Effective Date: June 22, 2026

1. Introduction

This Privacy Policy governs the manner in which Yayasan Quran Arabi Internasional ("We", "Us", "Our", or the "Foundation"), operating the digital education platform Quran Arabi ("Website" or "Platform"), collects, uses, maintains, and discloses information collected from users ("You", "User"). We strictly adhere to the personal data protection laws of the Republic of Indonesia and international general privacy protection standards.

2. Information Collection and Processing

We reserve the right to collect personal identification and non-personal identification information from Users in various ways, including, but not limited to, when Users visit our site, register on the Website, place an order, and interact with the activities and services available on our Platform. The collected information includes:

• Personally Identifiable Information (PII): Full name, email address, and access credentials (passwords which are stored in a cryptographically hashed format).
• Financial & Transactional Data: All payments and billing information are securely processed by a licensed third-party Merchant of Record (Paddle). We do not collect, store, or have direct access to your credit card or sensitive payment instrument details.
• Technical and Usage Data: Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), referring/exit pages, operating systems, date/time stamps, and clickstream data for analytical purposes.

3. Purpose of Data Utilization

Any information we collect is utilized exclusively for the following legally justified purposes:

• To facilitate and manage User account creation and continuous access to the Platform.
• To process transactional obligations through our payment processing partner (Paddle) to ensure the delivery of Digital Products.
• To deliver administrative notices, technical support, and communications related to service and policy updates.
• To comply with binding legal obligations, including fraud prevention and security risk mitigation.

4. Data Protection and Security

We adopt industry-standard physical, electronic, and managerial procedures to safeguard the confidentiality of information collected online. The implementation of Secure Socket Layer (SSL) technology facilitates encrypted transmission across networks. Unauthorized access, alteration, disclosure, or destruction of personal information or transaction data is strictly mitigated. However, no data transmission over the Internet can be guaranteed to be absolutely secure; thus, Users access the Platform at their own risk.

5. Third-Party Disclosure

As an entity bound by the law, We do not sell, trade, or rent Your personally identifiable information to any external parties. However, for operational necessity, We may share Your data with:

• Payment Processing Partner (Merchant of Record): Transactions are processed by Paddle, subject to stringent data protection obligations. Users are encouraged to review the Paddle Privacy Policy.
• Competent Authorities: Under court orders, law enforcement requests, or for legal compliance purposes, investigating Terms & Conditions violations, or protecting property rights, We reserve the right to disclose data without prior notice if mandated or permitted by law.

6. Cookies Policy

Our Website employs "cookies" (alphanumeric data files placed on Your device) to manage user identification sessions, maintain navigation preferences, and track site performance analytics. You retain the right to configure your browser software to refuse cookies; however, such refusal may limit the functionality and seamless operation of certain Platform features.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the original purposes of its collection as outlined in this Policy, or for an extended period if mandated by relevant laws (such as financial and tax document retention). In the event of account deletion, related data will be permanently and securely destroyed, unless retention is legally required.

8. Amendments to this Privacy Policy

The Foundation holds the full prerogative to revise, update, or modify the provisions of this Privacy Policy at any time without direct prior notification to individual users. The effective date of revision will be indicated at the top of this document. By continuing to access and use Our services following any modifications, You are deemed to have tacitly and bindingly accepted all such changes.

9. Contact Information

Should You have formal inquiries or claims pertaining to this Privacy Policy or the management of personal information, please direct written correspondences to: cs@quranarabi.com.