Indonesia’s Blibli obtains ISO/IEC 27701 certification

Heaptalk, Jakarta — Indonesia’s e-commerce Blibli achieved ISO/IEC 27001 and ISO 27701 certifications to enhance its data governance standards. This milestone was an internationally recognized benchmark for Information Security Management Systems (ISMS) and Privacy Information Management Systems (PIMS).

“We obtained the certification through implementing best practices in information security management, ensuring robust personal data protection. We have applied comprehensive privacy control standards that enhance our customer and employee policies, reinforcing trust and data integrity across all business processes,” IT Governance, Risk, Compliance, and Data Governance (IT GRCD) Manager at Blibli, Yosua SUgianto said.

By achieving ISO 27701 certification, Blibli reinforces its position as a responsible and trusted company in managing customer data security. This certification strengthens the company’s governance and aligns with Indonesia’s upcoming Personal Data Protection Act (PDP Law), Law No. 27 of 2022. The law mandates companies to obtain explicit customer consent before processing their data.

“Aligned with the PDP Law and through our Privacy by Design approach, Blibli is committed to ensuring more robust data security from the initial stages of system design. As part of our Environmental, Social, and Governance (ESG) framework, we continue to strengthen our data governance and privacy protection efforts by obtaining ISO 27701 certification, demonstrating our dedication to upholding high data security standards and compliance with privacy regulations,” Yosua explained.

Furthermore, Blibli’s data privacy approach to customers encompasses six key aspects, covering:

1. Proactive, not Reactive: Integrating privacy risk assessments, incident management, and consistent policy enforcement into business processes.
2. Privacy as the Default Setting: Limiting data collection and usage following the privacy agreements.
3. Privacy Embedded into Design: Incorporating Privacy Considerations at every business process design and IT architecture development.
4. Positive Sum: Optimizing omnichannel services for data customers without compromising their data security.
5. Visibility on Privacy: Providing public access to transparent privacy policies and clear limitations on data transfers.
6. Respect for User Privacy: Offering transparency in data management, backed by 24/7 customer support services.

Recently, Djarum-backed PT Global Digital Niaga Tbk (Blibli) will conduct a Private Placement (PMTHMETD) by issuing 4.9 billion shares worth US$144 million, approximately Rp2.25 trillion. According to the Indonesia Stock Exchange disclosure, the Private Placement will be carried out at an execution price of Rp460 per share. After the Private Placement’s completion, Blibli’s issued and paid-up capital will increase to Rp32 trillion.