djarumPrivacy Policy
This page describes what we collect when you use djarum and how we keep that data protected. We process personal information only to verify your identity, process your deposits and withdrawals, and provide customer support. Our data handling is subject to applicable privacy law in your jurisdiction. We do not sell your information to third parties, and we do not track your activity outside our platform.
We collect your data across multiple touchpoints: account registration (email, phone, name), account verification (government ID, address), payment processing (bank details, transaction history), and customer support interactions (messages, account notes). Each data category serves a specific operational purpose on djarum. We store this data on secure servers and retain it only as long as necessary to serve your account or comply with applicable law.
We staff multilingual support to answer questions about your data. You have the right to request access to your personal information, correct inaccurate data, or delete your account and associated records. Our support team handles these requests subject to verification windows and applicable legal holds.
What Data We Collect on djarum
We collect account information at registration: your full name, email address, phone number, date of birth, and residential address. We require this data to verify your identity and comply with anti-money-laundering (AML) regulations. We do not share this information with advertisers or marketing partners.
When you deposit or withdraw on djarum, we collect payment details specific to your chosen method. For DANA, e-wallet, mobile banking, local payment, and online payment, we store your account identifier and transaction history. For e-wallet payments, we record the transaction reference and timestamp. For bank virtual accounts (mobile banking, local payment, online payment, e-wallet), we collect your account number and bank routing information. We do not store your full card number or PIN.
We collect verification documents—government-issued ID, passport, or driver's license—during the KYC process. We store an encrypted copy of your ID for audit purposes and to prevent account fraud. We do not use your ID for any purpose outside verification. We retain verification records for a minimum period required by applicable law, then delete them securely.
We log your account activity: login timestamps, game history, betting slips, withdrawal requests, and customer support interactions. We use this data to detect fraud, investigate disputes, and improve our service quality. We retain activity logs for a period sufficient to investigate complaints and then purge them according to our data retention schedule.
How We Use Your Data on djarum
We use your personal information to operate your account, process deposits and withdrawals, and verify your identity. We match your payment method to your registered account to prevent fraud and ensure you can withdraw to the same source. We cross-reference your information against sanctions lists and AML databases to comply with regulatory requirements.
We use your email and phone to send account notifications: deposit confirmations, withdrawal status updates, login alerts, and password-reset instructions. We send these messages automatically and only as necessary. We do not send promotional content unless you opt in during account setup.
We use your support tickets and chat history to resolve disputes and improve our response quality. We may flag your account if you report a technical issue (e.g., delayed withdrawal, game malfunction) so our team can investigate. We do not use this data to build customer profiles or make automated decisions about your account eligibility.
Third Parties and Data Processors
We partner with third-party processors to handle specific functions. Our payment processors (the teams behind mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, and bank providers) receive your payment details to settle transactions. We do not control their data practices—you should review their privacy policies separately.
We use a third-party identity verification service to validate your government ID. This service does not store your data beyond the verification process. We use encrypted tunnels to transmit your ID information, and we do not retain copies on their systems.
Our customer support platform may be hosted on third-party infrastructure. Any chat messages, support tickets, or sensitive account notes are encrypted in transit and at rest. We have data-processing agreements in place with all vendors, requiring them to use your data only for the purpose we specify and to maintain security standards equivalent to our own.
Our servers may sit outside your jurisdiction. Your data may be processed in data centers located in Southeast Asia or beyond. We maintain the same security and privacy standards regardless of server location. You are responsible for verifying that cross-border data transfer complies with your jurisdiction's law.
- Identity verification
- We collect your government ID and store an encrypted copy. We use this data only to prevent fraud and verify your eligibility to hold a djarum account.
- Payment data
- We store your payment method details securely and use them only to process deposits and withdrawals. We do not store full card numbers or PINs.
- Account activity
- We log your login history, game activity, and betting records to detect fraud and investigate disputes. We retain activity logs for a defined period then purge them.
- Support interactions
- We keep copies of your support messages to resolve issues and provide context for future inquiries. You can request deletion of old support records.
Your Rights and Our Data Practices
We operate across major Indonesian cities—Jakarta, Surabaya, Bandung, Medan, Semarang, and Yogyakarta. You have the right to request access to your personal data held by djarum. Send a written request to our support team with your account ID and registered name. We respond within 30 days, providing a download of your data in portable format.
You have the right to request correction of inaccurate information. If your address or phone number changes, log into your account and update it directly. If you cannot access your account, contact support and we will update your records after verifying your identity.
You have the right to request deletion of your personal data. We will close your account and remove personal information from active systems. We may retain encrypted backups for a period required by law (typically 7 years for financial records). After the retention period, we securely purge all data associated with your account.
We use cookies and similar technologies to remember your login state and preferences. We do not use cookies to track your behavior outside djarum. You can disable cookies in your browser settings, though this may affect your account experience. We do not share cookie data with advertisers.
Security and Contact
We encrypt all data in transit using industry-standard TLS protocols. We store sensitive information (ID copies, payment details, support notes) encrypted at rest. We limit access to your data to authorized staff and automated processes only. We conduct regular security audits and respond to suspected breaches within our standard incident-response windows.
If you suspect your djarum account has been compromised, change your password immediately and contact our support team. We will lock your account, review login history, and restore it once we confirm the breach did not result in unauthorized transactions.
To exercise your data rights or ask questions about our privacy practices, contact our support team via email or in-app chat. We offer multilingual support during peak hours and respond to privacy requests within our standard processing windows. Our support team can guide you through account recovery, data deletion, or other privacy-related concerns.
We may update this privacy policy to reflect changes in our data practices or applicable law. We notify account holders of material changes via email or in-app notice. Continued use of djarum after an update means you accept the revised policy. We publish the date of last update at the end of this page.