Last Modified: March 1, 2026 10:16:04 UTC+7 (Jakarta/Bangkok)
IP Address Policy
Effective Date: March 1, 2026 06:44:26
This IP Address Policy explains how YPYM Company ("we," "us," or "our") collects, uses, and protects Internet Protocol (IP) address information when you visit our websites or use our services.
1. Introduction
An IP address is a unique numerical label assigned to every device connected to the internet. We automatically collect IP addresses as part of standard internet communication. This policy describes what we do with this information and how we protect your privacy.
2. What Is an IP Address?
An Internet Protocol (IP) address is a numerical identifier assigned to your device by your Internet Service Provider (ISP). There are two types:
- IPv4: A 32-bit address (e.g., 192.168.1.1)
- IPv6: A 128-bit address (e.g., 2001:0db8:85a3::8a2e:0370:7334)
Under applicable privacy laws (including GDPR and Indonesia's PDP Law), IP addresses may be considered personal data as they can potentially identify an individual.
3. Why We Collect IP Addresses
We collect IP addresses for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Website functionality & content delivery | Legitimate interest / Contract performance |
| Security & fraud prevention | Legitimate interest / Legal obligation |
| Analytics & performance monitoring | Consent / Legitimate interest |
| Geographic content localization | Legitimate interest |
| Rate limiting & abuse prevention | Legitimate interest |
| Legal compliance & law enforcement | Legal obligation |
4. How We Process IP Addresses
We implement the following practices when processing IP addresses:
- Anonymization: Where possible, we truncate or hash IP addresses in analytics to prevent individual identification
- Aggregation: We aggregate IP-based data for statistical analysis rather than tracking individuals
- Encryption: IP addresses stored in our systems are protected by encryption at rest and in transit
- Access Control: Only authorized personnel with a business need can access raw IP address data
5. IP-Based Security Measures
We use IP addresses as part of our security infrastructure to:
- Detect and block malicious traffic (DDoS attacks, brute force attempts)
- Identify suspicious login patterns and prevent unauthorized access
- Enforce geographic access restrictions when required
- Maintain Web Application Firewall (WAF) rules
- Generate security alerts for anomalous behavior
6. Your Rights Regarding IP Data
Depending on your jurisdiction, you may have the right to:
- Access: Request information about what IP address data we hold about you
- Deletion: Request deletion of your IP address data (subject to legal retention requirements)
- Objection: Object to processing of your IP address for analytics purposes
- Restriction: Request limitation of IP address processing
To exercise these rights, contact us at [email protected].
7. Data Retention
We retain IP address data for varying periods based on purpose:
- Server logs: 30–90 days
- Security logs: Up to 12 months
- Analytics data: Anonymized and retained indefinitely in aggregate form
- Legal compliance: As required by applicable law
8. Changes to This Policy
We may update this IP Address Policy periodically. Material changes will be posted on our website with an updated effective date. We encourage you to review this policy regularly.
9. Contact Us
For questions about our IP address practices:
Questions About IP Address Data?
If you have any questions about how we handle IP address information, please email us at [email protected]. You can also read our full About Us page for more information on our company.