Privacy Policy – Nusantara Atlas

Nusantara Atlas is a platform dedicated to monitoring deforestation, wildfires, and peatland conversion across Equatorial Asia (including Brunei, Indonesia, Malaysia, and Papua New Guinea) and Colombia.

The platform supports conservationists, researchers, policymakers, journalists and companies, in understanding and addressing deforestation and land-use change.

Nusantara Atlas is developed and maintained by The TreeMap (TTM), a social enterprise committed to enhancing transparency within the plantation, forestry, and mining sectors in Equatorial Asia and other tropical regions worldwide.

The TreeMap leverages scientific research and satellite monitoring technology to safeguard tropical forests. As part of its mission, the company collaborates with researchers, activists, journalists, and the private sector to promote sustainable practices.

We take personal privacy seriously and actively ensure that our platform complies with relevant legislation, including the GDPR for EU countries and beyond.

We are committed to being transparent about why we collect personal information and how we process it. This Privacy Policy covers these topics specifically, but not how you can use TTMs materials (see your end-user license agreement or EULA of your subscription level).

Data Collection

For the free usage of the Nusantara Atlas we collect and process:

  • Analytics cookies: we collect connection data (device type, browser, version, number of interactions on the website) which allows us calculation of visits and sessions through third parties systems (eg. Google Analytics, Mixpanel). These are collected only for statistical purpose, they require your consent to be collected and you can refuse the cookies usage through a banner when you access to the Atlas.
  • Personal data that you give us when subscribing: first name, last name, affiliation, country and email. These data are collected in our legitimate interest and to ensure the basic functionalities of the Atlas, only to identify users and for statistical purpose (country, affiliation). We reserve only the possibility to ask you to be added to our mailing lists to keep you informed or our work.
  • Personal data that you give us when contacting TTM’s team: we are eager to have your feedbacks on the platform and to exchange to improve our Atlas, however any personal informations (included name, emails and the messages themselves) are collected to keep track of our exchange.
  • Activity data that you produce while using the platform: we record how many times a user download reports in one day and we log all errors. These data are collected in our legitimate interest and to ensure the advanced functionalities of the Atlas, only to identify users. Even if these data do not constitute personal data, we think you should be aware that some functionalities are tracked to ensure their operability.

Data Processing

Your personal data is processed and used for the following purposes:

  • Website Analytics: To analyse your interactions on our website through analytics cookies and improve your user experience.
  • User Identification: To identify and maintain your user account using your first name, last name, affiliation, country, and email.
  • Updates and Notifications: To send you updates via email about new features, research studies, blog posts, policy updates, and other relevant information. Please note that these updates are not for marketing purposes.
  • Exchange Tracking: To keep a record of your communications with us via email.

Data Disclosure and transfer

TTM does not sell or share your information with third parties, including for marketing purposes. We may disclose personal information only in a few specific cases, such as:

Legal Requirements: If required by judicial authorities or when legally obligated.

Subcontractors: Only when necessary, and always ensuring the same level of
confidentiality, encryption, and security that we maintain.

If you are based in the EU, please be aware that some of our servers are hosted in Singapore. However, we ensure that the security standards on these servers are equivalent to those of our EU-based servers and fully comply with GDPR regulations.

User’s Rights

According to the GDPR, you have the following rights regarding your personal data:

  • Right to Access Your Information: You have the right to request details about the personal information we have collected about you.
  • Right to Rectification: If your personal data is incorrect or incomplete, you have the right to have it corrected or updated.
  • Right to Deletion (Right to be Forgotten): You have the right to request the deletion of your personal information from our systems, unless we have legitimate reasons under the GDPR to retain it.
  • Right to Object: You have the right to object to the processing of your personal information. You can also withdraw any previously given consent.
  • Right to Data Portability: You can request that we transfer your personal data to you or another service provider.

You can exercise any of these rights by contacting us via email (see contact details below). We will make every effort to address your request within one month, in line with GDPR requirements.

Security Measures

We have implemented both organizational and technical measures to ensure data safety and privacy by design. These measures include data redundancy and industry-standard encryption protocols.

  • Data Encryption and Pseudonymization: All Personally Identifiable Information (PII) and passwords are encrypted and/or pseudonymized before storage, ensuring robust protection against unauthorized access.
  • Access Control: Only authorized personnel within the TTM organization, based on their roles and responsibilities, are permitted to access the databases.
  • Secure Digital Infrastructure: The entire TTM digital infrastructure is secured with HTTPS, guaranteeing encrypted data transmission.
  • Data Breach Protocol: In the unlikely event of a data breach, we have established security protocols to respond efficiently. We are committed to communicating with you at the earliest possible opportunity should such an incident occur.

Types of Cookies

We collect the following cookies:

  • _ga_*
    ◦ Description: to store and count page views though Google Analytics.
    ◦ Expiration period: 2 years.
  • _ga
    ◦ Description: to calculates visitor and session data and to keep track of site usage for the site’s analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
    ◦ Expiration period: 2 years

Data Manager contact

For any further detail on our User’s Data Policy, requests and questions you can contact us at: admin@nusantara-atlas.org

Changes to This Policy

We may update this statement at any time to reflect any changes in data protection or other legislation or in our legitimate interest. Any changes we make to this privacy statement in the future will be posted to our website and also available if you contact us as set out above.

Last Update: April 2025.

Manage Cookie Preferences