Legal

Privacy Policy

Effective Date: April 21, 2026  ·  Operated by Daehan Global DS, Inc.

1. Overview

SeamStream is a B2B SaaS platform for garment manufacturing management, operated by Daehan Global DS, Inc. ("SeamStream", "we", "us"). This Privacy Policy explains how we collect, process, store, and protect information when you use our platform, including SeamSource, SeamStock, SeamCut, SeamLine, and all associated tools.

We comply with Indonesia's Personal Data Protection Law (UU PDP, Law No. 27/2022), which entered full enforcement on October 17, 2024. This Policy applies to all users, including factory administrators, production line operators, and business contacts whose information is processed through the platform.

Key principle: SeamStream acts as a data processor, not a data controller, for customer-uploaded manufacturing documents. Your company retains full ownership and control of the data you upload, including purchase orders, invoices, production records, and all associated files.

2. Information We Collect

2.1 Account Information

  • Company name, business registration number
  • Contact person name, email address, phone number
  • User role (administrator, operator, viewer)
  • Login credentials (passwords are stored using one-way hashing and are never readable)

2.2 Manufacturing Documents You Upload

  • Buyer purchase orders (PO), including fabric specifications, quantities, delivery dates
  • Supplier invoices, packing lists, fabric rolls data
  • Production records: cutting floor data, bundle QR assignments, loss-rate tracking
  • Quality control images shared via Telegram integration

These documents are your property. We process them solely to deliver the platform's services. See Section 5 (Customer Data Ownership) for full details.

2.3 IoT Device Data

  • Per-second production throughput data from line-mounted IoT sensors
  • Machine state signals (running, idle, fault)
  • Device connectivity status, firmware version, device ID

IoT devices deployed at your facility generate operational data. The factory owner retains ownership of this operational data. SeamStream processes it to display real-time analytics, detect bottlenecks, and trigger alerts.

2.4 Automatically Collected Technical Data

  • IP address, browser type, operating system
  • Session duration, pages visited, feature usage patterns
  • Error logs and performance traces

3. How We Use Your Information

Purpose Legal Basis (UU PDP Art. 20)
Delivering platform features (PO parsing, WMS, MES, cutting analytics) Contractual necessity
Account authentication and access control Contractual necessity
Real-time production monitoring and Telegram alerts Contractual necessity
Security monitoring and fraud prevention Legitimate interest
Platform performance improvement using anonymized, aggregated data Legitimate interest (anonymized — not personal data)
Sending product updates or feature announcements Consent (opt-in only)
Compliance with Indonesian law (tax, industrial reporting) Legal obligation

We do not use your manufacturing documents, supplier data, or production records for training our AI models without your explicit written consent.

4. AI Document Processing

SeamStream uses AI (SeamDocs) to extract structured data from uploaded manufacturing documents. You must be aware of the following:

  • AI accuracy is not guaranteed. Our AI achieves high accuracy on standard document formats, but extraction errors can occur, particularly with handwritten documents, poor-quality scans, or non-standard formats.
  • Verification is your responsibility. All AI-extracted data — including quantities, prices, delivery dates, and supplier names — must be verified against the source document before use in production decisions, payment processing, or financial records.
  • Personal data embedded in documents (such as supplier contact names or purchasing manager information) is processed only as necessary to deliver the extraction service and is not used for any other purpose.
SeamStream is not liable for business losses caused by acting on AI-extracted data without independent verification. See our Terms of Service for full liability terms.

5. Customer Data Ownership

All data you upload to SeamStream — including purchase orders, invoices, production records, packing lists, and all associated files — remains your property.

SeamStream's rights to your data are strictly limited to:

  • Technical processing necessary to operate the platform
  • Storage and backup for service continuity
  • Displaying data back to your authorized users
  • Generating aggregated, anonymized platform performance metrics (which cannot identify your company or operations)

We will never sell, rent, or commercialize your manufacturing documents or operational data. We will never share your supplier relationships, pricing information, or production volumes with competitors or third parties for commercial purposes.

Upon account termination, you may export all your data. SeamStream will retain your data for 90 days after termination to allow for export, then permanently delete it from all systems, including backups.

6. Confidentiality of Business Information

SeamStream recognizes that manufacturing data — including supplier pricing, buyer purchase order terms, production capacities, and quality specifications — constitutes confidential business information and trade secrets.

We commit to:

  • Treating all customer data as strictly confidential
  • Limiting access to your data to SeamStream personnel who require it to deliver the service, under binding confidentiality obligations
  • Never disclosing your data to other SeamStream customers or using one customer's data to benefit another
  • Implementing role-based access controls so that only your designated users can access your data

7. Information Sharing

We do not sell your personal data. We share information only in the following limited circumstances:

7.1 Service Providers

We work with trusted third-party service providers (cloud infrastructure, AI computation, notification delivery) who process data on our behalf under strict confidentiality agreements and data processing terms. Current categories include cloud hosting, object storage, and AI inference providers.

7.2 Legal Requirements

We may disclose information when required by Indonesian law, a court order, or a request from a competent government authority. We will notify you of such requests to the extent permitted by law.

7.3 Business Transfers

If SeamStream or its parent company is acquired or merged, your data may be transferred as part of that transaction. We will notify you in advance and your data will remain subject to this Privacy Policy.

8. Data Retention

Data Category Retention Period
System access logs, session data 90 days
Production data and operational records Duration of subscription + 90 days after termination
Manufacturing documents (POs, invoices, packing lists) Duration of subscription + 90 days after termination, or as required by law
Financial transaction records 5 years (Indonesian tax and accounting law requirements)
Personal data embedded in documents Deleted within 30 days of the end of the business relationship requiring such processing, subject to legal retention obligations
Account information Duration of account + 90 days after deletion

You may request early deletion of personal data at any time. We will delete data within 3×24 hours of a verified request, except where legal obligations require retention.

9. IoT Device Data

SeamStream deploys IoT sensors on production lines to capture real-time manufacturing data. The following principles govern IoT data:

  • Device ownership: The factory retains ownership of its production machinery and the operational data generated by IoT sensors installed on that machinery.
  • Personal data in production data: IoT data is operational in nature (machine throughput, speed, fault codes) and does not normally constitute personal data. Where operator IDs or shift data could identify individual workers, such data is handled as personal data under this Policy.
  • Data minimization: We collect only the data necessary for the service features you have activated (real-time monitoring, bottleneck detection, Telegram alerts).
  • Retention: Raw IoT telemetry data is retained for 12 months. Aggregated production analytics are retained for the duration of the subscription.

10. Cross-Border Data Transfers

SeamStream's infrastructure may process data in server locations outside Indonesia. All cross-border transfers comply with UU PDP requirements for international transfers, including ensuring equivalent or higher levels of data protection in the destination country, or implementing appropriate contractual safeguards.

Upon request, we can provide information about the countries where your data is stored and the safeguards in place.

11. Security

We implement technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS 1.2+) and at rest
  • Role-based access controls limiting data access to authorized personnel
  • Regular security assessments
  • Audit logs for all data access and modification events
  • Separate data environments per customer organization

No system is completely immune to security incidents. We will notify affected customers and the Indonesian Data Protection Authority within 72 hours of discovering a breach affecting personal data, as required by UU PDP.

12. Your Rights Under UU PDP

As a data subject or representative of a data controller (your company), you have the following rights under Indonesian law:

  • Right to Information: Know what personal data we hold about you
  • Right of Access: Obtain a copy of your personal data
  • Right to Correct: Correct inaccurate personal data
  • Right to Delete: Request deletion of personal data we no longer have a legal basis to hold
  • Right to Restrict: Restrict processing of your personal data in certain circumstances
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw any consent you have given at any time

We will respond to verified requests within 3×24 hours (three business days) as required by UU PDP. To exercise your rights, contact us at the address in Section 13.

13. Contact

Daehan Global DS, Inc.
Attn: Data Protection
Email: [email protected]

For general inquiries: Contact Support

14. Changes to This Policy

We may update this Privacy Policy as the platform evolves or as legal requirements change. Material changes will be notified to registered users at least 14 days before taking effect. Continued use of the platform after the effective date constitutes acceptance of the updated Policy.