Privacy Policy

HIJRA PRIVACY POLICY

GENERAL PROVISIONS
1. Hijra is committed to protecting the confidentiality of Customers Personal Data in accordance with the provisions in this Privacy Policy and does not use the Personal Data for any purpose other than for providing financing facilities and carrying out operational activities, providing Services, and operating the Mobile Banking and/or Hijra’s website in accordance with the provisions of this Privacy Policy, provided that they do not apply to Personal Data that:
  1. A party can prove that the party legally owns the Personal Data prior to its disclosure by that party and it was not obtained from the Disclosing Party or another party who are bound by the obligation to maintain the confidentiality of information obtained from the Disclosing Party;
  2. The Personal Data has been known to the public without violating any applicable Laws;
  3. Has become publicly known information, not as a result of a violation by the Receiving Party or its Representative;
  4. Personal Data is obtained lawfully by other parties without confidentiality restrictions from other sources;
  5. Such Personal Data is required to be disclosed by court order, court decision, arbitrator's decision, government agency, government official or according to applicable Laws; and/or
  6. Personal Data that can be proven in writing has been developed by the receiving party without using the Confidential Information disclosed by the disclosing party.
  7. Personal Data (among others photos, names, emails, mobile phone numbers and others that the Customer provides through Mobile Banking) will be used for the purposes of Know Your Customer (“KYC”) procedures as regulated in the applicable laws and regulations. While the photo will be used for the purposes of user profile photos on Mobile Banking.
2. This Privacy Policy applies to Mobile Banking and/or Hijra’s website. Mobile Banking and/or Hijra’s website may contain links to other web pages that are not owned by Hijra. Customers are advised to understand the privacy policy of those web pages.
3. Affiliate is the Hijra group of companies, namely, among others, PT Alami Fintek Sharia.
SCOPE
The scope of Personal Data includes all data, statement, information, and documents of visitors, Customers, and/or related parties to the Customers , Customer patterns or habits in accessing the Mobile Banking and/or Hijra’s website, risk profile, history of searching or using Services as well as history of transactions made by Customers on the Mobile Banking and/or Hijra’s website , and information related to other patterns or habits including data, information and related documents or their derivatives related to the use of the Mobile Banking and/or Hijra’s website by the Customer, including but not limited to Personal Data that:
1. among others, in the form of photos, names, emails, mobile phone numbers and others that the Customer provides through Mobile Banking, Hijra’s website or other Hijra official media;
2. required or obtained by Hijra from the Customer or submitted, disclosed, downloaded or submitted by the Customer through Mobile Banking, Hijra’s website or other Hijra official media;
3. obtained and/or obtained from a third party with the consent of the Customer;
4. collected by Hijra when the Customer participates in events organized by or cooperated with Hijra, such as festival, seminars, workshops, contest or award programs and other events, which may include any documentation in the form of photos, video recordings and/or the Customer's voice;
5. obtained or accessed legally by Hijra based on Hijra's internal policies and procedures related to Services of Mobile Banking and/or Hijra’s website as long as the Customer is still bound by this Privacy Policy; and/or
6. required to be submitted or given by the Customer according to the provisions of an agreement between the Customer and Hijra or voluntarily from time to time.
PURPOSE
1. Hijra has the right to request, obtain, collect, process, store, and utilize Customer's Personal Data in the context of or in connection with the following means or purposes:
  1. managing the accuracy of the information that the Customer provides;
  2. assessment, analysis, verification, validation or examination of the Customer's profile for each registration application submitted by the Customer to obtain Services;
  3. fulfillment of Hijra rights and obligations based on legal provisions and laws and regulations, and if there is an Agreement between the Customer and Hijra;
  4. implementation and supervision of the implementation of an Agreement between the Customer and Hijra;
  5. implementation of Hijra operational activities from time to time in good faith;
  6. survey, research, evaluation, and/or product development or Services of Hijra and/or its Affiliates and related parties; and/or;
  7. contact the customer through personal communication media regarding products, services and/or promotional programs from Hijra and/or its affiliates if the customer agrees;
  8. study visitor behavior and; and/or
2. The aforementioned purposes continue to serve as a basis for Hijra to keep, process, and utilize Customer Personal Data in accordance with this Privacy Policy, and to use, submit, or disclose it in good faith to:
  1. banks, credit rating bureaus, agents, partners, or providers other supporting services, including but not limited to banking services, billing, remittances, administration, correspondence, telecommunications, telephone centers, business processes, travel, visas, knowledge management, human resources, data processing, information technology, computers, payments, debt collection, credit reference checking, or security or other services concerned as long as they are bound by a responsibility for confidentiality of Customer's Personal Data;
  2. Individuals and/or entities that are other third parties related to or part of Hijra and are under the responsibility of confidentiality for Customer's Personal Data for certain purposes; and/or
  3. Individuals and/or entities, including but not limited to Bank Indonesia, the Financial Services Authority, courts, prosecutors, police, other government agencies either on Hijra's initiative or as required by legal provisions and laws and regulations, directives, instructions or policies of government institutions or government officials;
DEVICE ACCESS AND PERSONAL DATA
1. Hijra has the right to access Customer Devices (including computer device) to obtain, collect and store Personal Data (encrypted) from and/or through the Mobile Banking, Hijra’s website, telephone, obtained from Hijra tools, systems or resources, from third parties based on the Customer's consent (including but not limited to credit rating agencies or bureaus), affiliates or related parties or Hijra representatives, or accessed by Hijra or submitted by Customer through or obtained from Hijra systems, hardware, software or devices . or Customers use or engage in the utilization of Services, Mobile Banking and/or Hijra’s website.
2. Access to Devices (including computer device) and data obtained by Hijra, including but not limited to and/or through:
  1. Storage Space on Device (including computer device) ;
  2. Access to Camera and Audio on Customer's Device (including computer device) ;
  3. Location Access;
  4. Access Call logs.
3. Storage of Personal Data by Hijra is for a minimum of 5 (five) years in accordance with the provisions of 15 paragraph (3) of the Regulation of the Minister of Communication and Information Number 20 of 2016 concerning Protection of Personal Data in Electronic Systems. Hijra will carry out this storage in accordance with its policies or discretion, either through the Hijra system or other party systems, servers or databases or other third party service providers in collaboration with Hijra ("Appointment of a Third Party for Personal Data Storage") while still prioritizing the confidentiality of Personal Data. Customer.
INFORMATION THAT MUST BE PROTECTED
1. Information in the form of Customer Name, Password, OTP (One Time Password), and PIN will be required to login, activate Device, and execute any transactions that Hijra thinks are required for authentication purposes. Customers must ensure to define, set and use a strong Password and PIN and not use Password and PIN that are easy to guess such as date of birth and address. The use of such abovementioned Password and PIN will be considered as Customer Negligence which will be fully accounted for by the Customer for the security and confidentiality of all use of his Mobile Banking and/or Hijra’s website.
2. Customer is fully responsible for the confidentiality of the Customer's security information, because such information has the equivalent effect as written instructions signed by the Customer, and will be treated as an explicit authorization by the Customer for Hijra to carry out transactions through the Mobile Banking, Hijra’s website and/or Other Services.
3. In using Biometric Data to log in to the Mobile Banking, the Customer must:
  1. be a Hijra KYC verified Customer,
  2. have downloaded the Mobile Banking on Device,
  3. have at least one Biometric Data registered on the Device.
4. If the Customer wants to utilize Biometric Data to login, the Customer shall activate this service after successfully creating an Account from the profile settings menu in the Hijra Mobile Banking.
5. After activating the Biometric Data function, the Customer can login and access the account using the biometric scanner on the Customer's Device.
6. Hijra is not responsible in the event of misuse by other parties whose Biometric Data is also registered in Customer Device
7. Customers can disable the login feature using Biometric Data at any time through the settings menu available in the Mobile Banking.
8. The Customer acknowledges and agrees that Hijra does not bear or guarantee, directly or indirectly, related to the use of Biometric Data login and or Mobile Banking, caused by, but not limited to:
  1. The login stage using Biometric Data or the Mobile Banking has met the requirements; or
  2. login using Biometric Data or Mobile Bankings will always be available, accessible or functional with network infrastructure, systems or other Services that Hijra offers from time to time.
9. Hijra is not responsible for any losses experienced by the Customer in connection with logging in using Biometric Data, whether intentionally or unintentionally, or using the Mobile Banking, even if Hijra has notified the possible losses suffered, including losses arising from:
  1. violation of Hijra provisions related to the login process using Biometric Data on Mobile Banking.
  2. the occurrence of an unauthorized access process and/or unauthorized use of electronic devices.
  3. use in all forms by other parties of information or data related to the Customer for using login with Biometric Data on the Mobile Banking and/or obtained from the use of the Customer when Signing-in via Login using Biometric Data or through the Mobile Banking.
  4. access to the Mobile Banking by logging in using Biometric Data by a party other than the Customer.
  5. any events beyond Hijra's control or due to improper use; and/or termination or termination occurs when logging in using Biometric Data on Mobile Banking.
REPRESENTATIONS AND WARRANTIES
1. Customers hereby represent and warrant that all information and Personal Data disclosed and submitted to Hijra are truthful and accurate.
2. The Customer hereby declares and guarantees that the Customer has obtained all the necessary approvals from the relevant parties as stated in this Privacy Policy, in the event that the Customer discloses, submits information and Personal Data belonging to the related party for the purpose of using Services, so that Hijra can obtain, collect , process, store, and use the Personal Data for the purposes as described in Point III of this Privacy Policy.
LIMITATIONS AND COMPENSATIONS
Hijra is committed not to trade Customer's Personal Data to any party, which includes making reasonable measures to ensure that none of its employees are involved in the purchasing and selling of Customer’s Personal Data to anybody. However, Hijra is not responsible for the losses suffered by the Customer in any form including the risk of loss caused or related to the Personal Data including failure to protect the confidentiality of Personal Data, submission, access, acquisition, processing, storage or use or transfer thereof, including disputes, investigations. , audits, law enforcement, and any investigative process, which is not proven to be caused or involve Hijra or Hijra's employees, representatives, attorneys, affiliates, or other related parties ("Losses and Legal Issues"). For the sake of clarity, legal certainty and transparency:
1. Hijra will not indemnify, respond to and cannot be involved, along with its employees, subsidiaries, affiliates or representatives, for any claims, demands, requests or statements of any kind arising out of or related to Losses and Legal Issues submitted without including an exact calculation that has been quantified, accurate and can be accounted for for real and direct damage (factual and direct damage) that Hijra Customers experienced, along with evidence that can be accepted by the courts or related judicial institutions regarding Hijra errors or omissions based on Article 1865 and 1866 of the Civil Code, Article 164 Het Herziene Indonesisch Reglement and Article 5 paragraph 1 of Law Number 11 of 2008 concerning as amended by Law Number 19 of 2016 concerning Information and Electronic Transactions;
2. Hijra is not responsible for the accuracy (except Personal Data which has been verified by Hijra in accordance with its policies), the validity, legality and completeness of the Customer's Personal Data and is not required to notify the Customer or any other party about it unless legally required; and
3. Hijra is not responsible for any violation of law by Customer or the rights of any third party due to or related to the acquisition or provision of Personal Data. In the event that there is an appointment of a third party for the storage of Personal Data, the Customer cannot claim, ask for compensation or any benefits from Hijra or its employees, attorneys, representatives, affiliates or parties related to Hijra in the event of a breach of confidentiality or failure of confidential protection of Personal Data or Losses and Legal Issues involving, caused or committed by the third party storing the concerned Personal Data. However, Hijra will still make reasonable efforts to notify the Customer of the breach of confidentiality when Hijra finds out about it from the third party.
CUSTOMER RIGHTS TO CHANGE, ADD, UPDATE AND/OR DELETE PERSONAL DATA
1. To ensure the accuracy, up-to-date, and usage of the Customer's Personal Data, the Customer may submit an application to Hijra for the purpose of changing, adding, updating, and deleting Personal Data previously obtained or submitted to Hijra.
2. Deletion of Personal Data by Hijra will be carried out in the event that the Customer withdraws his consent to the processing of the Personal Data in his possession and/or in the event that the Customer asks Hijra to delete the relevant Personal Data, while still complying with the applicable laws and regulations.
3. Changes, additions, updates and deletions of Personal Data as referred to in point 1 above will be followed up in accordance with Hijra's internal procedures whose stages are as follows:
  1. Requests for changes, additions, updates and/or deletions of Personal Data by Customers must be submitted via telephone and/or live chat to Hijra through Hijra Companions;
  2. Friends of Hijra verify the application within a period not exceeding 3 (three) working days after the receipt of the request for changes, additions, renewals and/or deletions;
  3. Friends of Hijra provide information to the Customer on the approval or disapproval of the application after verification;
  4. Hijra makes changes, additions, updates or deletions of Personal Data requested within a period not exceeding 3 (three) working days after Sahabat Hijra notifies the Customer that the request for change, addition, renewal or deletion has been approved; and
  5. Friends of Hijra will notify Customers regarding changes, additions, updates, or deletions of Personal Data that have been made.
CHANGES TO PRIVACY POLICY
Hijra reserves the right to make changes or modifications to the Privacy Policy on this page at any time, and such changes or updates will be communicated to the Customer as soon as possible via Hijra’s official media. Customers are recommended to read this Privacy Policy carefully, comprehensively, and thoroughly, and to review each of the provisions set forth in this Privacy Policy on a regular basis to learn about any modifications made to this Privacy Policy.

CUSTOMERS IDENTITY VERIFICATION POLICY
In relation with the identity verification process for the purpose of Mobile Banking and/or Account and/or Personal Account, Customers Personal Data in the form of demographic and/or Biometric Data will be checked for conformity, by PT Indonesia Digital Identity (VIDA) and/or other party appointed by Hijra as Hijra’s partner (“Other Hijra’s Partner”), with data recorded in the system of the government agency authorized to issue the relevant identity. If Customers Personal Data is verified for conformity, then VIDA as the Certification Authority certified by the Ministry of Communication and Informatics, will issue an digital certificate as evidence that Customer’s Personal Data has been verified and is in accordance with the data recorded in the system of the government agency authorized to issue the identity.
Therefore, Customers guarantee the accuracy of the Personal Data Customers provide and agree to the processing of Customers Personal Data for the purpose of issuing digital certificates and other services attached to digital certificates performed by VIDA and/or Other Hijra’s Partner.
Customers have read, understood, and agreed to be bound by the terms and conditions of the Certification Authority’s service contained in the Subscriber Agreement, CA Privacy Policy, and VIDA's Certification Practice Statement which can be accessed via https://repo.vida.id

COOKIE POLICY

What Are Cookies?
Cookies are text files that contain a number of information that will be downloaded to the Customer's device after the Customer visits a Mobile Banking and/or website . After that, the cookie is sent back to its original Mobile Banking and/or website on each subsequent visit, or to another Mobile Banking and/or website that recognizes that particular cookie. Cookies are useful because they allow Mobile Banking and/or website to recognize the Customer's device. More information about cookies can be found at:www.allaboutcookies.org.. Cookies serve a variety of purposes, including allowing Customers to move between sites more rapidly, remembering Customer preferences, and enhancing the overall Customer experience. Cookies can also assist to guarantee that the ads Customer see online are more relevant to Customer interests. Cookies may be learned more about atwww.allaboutcookies.org..
What is Hijra's Purpose of Using Cookies?
Cookies are used to improve the overall browsing experience. Hijra also employs cookies to track the functioning of the Mobile Banking and/or website as well as how visitors browse the Mobile Banking and/or website . Cookies on Mobile Banking and/or website do not gather any personally identifying information. Hijra expands on how to disable or enable cookies in the next section, as well as the consequences of doing so on the Customer's surfing experience.
Types of Cookies Used
Two types of cookies may be used on Mobile Banking and/or website : “cookie session” and “cookie permanent”. Cookie session is a temporary Session cookie that remains on the Device until the Customer leaves the Mobile Banking and/or website. Permanent cookies will remains on the device for a much longer period of time or until the Customer deletes them manually (how long the cookie stays on the device will depend on the duration or "life-time" of the particular cookie).
Third-Party Cookies
Hijra also uses some suppliers who may also set cookies on the Customer's device on behalf of Hijra when the Customer visits the Mobile Banking and/or website. Setting cookies allows them to provide the services provided. If Customers want more information about cookies, as well as information about how to opt out of receiving cookies, please see their privacy policy.
Cookies Used to Measure and Assess Mobile Banking and/or website:
GoogleAnalytics
1. Google Analytics Terms of Service (Indonesian Version)
  https://www.google.com/analytics/terms/id.html
2. Google Privacy Policy
  https://policies.google.com/privacy?hl=id&gl=ZZ
How To Disable Or Enable Cookies?
1. Disabling All Cookies
  Customers can accept or reject cookies by changing Customer's device settings. However, Customers will not be able to use all interactive features of Mobile Banking if cookies disabled.
2. Disabling Any Selected Cookies
  Links below will explain how Customers can opt-out of providing information to certain tools. However, please note that even if the Customer chooses to delete information related to cookies, the Customer's use of the products and/or Services provided by Hijra may be limited.
  Google Inc
  https://support.google.com/analytics/answer/181881?hl=en