Privacy Policy

Privacy Policy

How Temmu.id collects, uses, stores, and protects data — covering merchants, buyers, site visitors, and the social-media accounts they connect.

Versi Bahasa Indonesia

1. Introduction

Temmu.id (operated by PT Orion Solusi Digital, Indonesia) is a SaaS platform that lets merchants create business pages, run online stores, and manage social-media posts and inboxes. We act as a Tech Provider helping businesses run their digital presence.

This policy explains what we collect, why, who we share it with, how long we keep it, and how you can request deletion. It applies to merchants, buyers/guests transacting on a merchant's storefront, and visitors to Temmu.id.

2. Data We Collect

We group data by data subject:

Merchants

  • Name, email, and password (hashed) at registration.
  • Business profile: name, description, category, slug, address, phone, hours, plan.
  • AI credit balance and token-purchase history.
  • Google Analytics measurement ID and Google Search Console verification tag, if you configure them for your storefront.

Buyers / guest checkout

  • Name, email, phone (normalized to +62), full address, district, city, province, postal code.
  • Order details: items, quantities, courier choice, shipping cost, total payment.
  • Payment status and method (from the payment gateway).

Site visitors

  • Event type (page view, WhatsApp click, map click), referrer, approximate geolocation (country/region/city) from Cloudflare headers, browser, OS, and device type.

Connected social-media accounts

  • Facebook / Instagram: page ID, page name, page picture, access token, token expiry.
  • Threads: user ID, name, access token.
  • WhatsApp Business: WABA ID, phone number ID, display number, verified name, access token.

Inbound messages (WhatsApp / Instagram / Threads inbox)

  • Sender ID, sender name, message text, message ID, and timestamp — stored so the merchant can view and reply from their Temmu dashboard.

3. How We Use Data

  • Operate the merchant's account, dashboard, storefront, and inbox.
  • Process payments and record transactions (invoices, settlements, statuses).
  • Publish content to merchant social accounts — only on the merchant's explicit instruction.
  • Generate AI-assisted content (hero copy, descriptions, post drafts).
  • Send transactional email (payment confirmations, order notifications).
  • Measure platform usage (internal analytics) and detect abuse or fraud.
  • Comply with legal, tax, and lawful authority requests.

4. Third Parties & Sub-processors

We rely on the following sub-processors. Each is bound by their own contractual privacy obligations.

  • Supabase — authentication and Postgres database hosting.
  • Cloudflare — Workers hosting, R2 media storage, and AI inference (model @cf/meta/llama-3.1-8b-instruct).
  • Xendit — payment gateway (invoices, webhook callbacks, sub-account delegation for verified merchants).
  • Meta Platforms — Facebook, Instagram, Threads, and WhatsApp Business Graph APIs — only for merchants who connect them.
  • Google — Analytics and Search Console — loaded only on storefronts where the merchant configures them.
  • Listmonk (operated by Orion Solusi Digital) — subscriber email broadcasts.
  • Maileroo — transactional email delivery.
  • Umami (operated by Orion Solusi Digital) — privacy-friendly analytics for Temmu.id itself.
  • OneSignal — web-push notifications for the merchant dashboard.

5. Meta Platforms Data

As a Meta Tech Provider, Temmu posts to a merchant's Facebook, Instagram, Threads, or WhatsApp Business account only on that merchant's explicit authorization through Meta's official OAuth flow.

  • Access tokens are stored encrypted at rest and used solely to publish content the merchant authored or approved.
  • Tokens are deleted immediately when the merchant disconnects (the "Disconnect" button in the dashboard) or deletes their business.
  • Inbound webhook data (Instagram DMs, Threads replies, WhatsApp messages) is stored only for the merchant's own inbox view — never used for advertising, profiling, or shared with other merchants.
  • We do not sell Meta data, do not aggregate it across merchants, and do not perform user profile inference.

6. AI Token Purchases

AI tokens are platform credits — not financial instruments, not currency, not a payment instrument. Tokens are tied to the buying business account, are deducted whenever an AI feature is used, and are not refundable to cash. Token-purchase history is retained as part of the customer's invoice records.

7. AI & Cloudflare Workers AI

When you use an AI feature (hero, description, or post generation), we send a prompt containing your business name, short description, and brief to Cloudflare Workers AI. Temmu does not retain raw prompts or responses beyond the final output you save to your website. AI processing is governed by Cloudflare's terms.

8. Cookies & Local Storage

  • Supabase auth (JWT) cookie to keep merchants signed in.
  • Analytics cookies (Umami, Google Analytics) on Temmu.id itself.
  • OneSignal cookie for dashboard push notifications.
  • On a merchant's storefront, GA cookies load only if the merchant explicitly configures GA.

9. Storage & Retention

  • Transactions (orders & invoices): 10 years, per Indonesian tax and trade law.
  • Active business accounts: for as long as the account is active.
  • Inactive accounts (>24 months without login): deleted after email notice.
  • Social-media tokens: until disconnect or token expiry.
  • Inbox messages (WhatsApp / Instagram / Threads): 12-month rolling window.
  • Analytics events: 24 months.
  • Media (R2 images): while the business is active + 30 days after deletion.

10. Your Rights

  • Access and update your profile data through the dashboard.
  • Disconnect a connected social-media account at any time — its token is removed from our systems.
  • Request a copy of your data in a readable format.
  • Request deletion (see next section).
  • Withdraw consent to optional processing.

11. Data Deletion

Merchants: use the "Delete Account" button in dashboard settings, or email hello@temmu.id with subject "Data Deletion Request". We delete within 30 days, except for data that must be retained for legal obligations (e.g. transaction records).

Storefront buyers / guests: email hello@temmu.id referencing your order number. We will verify your identity before deletion.

Social-media account data: deleted automatically when you disconnect from the dashboard, and fully removed when the business account is deleted.

12. Security

All connections use HTTPS. The database is protected by Supabase Row Level Security (RLS). Secrets are stored in the Cloudflare Wrangler secret store and never exposed to the browser. Merchant authentication uses cookie-based JWTs. No internet transmission method is fully secure; we will notify affected users in the event of a material incident.

13. Minors

Temmu.id is not directed to users under 18. If we become aware of an account created by a minor, we will delete the account and its data.

14. International Data Transfer

Your data is processed and stored on Cloudflare's and Supabase's global infrastructure. By using Temmu.id you acknowledge that data may be processed outside Indonesia, subject to the contractual safeguards of our infrastructure providers.

15. Policy Changes

We may update this policy from time to time. Material changes will be announced via email or a dashboard banner, and the "Last updated" date will be revised. Continued use of the service after a change constitutes acceptance.

16. Contact

For privacy questions or requests:

  • Email: hello@temmu.id
  • Contact page: /kontak
  • Address: Jalan Majapahit No. 83, Kuta, Badung, Bali 80361, Indonesia

Last updated: 29 April 2026

Back to home