LEGAL REFERENCE

How We Handle Your Account Data

This is the depo99 privacy policy — the page that spells out what we collect when you open an account, why we keep it, and how long it...

Plain-English PolicyAccount Data ScopeIndonesia CoverageRetention WindowsYour Data Rights
View Game Library Read FAQ
depo99 How We Handle Your Account Data

Privacy Posture and Jurisdiction Notes

Our privacy posture follows the data-handling rules that apply where local law permits depo99 to operate. When you sign up from supported regions in Indonesia, we record the identifiers needed to run your account: name, contact details, device fingerprint and the e-wallet handle you choose at cashier. We retain that record while your account is active and for the statutory window after

closure. We don't sell your personal data to third parties. Payment context chips below show the cashier rails covered by this policy — the wallet handles you share at checkout are scoped to transaction processing only.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

HELP CHANNELS

Privacy Contact Paths

Privacy Inbox Write to our privacy desk for data-access requests, correction notes or deletion claims. We acknowledge within one business day and resolve standard requests inside the statutory window your jurisdiction sets.
Live Chat Escalation Open the chat widget and type 'privacy' to skip the general queue. The agent routes you to the data team, who can pull your account record and walk through what's on file with you directly.
Postal Channel For formal notices or regulator-routed claims, we accept signed letters at the registered address listed in your account footer. Include your account handle so we can match the request to the right record.
REVIEW SIGNALS

Editorial Trust Signals for This Policy

Reviewed Quarterly

Our policy team revisits this page every quarter so the wording matches what the cashier and account systems actually do. Version dates sit at the foot of the document for your reference.

Legal Counsel Sign-Off

Each revision is checked by counsel familiar with Indonesia's data protection framework before it goes live. We won't push a change to this page until that sign-off lands in writing.

Plain-English Drafting

We deliberately avoid dense legalese. If a clause needs a defined term, you'll see the definition inline so you don't have to scroll to a glossary while reading.

Change Log Kept

Material edits get a dated entry in the change log at the bottom. You can see what moved, when it moved and which section was affected without diffing the whole page.

Independent Audit

Our data-handling controls sit inside the same audit scope as the cashier and KYC stack. The auditor's letter is available on request through the privacy inbox.

Named Owner

This document has a named data protection owner inside depo99. That owner signs the change log and handles escalations the front-line team can't close.

Consistency With Our Other Policy Pages

Terms of Service
The account-conduct clauses in our Terms align with the data-retention windows stated here. Where the two pages reference each other, the cross-links point to the exact clause, not the page top.
Cookie Notice
Cookie categories listed in the banner match the tracking sections of this policy one-for-one. If a cookie isn't named here, it isn't dropped on your session.
KYC Statement
Identity-document handling described in KYC mirrors the verification paragraph in this policy. Retention windows are stated identically on both pages.
Cashier Disclosures
Wallet-handle storage at cashier follows the payment-data clause here. DANA, OVO, GoPay and QRIS references match across both documents.
Marketing Preferences
Opt-in and opt-out controls described in your account settings reflect the consent paragraphs below. Toggling either side updates both records in real time.
Complaints Path
The escalation ladder in our complaints page starts with the privacy inbox listed above when the issue is data-related, then moves to counsel.
Regulator Notices
Where regulators publish notices that touch this policy, we mirror the wording inside the relevant section and date the change in the log at page foot.
PLATFORM SNAPSHOT

What Sits On This Policy Page

Section Index The left rail lists every clause in reading order. Click...
Inline Definitions Defined terms like 'account data' or 'device identifier' are underlined...
Version Stamp A version stamp sits at the top right of the...
Request Buttons Inline buttons next to the rights paragraphs open the request...
Print View A print-friendly view strips the navigation and renders the full...
Language Toggle Toggle between English and Bahasa Indonesia at the page header...

Privacy Questions We Get Most

We record your name, contact details, the wallet handle you pick at cashier and a device identifier for session security. Document images for verification are added once you complete KYC, and nothing beyond that scope is stored.

Active accounts retain their full record while you're using the lobby. After closure, we hold the statutory window required by Indonesian financial-services rules, then the record is purged from production systems on a scheduled cycle.

Yes. Open the privacy inbox link or hit the access-request button next to the rights clause. We confirm your identity through the account channel and return a structured export within the statutory response window.

Only the fields the rail needs to process your transaction. DANA, OVO, GoPay and QRIS receive the wallet handle and amount, not your full account profile. The cashier disclosure page lists the exact fields per rail.

Open account settings and toggle the marketing preferences off. The change is recorded immediately and propagates to email, SMS and in-app channels. You'll still receive transactional messages tied to your account activity.

Material changes are dated in the change log at the foot of this page and surfaced through an in-app notice the next time you sign in. The previous version stays archived for reference if you need to compare wording.

Start with the privacy inbox, then ask for the named data protection owner if the front-line reply doesn't close the matter. Beyond that, the complaints page lists the regulator route available in your jurisdiction.