Privacy Policy
Last updated: June 1, 2026
Introduction
The Directorate General of Islamic Community Guidance, Ministry of Religious Affairs of Indonesia ("We") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal data in accordance with Indonesian Law No. 27/2022 on Personal Data Protection (PDP Law) and the EU General Data Protection Regulation (GDPR) for visitors from the European region.
By accessing and using the Bimas Islam portal (https://bimasislam.kemenag.go.id), you agree to the data processing practices described in this policy.
Data Controller
The data controller for this portal is:
Directorate General of Islamic Community Guidance Ministry of Religious Affairs of the Republic of Indonesia Jl. M. H. Thamrin No.6 lantai 6 Central Jakarta 10340
For data privacy inquiries, contact us through the information at the bottom of this page.
Data We Collect
We collect the following data based on your activity on this portal:
| Category | Data Collected | Purpose | Legal Basis | Retention |
|---|---|---|---|---|
| Public Analytics | IP (hashed), User-Agent (hashed), visited pages, referrer | Visitor statistics and public portal analytics | Public interest (Article 4(3)c PDP Law) | 1 year |
| Admin Accounts | Name, email, username, password (hashed), NIK (optional), phone (optional) | Authentication and account management for content managers | Contractual obligation (Article 4(3)b PDP Law) | Active account + 5 years |
| Publication Content | Reporter and photographer names (article metadata) | Publication credit for news content | Public interest (Article 4(3)c PDP Law) | Archive publication period |
| Browser Preferences | Theme (light/dark), language preference | User experience personalization | Necessary (essential cookies) | Until user clears data |
Cookie Management
This portal uses cookies and browser storage technologies for various purposes. Cookies are small files stored on your device. We classify cookies as follows:
You can manage your cookie preferences at any time via Cookie Settings.
| Category | Cookie Name | Purpose | Duration |
|---|---|---|---|
| Essential | bimas_admin_* tokens, theme, locale | Required for basic site functionality, admin authentication, and user preferences | Session / 30 days |
| Functional | (not in use) | Store user preferences to enhance experience | - |
| Analytics | Visitor tracking (internal API) | Visit statistics to improve services (anonymized data) | 1 year (database) |
Legal Basis for Processing
We process your personal data based on the following legal bases:
- Contractual Obligation: Processing necessary to provide admin services and portal features.
- Public Interest: Processing data to carry out the public service duties of the Ministry of Religious Affairs.
- Legal Obligation: Processing data to comply with legal obligations under applicable regulations.
- Consent: For non-essential cookies (analytics), we request your consent via the cookie banner.
Data Subject Rights
In accordance with the PDP Law and GDPR, you have the following rights:
- Right of Access: Request information about the personal data we process.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure: Request deletion of your personal data under certain conditions.
- Right to Restriction: Request restriction of processing of your personal data.
- Right to Data Portability: Request a copy of your personal data in a structured format.
- Right to Withdraw Consent: Withdraw consent at any time without affecting the lawfulness of prior processing.
To submit a data subject request, contact us at [email protected]
Data Retention
We retain personal data only as long as necessary for processing purposes. Visitor tracking data is anonymized and stored for a maximum of 1 year. Consent logs are stored for 5 years for audit purposes. Admin account data is retained for the active account period plus 5 years after deactivation. Data that is no longer needed will be regularly deleted or anonymized.
Data Security
We implement appropriate technical and organizational security measures to protect your personal data, including encryption (bcrypt for passwords, AES for TOTP secrets), role-based access control (RBAC), audit logging, HTTPS, and protection against unauthorized access.
Third Parties
Currently, the Bimas Islam portal does not use third-party services for tracking or external analytics. All data is processed internally. The main typography uses a local font stack, so there are no external requests to font servers.
Policy Changes
This privacy policy may be updated from time to time. Significant changes will be announced through this portal. The latest version is always available on this page with the update date listed at the top.
Contact
If you have questions, complaints, or wish to submit a data subject request, contact:
Information and Documentation Management Officer (PPID)
Directorate General of Islamic Community Guidance Ministry of Religious Affairs RI Jl. M. H. Thamrin No.6 lantai 6, Central Jakarta 10340
Email: [email protected]
Phone: (021) 381 1234