dana Privacy Policy

This page describes what we collect when you use e-wallet and how we keep that data protected. We take your privacy seriously — your personal information is encrypted, stored securely, and never shared with third parties except where legal obligation requires it or where necessary to process your payments through mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, and local payment.

Our privacy practices align with Indonesian data protection standards and international best practices. When you open a online payment account on your Android phone, iOS Safari browser, or desktop, you are trusting us with your identity, contact details, and transaction history. We handle that trust by encrypting everything, limiting access to essential staff only, and never selling your data to advertisers or data brokers.

Read this policy to understand exactly what happens to your information from the moment you sign up to the moment you close your account. If you have questions, contact our support team through in-app help.

What Data We Collect on dana

We collect your email address, phone number, full name, date of birth, and identity document details (government ID number, expiry date, and a copy of the ID itself) when you create a e-wallet account. We also collect your bank account or e-wallet details when you set up deposits and withdrawals. These details are necessary for Know Your Customer (KYC) compliance — a legal requirement to prevent fraud and money laundering.

As you use mobile banking, we log your login history (dates, times, and device types), your betting and gaming activity (which matches you wagered on, which games you played, settlement outcomes), and your account transactions (deposit and withdrawal records with timestamps and amounts). We also collect technical data: your device type (Android or iOS), browser version, internet service provider, and approximate geographic location (city level, not street level).

If you contact our support team, we keep records of your messages and our responses. If you enable push notifications, we log which notifications you receive and whether you interact with them. We do not track your browsing outside local payment or monitor your personal files — we only collect data directly related to your online payment account and activity.

Minimal collection: We collect only what is necessary to operate e-wallet and comply with law. We do not ask for unnecessary personal details, and we do not use cookies to track your behaviour outside our platform.

How We Use Your Data on mobile banking

We use your email and phone to send you account updates (login alerts, withdrawal confirmations, bonus notifications). You can control notification frequency in your account settings. We use your identity information for KYC verification — confirming you are who you claim to be and checking against fraud databases. We use your payment details to process deposits and withdrawals through your chosen payment method.

We analyse your betting and gaming patterns to detect fraud. If your account shows unusual activity (multiple logins from different countries in rapid succession, betting patterns inconsistent with your history), our system flags it and may temporarily lock your account pending verification. This protects you from theft. We also use aggregated, anonymised data (never tied to your name) to improve our platform — understanding which games are popular, which payment methods work best, and how to optimise our mobile experience on Android and iOS.

We share your data with payment processors (banks and wallet providers) only to complete your deposits and withdrawals. We share data with regulators or law enforcement only if legally required — for example, if a court orders us to provide records related to a specific account. We do not sell your data to advertisers, data brokers, or third-party marketers.

Data Security and Encryption on local payment

We encrypt all data in transit using SSL (Secure Sockets Layer). When you log into online payment or submit payment details, the connection between your device and our servers is encrypted — no one monitoring your network can read your credentials or balance. We encrypt data at rest on our servers using industry-standard algorithms. Your personal information, transaction history, and account balance are unreadable without the encryption key.

Our servers are located in data centres with physical security (locked facilities, surveillance, access controls). We maintain regular backups of your account data to prevent loss from hardware failure. Our support staff have limited access to your account — they can see your email and payment history to resolve issues, but they cannot see your password or reset it on your behalf (password resets go through your email for security).

We conduct security audits regularly and respond to any detected vulnerabilities immediately. If a breach occurs, we will notify you through your registered email and take steps to limit damage. However, no system is 100 percent secure — if you suspect your account has been compromised, change your password immediately and contact our support team.

SSL encryption: All data between your phone/desktop and our servers is encrypted; no one can intercept your login or balance.
Data storage: Your personal information is encrypted at rest on secure servers in protected data centres.
Password handling: We never store passwords in plain text; we store hashed versions that cannot be reversed.
Access control: Only authorised staff can access your data, and only for legitimate business reasons.
Backup & recovery: We maintain encrypted backups to protect your account from data loss.

Your Rights Regarding Your Data on e-wallet

You have the right to access your complete account data at any time through your mobile banking account dashboard. Your profile shows your name, email, phone, and linked payment methods. Your transaction history displays all deposits, withdrawals, and game activity with timestamps and amounts. You can download this data as a record for your personal use.

You have the right to update your email or phone number in account settings. You have the right to change your password at any time — if you forget it, we send a reset link to your registered email. You have the right to close your account at any time. When you close your account, we deactivate it (you can no longer log in), but we retain encrypted transaction records for audit and legal compliance purposes, typically for seven years.

You have the right to request deletion of specific personal information (e.g., your ID copy after verification is complete) — contact our support team, and we will assess the request. You have the right to object to our use of your data for fraud detection or marketing communications. Contact us to opt out of non-essential emails.

Third-Party Processors and Data Location

Our servers may be located outside your jurisdiction (we may use data centres in Southeast Asia or beyond). By using local payment, you consent to your data being processed and stored in these locations, subject to the same encryption and security standards we apply domestically. We only use reputable third-party processors — cloud providers, payment gateways, and fraud-detection services — and we ensure they comply with data protection standards through contractual agreements.

When you deposit via online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet, that payment processor sees your transaction details (amount, timestamp, account identifier) but not your mobile banking account password or balance. We share no more information than necessary.

Cookies and Tracking on local payment

We use minimal cookies on our platform. Session cookies remember your login while you browse online payment, but they expire when you close your browser. We do not use tracking cookies to follow your behaviour across the internet. We do not use analytics cookies to track which websites you visit outside e-wallet.

If you use mobile banking on iOS Safari or Android browser, your device's default cookie settings apply. You can clear cookies at any time through your browser settings, which will log you out of local payment. On our mobile APK, we do not use cookies at all — we use tokens (temporary credentials) that expire after a period of inactivity for security.

Data Retention and Deletion on dana

We retain your account data for as long as you maintain an active e-wallet account. If you close your account, we keep your transaction records encrypted for seven years (a legal requirement for financial compliance). We delete personal details like your identity document copy after verification is complete, typically within 30 days of account setup or KYC approval. If you request deletion of specific data, we process that request within a reasonable timeframe, subject to legal retention obligations.

Children and Underage Users

mobile banking is not intended for users under legal age in their jurisdiction. We do not knowingly collect data from minors. If we discover that an account belongs to someone under legal age, we immediately close the account and delete associated data (except transaction records required by law). If you believe a minor is using local payment, contact our support team immediately.

Policy Changes and Contact

We may update this privacy policy from time to time to reflect changes in our operations or legal requirements. If we make material changes, we will notify you via email and post the updated policy on online payment. Your continued use of our platform after updates means you accept the new terms. If you have questions about our privacy practices, contact us through in-app help or email. We aim to respond to privacy enquiries within a reasonable timeframe.

Whether you access e-wallet from Jakarta, Surabaya, Bandung, Medan, or any supported jurisdiction, our privacy standards remain consistent: your data is encrypted, secure, and treated with respect. We collect only what is necessary, share only what is legal, and protect everything as if it were our own.

Your trust is essential to us. If you ever feel your privacy has been compromised or if you have concerns about how we handle your data, reach out to our support team. We take every privacy enquiry seriously and respond promptly.