Indonesia Personal Data Protection Law.
Indonesia's PDP Law establishes a comprehensive personal data protection framework, requiring consent, purpose limitation, and cross-border transfer safeguards for processing of Indonesian residents' personal data.
Maximum penalty
2% annual revenue
Source: PDP Law 2022
Key requirements
Consent for data processing
Purpose limitation
Data breach notification within 72 hours
Cross-border transfer restrictions
+2 more requirements in the complete guide.
Get the full ID PDP compliance guide →Enforcement examples
Transitional period until October 2024
Two-year transitional period ended October 2024; enforcement building
-
2024
How Tessera automates ID PDP compliance
PDP Law compliance monitoring
72-hour breach notification
Cross-border transfer assessment
Consent management
ID PDP compliance checklist
Essential steps to achieve and maintain ID PDP compliance.
Implement consent management framework
Establish 72-hour breach notification
Appoint Data Protection Officer
+2 more steps in the full checklist.
Get your complete ID PDP compliance checklist - free →Industries affected
Calculate your ID PDP exposure.
See exactly how ID PDP penalties apply to your revenue and industry profile.