Privacy Policy

PT. Nusa Ventura Putra

Platforms: MAGER AI & MAGER KLIP

Last Updated: May 5, 2026

Key Contact Information

  • Data Protection Officer: mageran.ai@gmail.com
  • Company Address: Bali, Indonesia (PT. Nusa Ventura Putra)
  • Jurisdiction: Indonesian legal jurisdiction for all disputes
  • Response Time: 72 hours for data subject requests

1. Data Collection Practices

A. Google Account Access (Required for Authentication)

  • Email address — Account identification and communication
  • Display name — Dashboard personalization
  • Profile picture URL — User interface display only (not stored permanently)

Legal Basis: Contractual necessity (Article 6(1)(b) GDPR equivalent under Indonesian UU PDP).

B. Content Generation Data

Image/Video Inputs: Uploaded logos, reference images, source videos; Text prompts and style descriptions. Retention: Temporary processing only; deleted within 24 hours unless saved to user gallery.

Generated Outputs: AI-generated images/videos stored in user's private gallery; Metadata: creation timestamp, prompt hash (not full prompt), resolution.

C. MAGER KLIP Specific Data

When using auto-clipping features:

  • Source URLs (YouTube/TikTok/Instagram video links provided by user)
  • Clipped segments (start/end timestamps, selected scenes)
  • Exported videos (stored until manual deletion or account termination)

D. Social Media Integration (Optional)

YouTube: Minimum necessary permissions for video uploads only (youtube.upload scope). No access to private videos, messages, or analytics beyond upload confirmation.

TikTok (Content Posting API):

  • Permissions Requested: video.upload (Content Posting API)
  • Data Accessed: Creator nickname, account ID, max video duration limits
  • Consent Declaration: Before posting, users must explicitly consent to TikTok's Music Usage Confirmation, Commercial content disclosure requirements (if applicable), Privacy level selection (public/private/friends-only)
  • No access to: TikTok messages, analytics, follower lists, or private content
  • Data Retention: OAuth tokens stored encrypted; revoked immediately upon user disconnection

Instagram: Basic profile and media upload permissions only.

E. Payment Processing (Midtrans)

  • Processor: Midtrans (Indonesian payment gateway)
  • Data stored by MAGER AI: Transaction ID, status (success/failed), amount in IDR, timestamp
  • NOT stored by us: Credit card numbers, CVV, debit card PINs, or full PAN (Primary Account Number)
  • Midtrans compliance: PCI-DSS Level 1 certified; we never touch raw card data

2. Data Usage & Sharing

Key Statement: We do not sell your personal data to third parties.

Internal Usage:

  • Service Provision: Generating content, managing accounts, processing payments
  • Customer Support: Troubleshooting generation failures, API errors
  • Platform Optimization: Analytics on feature usage (aggregated, anonymized)
  • Security: Fraud detection, abuse prevention (rate limiting, bot detection)

Third-Party Sharing:

Data shared ONLY when necessary:

  • Google — OAuth tokens, email (Authentication)
  • TikTok — Video file, title, hashtags, commercial disclosure flag (Content posting via API)
  • YouTube — Video file, metadata, privacy setting (Content upload)
  • Midtrans — Email, transaction amount (Payment processing)
  • Cloudflare — IP address anonymized (DDoS protection)

Google API Services Compliance:

Mageran AI adheres to the Google API Services User Data Policy, including Limited Use requirements:

  • We use data from Google APIs only to provide and improve MAGER AI services
  • We do not share Google-sourced data with third parties except as disclosed herein
  • We do not retain data longer than necessary for service provision

3. Security Measures

Technical Safeguards:

  • Encryption at rest (AES-256 for databases)
  • Encryption in transit (TLS 1.3 for all API communications)
  • Access control (Role-based; production DB access limited to 2 engineers)
  • Backups (Daily encrypted, retained 30 days)

Organizational Measures:

  • NDAs with all employees/contractors
  • Regular security audits (annual)
  • Incident response plan for data breaches

Important Disclaimer: No system is 100% secure. Use of the platform constitutes acknowledgment of inherent internet transmission risks.

4. Data Retention Policy

  • Account data (email, OAuth tokens): Account active + 90 days post-deletion
  • Generated content (images/videos in gallery): Until manual delete or account closure
  • Payment records: 7 years (Indonesian tax law requirement)
  • Server logs (IP, request timestamps): 30 days
  • TikTok/YouTube OAuth tokens: Until user disconnects or revokes

Right to Erasure: Users may request full data deletion via email. We respond within 72 hours and execute within 30 days, except for payment records retained per Indonesian law.

5. Cookies & Tracking Technologies

The platform uses:

  • Essential cookies: Session management, HTTP-only, Secure flag
  • Analytics pixels: Meta/Facebook, Google Analytics 4, TikTok Pixel

Purpose: Traffic analysis, conversion tracking, marketing optimization.

User Control: Manage via browser settings or Indonesian cookie consent tools.

TikTok Pixel Specifics: Tracks page views and button clicks (Generate, Upgrade). Does NOT collect personally identifiable information (PII) directly. Anonymized event data sent to TikTok for ad targeting optimization.

6. Special Provisions

Minors & Age Restrictions:

This platform is not intended for use by minors under 18 years old as per applicable laws in the Republic of Indonesia (UU PDP) and TikTok's minimum age requirement (13+ for app usage, but 18+ for commercial content creation). We do not knowingly collect data from individuals under 18. If discovered, accounts will be terminated.

International Data Transfers:

  • Primary hosting: Indonesia (local servers where possible)
  • Third-party services: Google (US/SG), TikTok (US/Singapore), Midtrans (Indonesia)
  • Safeguards: Standard Contractual Clauses (SCCs) or adequacy decisions per Indonesian UU PDP Article 28

Policy Updates:

Policies may be updated at any time with immediate effect upon publication on https://mageran.ai/privacy-policy. Material changes notified via in-app banner or email (7 days prior). Users should review periodically; continued use = acceptance.

TikTok-Specific Privacy Notice:

When using MAGER KLIP's TikTok auto-post feature:

  1. You are the Data Controller for content posted to TikTok — we act as processor only
  2. TikTok's Privacy Policy applies to how they handle your video after upload
  3. We do not store copies of videos sent to TikTok beyond temporary processing cache (cleared within 1 hour)
  4. Commercial disclosure: If you enable Branded Content toggle, this metadata is transmitted to TikTok and visible on your post per their guidelines

7. Indonesian UU PDP Compliance

This policy complies with Indonesia's Undang-Undang Pelindungan Data Pribadi (UU PDP):

  • Article 4 (Lawful processing basis)
  • Article 20 (Data subject rights)
  • Article 28 (Cross-border transfer safeguards)
  • Article 32 (Security obligations for data controllers)

Data Subject Rights:

  • Access to your personal data
  • Correction of inaccurate data
  • Deletion of data (right to be forgotten)
  • Data portability (export in JSON format)

Email mageran.ai@gmail.com with subject "UU PDP Request".

Mager AI LogoMager AI

Mager AI adalah platform desain berbasis AI yang bantu kamu bikin visual keren jadi super gampang. Tinggal kasih logo dan referensi gaya, hasilnya langsung auto jadi.

InstagramTikTok

Stay in the loop

Dapatkan update terbaru seputar AI, design, dan fitur-fitur menarik dari Mager AI.

© 2026 Mager AI. All rights reserved.

PT.Nusa Ventura Putra

Terms & ConditionsPrivacy Policy