legal
privacy policy
Last updated: May 14, 2026
Indonesian translation: kebijakan privasi
repaera is the operating brand of PT GLOBAL TEKNIKA SUKSES, a company based in blitar, indonesia and operating remotely. many workflows are automated, but some reviews, support requests, andlegal or privacy requests may still take longer when manual handling is required.
this privacy policy explains how we collect, use, store, and share information when you visit our website, purchase repository or registry access, request support, or use our products and services, including Enterprise Offerings and Experimental or Beta Offerings.
who we are
throughout this policy, "repaera", "we", "us", and "our" refer to repaera as a brand operated by PT GLOBAL TEKNIKA SUKSES. our Services are offered from indonesia, with remote operations and third-party infrastructure used in multiple regions.
scope
this policy applies to website visitors, buyers, customers of Support Plans, customers of Enterprise Offerings, users of Experimental or Beta Offerings, customers of Indonesia-Only Local Services, and people who contact us through our support or communication channels.
indonesia-only local services
in addition to software products, Support Plans, Enterprise Offerings, and Experimental or Beta Offerings, repaera may also operate Indonesia-Only Local Services limited to the indonesian market. these Indonesia-Only Local Services are offered separately from our software products and may involve additional collection of contact details, addresses, scheduling details, recipient information, pickup or dropoff notes, and order coordination records needed to perform the requested service. operational booking, cancellation, and rescheduling rules for these services are described in our cancellation policy.
coordination for Indonesia-Only Local Services may happen through chat platforms including WhatsApp Business and Telegram. for eligible local-service orders, payment may also be accepted through cash or through repaera's xendit account using qris, bank virtual account transfer, or convenience store payment channels such as alfamart and alfamidi.
information we collect
depending on how you use our Services, we may collect:
- contact details such as your name, email address, company name, and country
- transaction data such as order ids, invoices, payment status, and refund history
- github account details needed for login, oauth, repository invitations, and ghcr access fulfillment
- Access License records such as claim status, grant timestamps, and access history
- records relating to Support Plans and Enterprise Offerings such as tickets, emails, attachments, meeting notes, project requirements, service configuration, usage records, logs, and security events
- records relating to Experimental or Beta Offerings such as account data, configuration data, usage records, feedback, logs, and security events
- Indonesia-Only Local Service records such as chat messages, delivery notes, recipient details, address information, and payment confirmation details
- website and device data such as browser type, approximate location, referral pages, analytics data, and cookie-related signals
- anti-abuse and verification data used to prevent fraud, spam, account misuse, or automated attacks
how we use information
- to operate the website and authenticate users
- to process orders, payments, invoices, and refund requests
- to grant access to private github repositories and private ghcr packages
- to provide Support Plans, Enterprise Offerings, and Experimental or Beta Offerings
- to coordinate Indonesia-Only Local Services where requested
- to secure our systems, investigate abuse, and enforce our terms or license conditions
- to maintain service quality, diagnose failures, and improve reliability
- to send operational notices, account notices, legal notices, and service-related communication
how we share information
we share information only when reasonably necessary to operate our business, fulfill customer orders, communicate with customers, secure our systems, or comply with legal obligations. this can include infrastructure providers, payment processors, analytics providers, error monitoring providers, anti-bot services, and communication platforms. we do not sell personal information in the ordinary ad-broker sense.
subprocessors
we rely on the following third-party subprocessors or service providers to deliver infrastructure, payments, communications, monitoring, and related services.
where a provider offers configurable regional deployment, we note our current primary regions. otherwise, the location summary below reflects the vendor's published privacy or international transfer statements.
| service | purpose | residency / transfers | policy / trust |
|---|---|---|---|
| Microsoft Azure | primary iaas for hosting, vm, db, cache, ai inference, network, and maps where enabled | us / nl / sg / id | privacy and trust |
| Google Cloud | primary iaas for hosting, compute, db, cache, networking, maps, and ai-related services where enabled | us / nl / sg / id | privacy and trust |
| Akamai Cloud | primary iaas and networking services | us / nl / sg / id | privacy and policies |
| GitHub | source code hosting, oauth login, repository invitations, and ghcr access delivery | us / global | privacy policy |
| Replicate | secondary ai inference for media generation | us / global | privacy policy |
| PayPal | payment processing and fund transfer | global | privacy policy |
| Polar | payment operations and checkout support | us / ca / global | privacy policy |
| Xendit | payment processing and payment operations | us / ph / id | privacy policy |
| Sentry | error monitoring and incident reporting | us / de / ca / eu | privacy policy |
| hCaptcha | anti-bot protection and abuse prevention | us / global | privacy policy |
| Cloudflare | domains, dns, network delivery, security protection, storage, and edge compute | us / eea / global | privacy policy |
| analytics, data collection/ hosting, communications, and related services used for business operations | global | privacy policy | |
| Meta | administration of business messaging infrastructure and related platform services where enabled | us / ie / dk / se / global | privacy policy |
| customer communications, business messaging delivery, and support conversations | us / eea / global | privacy policy | |
| Telegram | customer communications and support conversations | nl / vg / ae / eea | privacy policy |
github account and oauth use
our products are delivered through github and ghcr. if you want to buy repository or registry access, you must use your own github account. we may require github oauth or other github account verification so we can authenticate you, connect your purchase, and grant access to the correct account.
international data transfers
because we use infrastructure in us, nl, sg, and id, and because several vendors may transfer or access data globally under their own policies, your information may be stored, processed, or accessed outside indonesia. depending on the service used, this can include us, the eea, sg, and other countries where our vendors or their subprocessors operate.
where a provider offers regional deployment controls, we try to keep services in the regions we select for operations. where a provider uses global infrastructure or does not offer fixed residency, we rely on the provider's contractual safeguards, privacy commitments, and security controls to support lawful cross-border processing.
data retention
we keep information only for as long as reasonably necessary for business operations, contract performance, dispute handling, security, fraud prevention, and legal or tax recordkeeping. license and access records may be retained longer where needed to prove entitlement and enforce license conditions.
security
we use reasonable administrative, technical, and organizational measures to protect information. however, no website, infrastructure stack, messaging platform, or online system can be guaranteed to be perfectly secure.
your rights and choices
subject to applicable law, you may request access to, correction of, or deletion of your information, or object to certain processing. you may also manage cookies through browser settings and choose whether to continue using optional third-party services. some requests may be limited when we need to keep records for legal, tax, security, or contract reasons.
children
our Services are not directed to children, and we do not knowingly collect personal information from children for the purpose of offering our commercial services.
changes to this policy
we may update this privacy policy from time to time. the latest version will be posted on this page with the updated effective date shown above.
contact
if you have a privacy request, support issue, or question about this policy, contact us through one of the channels below.
WhatsApp Business: +6285230522220
X / Twitter: @repaera
Email: [email protected]