How We Handle Your Account Data
This is the slotbom 77 privacy policy — the page that tells you exactly what we collect when you open an account, how we store it, and which...
Our Privacy Posture for Indonesia
We collect only what your account needs: your handle, contact details, verified identity fields, and the wallet reference you use to fund play. Your DANA, OVO, GoPay or QRIS identifier sits encrypted in our payment ledger and is never shared with third-party marketers. Where local law permits, we retain transaction records for the period our licence requires, then purge them on schedule.
You can request a copy of everything we hold on you, ask us to correct a field, or close the account entirely — we action these within the windows our jurisdiction sets, and we'll confirm in writing when it's done.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
How This Policy Is Reviewed
Quarterly Legal Review
Our counsel reviews this page every quarter against current Indonesian data rules. When wording changes, the revision date at the foot of the policy moves and we email account holders a short summary of what shifted.
Named Data Owner
A single privacy lead signs off every edit on this page. That accountability means you always have one desk to write to when something on your account profile needs explaining or correcting.
Encryption Standards
Wallet identifiers, contact fields and verification documents sit behind layered encryption at rest and in transit. We rotate keys on a fixed cadence and log every internal access against the staff member who opened the record.
Vendor Vetting
Any processor that touches your data — payment rails, KYC checks, chat tooling — is contracted under written data terms. We publish the category list inside this policy and update it whenever a vendor is added or removed.
Breach Protocol
If a security event ever reaches account data, we notify affected holders and the relevant authority inside the window our licence specifies. The notice tells you what was exposed and what we've already done.
Audit Trail
Every consent change, export request and erasure runs through a logged workflow. You can ask for the trail tied to your own account and we'll send the file across with timestamps attached.
Consistent With Our Other Legal Pages
| Terms of Service | The definitions used here — account, wallet reference, verification — match the Terms page word-for-word so there's no gap between what you agreed to and what we store. |
|---|---|
| Cookie Notice | Cookie categories are spelled out on their own page, but the consent controls described here are the same toggles that surface inside your account settings panel. |
| KYC Policy | Identity documents collected under KYC are governed by the retention windows set out in this privacy policy, not by a separate schedule, so you only need to read one timeline. |
| AML Notice | Anti-money-laundering checks reference the same wallet identifiers covered here. Where we must retain longer for AML reasons, this policy flags the exception in plain language. |
| Complaints Policy | If a privacy request is refused, the escalation path mirrors our general complaints flow — same inbox, same response windows, same final-decision letter format. |
| Marketing Preferences | Opt-ins for promotional messages are stored under the consent register described in this policy. Toggling them off in your account updates the register in real time. |
| Account Closure | When you close your account, the erasure schedule on this page governs what we delete and what we must keep for licensing — the same rules apply across every legal page. |
What Sits on This Policy Page
Revision Date
The footer of this page carries the last-reviewed stamp. Check it before you action any data request so you know which version of the policy your reading is tied to.
Data Categories
A clear block lists every category of information we hold on your account — identity, contact, wallet reference, session logs — so you can map each field back to a part of the sign-in flow.
Retention Windows
Each data category carries a retention window expressed in months or years. Where our licence forces a longer hold, the exception is named so you can see exactly why the timer differs.
Your Rights Panel
A short panel summarises the rights you can exercise: access, correction, erasure, portability and objection. Each one links to the contact path that triggers it inside our privacy queue.
Vendor Categories
We name the categories of processors that touch your data and explain why each is needed. The list updates whenever a vendor is added, with the change reflected in the revision stamp.
Plain-English Summary
At the head of every major clause we give a one-line summary in plain language, then the full wording underneath. Read the summaries for orientation, the detail when you need certainty.