Home Privacy Policy

Privacy Policy

Last updated: May 2026

1. Introduction

Bimasena Advisory ("we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, and your rights under applicable law — including Indonesia's Personal Data Protection Law (Undang-Undang Perlindungan Data Pribadi / UU PDP No. 27 of 2022).

By using our website (bimasena.co.id) or contacting us through any channel, you agree to the practices described in this policy.

2. Information We Collect

We collect information in the following ways:

Information you provide directly

  • Contact form submissions: full name, email address, phone number, company name, service of interest, and your message.
  • WhatsApp conversations: any information you share when contacting us via WhatsApp.

Information collected automatically

  • Website usage data via Google Analytics 4: pages visited, time on site, device type, browser, approximate location (country/city level), and traffic source. This data is anonymised and aggregated.
  • Form submission metadata via Netlify Forms: submission timestamp and IP address (processed by Netlify on our behalf).

Information we do not collect

  • We do not collect payment information — no credit card or bank account data.
  • We do not use cookies for advertising or tracking beyond Google Analytics.

3. How We Use Your Information

We use the information we collect to:

  • Respond to your enquiries and provide the consulting services you request.
  • Schedule and conduct consultations.
  • Send you relevant updates, proposals, or follow-up information related to your enquiry.
  • Improve our website and understand how visitors use it (via anonymised analytics).
  • Comply with legal obligations under Indonesian law.

We do not use your personal data for automated decision-making or profiling.

4. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Consent: when you submit a contact form or initiate contact via WhatsApp, you consent to being contacted by our team.
  • Legitimate interests: to analyse website usage and improve our services.
  • Legal obligation: where required by Indonesian law or regulation.

5. How We Share Your Information

We do not sell, rent, or trade your personal data. We share data only with the following service providers who help us operate our website and business:

  • Netlify (netlify.com) — hosts our website and processes contact form submissions. Netlify stores form data on servers that may be located outside Indonesia. Netlify's privacy policy applies to their processing.
  • Google Analytics (analytics.google.com) — provides anonymised website traffic analytics. Data is processed by Google in accordance with their privacy policy. We have enabled IP anonymisation.
  • Sanity.io (sanity.io) — powers our content management system (CMS) for blog articles and team content. No personal visitor data is sent to Sanity.
  • WhatsApp / Meta — if you contact us via WhatsApp, your conversation is subject to WhatsApp's privacy policy in addition to this policy.

All third-party providers are required to handle your data securely and only for the purposes we specify.

6. Data Retention

We retain personal data for as long as necessary to fulfil the purpose for which it was collected:

  • Contact form submissions: retained for up to 24 months, then deleted.
  • Google Analytics data: retained for 14 months (Google's default, set in our analytics account).
  • WhatsApp conversations: retained until you request deletion or the conversation is no longer relevant.

7. Your Rights

Under UU PDP and applicable data protection principles, you have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request correction of inaccurate or incomplete data.
  • Deletion — request that we delete your personal data (subject to legal retention requirements).
  • Withdrawal of consent — withdraw consent to processing at any time, where consent is the legal basis.
  • Objection — object to processing of your data in certain circumstances.

To exercise any of these rights, contact us at bimo.adityoaji@bimasena.co with the subject line "Privacy Request". We will respond within 14 business days.

8. Cookies

Our website uses the following cookies:

  • Google Analytics cookies (_ga, _gid, _gat) — used to distinguish users and throttle request rate. These are analytics cookies, not advertising cookies.
  • No other tracking, advertising, or third-party cookies are set by this website.

You can disable cookies at any time through your browser settings. Disabling analytics cookies will not affect your ability to use the website.

9. Security

We take reasonable technical and organisational measures to protect your personal data from unauthorised access, disclosure, alteration, or destruction. Our website is served over HTTPS. Form data is transmitted securely to Netlify's servers.

No method of transmission over the internet is 100% secure. If you have security concerns about your data, please contact us immediately.

10. Children's Privacy

Our website and services are not directed at children under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically. Continued use of our website after any changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your data:

← Back to Homepage