of management standardization, ISO 9001:2015 for provision of internet data provider and cable TV services, ISO standard 20000-1:2018 for IT & Services Service Management System in providing Subscribers Management System Service in Link Net, ISO standard 27001:2013 for Operational Data Center to support the Subscribers Management System Service, and ISO standard 14001:2015 for the provision of internet data and cable TV services, ISO standard 45001:2018 for the provision of data internet and cable TV services at the head office and PP Number 50 of 2012 for Occupational Health and Safety Management System Standard (SMK3).

The application of Integrated Management System encourages Link Net to fulfill the commitments of:

  1. Providing the corporate governance supporting the achievement of the company’s objective of anti-bribery as well as application the Good Corporate Governance principles;
  2. Applying And developing the Integrated Management System (IMS) in accordance with the applicable provision and standard;
  3. Applying the commitment to fulfil the code of ethics, effective competency professional and development responsibility;
  4. Prohibiting bribery and similar practices within the company;
  5. Aligning anti-bribery policies with the company’s objectives;
  6. Ensuring commitment to fulfill the requirements of the Anti-Bribery Management System;
  7. Encouraging the increase in anti-bribery awareness among the relevant stakeholders;
  8. Carrying out the principle of continuous improvement in the Anti-Bribery Management System;
  9. Giving responsibility, authority and independence to the Anti-Bribery Compliance Function (FKAP);
  10. Giving strict sanctions to violators of the provisions in the Anti-Bribery Management System policy;
  11. Realizing the planning, implementation and evaluation of the process of procurement of goods and services by taking into account the principles of a continuous process;
  12. Providing the best service, high quality and high consistency and environmentally friendly;
  13. Organizing information technology services in an international standard service catalog according to the expectations of service users;
  14. Ensuring information security for data and information security;
  15. Providing an environmentally friendly work environment to preserve the environment and prevent environmental damage or pollution according to the context of the organization;
  16. Providing a work environment that is safe, healthy, mutually respectful, and responsible for preventing work-related accidents and diseases (PAK) and creating a synergistic work environment;
  17. Implementing risk control through measuring goals and corporate programs to realize integrity, procure sustainable goods and services, provide customer satisfaction, provide quality technology services, ensure information security and minimize hazards and reduce risks to occupational health and safety and environmental security;
  18. Complying with applicable laws and regulations related to anti-bribery, procurement related to goods and services, quality, service quality, technology, information security, environmental sustainability and occupational health and safety;
  19. Informing the rules, regulations and policies that apply in the company and accommodating the communication and participation from the related parties;
  20. Regularly conducting the performance monitoring and continuous improvement to keep it relevant and appropriate for the organization.

This policy on application of Integrated Management System applies to the employees and the stakeholders in Link Net environment. This policy is documented, communicated, maintained and reviewed periodically according to the changes that occur in legislation, technology, processes or others to be perfected.



Link Net is committed to protecting the Privacy and data of our Data Subjects with utmost respect and due care. This Data Privacy Policy (referred to as “Policy”) establishes the mandatory requirements of Axiata Group with respect to protection of Personal Data.
This is an overarching Policy and together with relevant underlying Privacy procedures, templates and guidelines provide the breadth and depth needed to meet Axiata Group’s Data Privacy requirements.


Link Net activities and Privacy practices are underpinned by the T.R.U.S.T. principles, which are laid out below:


We are TRANSPARENT about what, why and how we collect and protect YOUR PERSONAL DATA so that YOU can make informed decisions.


We respect YOUR RIGHTS as individuals, so YOU are in control of YOUR PERSONAL DATA.


We USE YOUR PERSONAL DATA for specific and stated purposes and keep it for as long as required only.


We have established robust CYBER SECURITY PRACTICES in line with leading industry standards to protect YOUR PERSONAL DATA that YOU have shared with us.


With YOUR CONSENT or in accordance with APPLICABLE LAWS we may TRANSFER YOUR PERSONAL DATA and will take appropriate steps to ensure it is adequately protected.


This Policy applies to all Stakeholders of Axiata Group, which includes subsidiaries and associated companies that the Group has a controlling stake or ownership. Companies or entities in which Link Net does not have a controlling stake are encouraged to adopt this Policy.

This Policy shall apply to the end-to-end processing of Personal Data of customers, employees and all other stakeholders (collectively referred to as “Data Subjects”), may it be in the form of digital, on paper or other materials. This Policy applies to all the employees, contract staff and vendors who process personal data on the Company’s behalf.

Link Net shall comply with Applicable Privacy Laws. To the extent this Policy contradicts or is inconsistent with requirements to any law, statute or regulation, the higher standards shall prevail.


In order to comply with and operationalize the T.R.U.S.T. principles, Link Net shall implement the following Data Privacy Practices:


  1. Link Net shall process Personal Data lawfully, fairly and in a transparent manner. Link Net shall provide the data subjects with a Privacy Notice which specifies details on the purpose for which the Personal Data is being collected and processed, source of the Personal Data, class of the third parties to which the Personal Data is disclosed or may be disclosed to, security measures towards protection of Personal Data, data retention requirements, rights available to Data Subjects and other relevant information in line with Applicable Privacy Laws.
  2. Link Net shall process Personal Data when it is necessary and meets at least one of the following lawful bases for processing:
    1. where the Data Subject has given their consent for their Personal Data to be processed. Any processing shall be strictly within the purposes for which the consent is given;
    2. where the Processing is necessary for the performance of a contract with the Data Subject;
    3. where steps are to be taken at the request of the Data Subject with a view to entering into a contract;
    4. where the Processing is necessary to comply with legal obligations/regulatory requirement and for the exercise of any functions conferred on any person by or under any law;
    5. where it required for administration of justice and/or public interest for the purposes of state administration
    6. to protect the vital interests of Data Subjects
    7. any other lawful base for Processing Personal Data as stated by Applicable Privacy Laws.
  3. Link Net shall also ensure that while Processing Sensitive Personal Data explicit consent is required of Data Subjects except for other lawful bases stated below:
    1. exercising or performing any right or obligation which is conferred or imposed by law on the Company in connection with employment
    2. any legal proceedings
    3. obtaining legal advice
    4. establishing, exercising or defending legal rights
    5. where the Processing is necessary to protect the vital interest of the Data Subject or another person
    6. any other lawful base for Processing Sensitive Personal Data as stated by Applicable Privacy Laws.
  4. Link Net shall take reasonable steps to maintain accurate, complete, not misleading and up to date Personal Data only for the purpose(s) identified in the Privacy Notice.
  5. Link Net shall ensure that Personal Data collected and processed shall be adequate, relevant and not excessive for the purpose(s) identified in the Privacy Notice.


Link Net respects the rights of Data Subjects and shall provide them with the opportunity and platform to exercise their rights. Link Net shall establish processes for receiving, recording and responding to some or all of the below mentioned data subject rights in accordance with the Applicable Privacy Laws:

  • Right to be informed
  • Right to access
  • Right to correct personal data
  • Right to withdraw consent
  • Right to prevent Processing in certain circumstance (e.g. prevent direct marketing, Processing that is likely to cause distress)
  • Right to erasure (to be forgotten)
  • Right to data portability.


Link Net shall define and document retention periods for various categories of Personal Data in accordance with the stated purpose or as required by the law. Link Net shall ensure that Personal Data is retained as per the defined retention periods. Post expiry of the retention period, Personal Data shall be securely disposed or de-identified.


Privacy by Design is a methodology that enables Privacy to be built into the design and architecture of systems, products and processes.
Link Net shall adopt Privacy by Design methodology by ensuring Data Privacy issues are considered at the design phase of any system, service, product or process and then throughout the Personal Data lifecycle.
Link Net shall conduct Data Protection Impact Assessments (DPIAs) to identify underlying Privacy risks in the high-risk personal data Processing activities.


Link Net shall establish processes with respect to managing high- risk data processing vendors from a Data Privacy standpoint. The processes shall include the below tabulated activities:

Due Diligence

Conduct out due diligence on the prospective high-risk vendor’s information security and Privacy posture prior to onboarding them

Data Processing Agreements

Include adequate Privacy and information security clauses in the contractual agreement executed with the vendors

Periodic Vendor Assessment

Carry out periodic assessment of the existing high-risk vendors’ compliance with contractual and regulatory obligations

DPIAs for Projects

Carry out DPIAs prior to onboarding high-risk projects from existing vendors

Link Net shall assess the permissibility of Cross-Border Data Transfers in accordance with Applicable Privacy Laws. Further, Link Net shall also ensure that necessary safeguards (such as Data Transfer Agreements) are in place to protect all the Cross-Border Data Transfers.


Link Net shall define and implement a process for reporting, assessing, resolving, communicating, escalating, notifying, and performing of any other actions required in the effective management of Privacy incidents and data breaches.


Link Net shall implement appropriate technical safeguards and organizational measures to maintain the confidentiality, integrity and availability of Personal Data.


Link Net shall carry out periodic Privacy audits on their data Processing environment to monitor its compliance against this Policy, Group Privacy standards and Applicable Privacy Laws.


Link Net shall mandate annual Data Privacy awareness trainings for their employees and contract staff. Link Net shall also raise awareness through knowledge sharing sessions, e-mailers, posters, Privacy campaigns and other such means.