Scope of Data
Privacy policy covers account, session and transaction reference data — matching the narrower account-terms description and the cookie notice that handles browser-side identifiers.
This is the vip 288 privacy policy — written for the account you open with us, not buried under jargon. We outline what data we collect when you...
Our policy applies where local law permits and across supported regions of Indonesia. We collect three buckets of information: account identity (the email and phone you register with), session data (device, IP, lobby pages opened), and transaction references tied to your DANA, OVO, GoPay or QRIS top-ups. We never store full wallet credentials — only the tokenised reference your provider sends back.
Marketing consent is opt-in and reversible from your account panel. Where Indonesian regulation requires retention windows, we honour them; otherwise records age out on a rolling 24-month cycle. Disputes follow the contact paths listed below before any escalation.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
This document isn't static. We refresh it on a quarterly cycle and after any material change to how the lobby handles your data.
Our internal compliance team walks the policy against actual data flows every quarter, checking that what we describe still matches what the platform stores about your account.
A named privacy lead signs off every revision. The role sits outside marketing so policy wording stays accurate rather than persuasive when describing your rights.
Each published version carries a date stamp and a short changelog. Older revisions stay available on request so you can compare what changed between the account terms you accepted.
Local legal counsel reviews jurisdiction-specific clauses, particularly retention windows and the DANA, OVO, GoPay and QRIS transaction references we keep on file.
Third-party processors (analytics, payment routing, KYC) are reviewed annually. We list categories rather than names so updates don't leave outdated vendor entries on the page.
If a clause reads ambiguously, tell us. The privacy inbox tracks reader queries and the most-asked questions feed directly into the next revision of this document.
This policy aligns with the other legal documents on vip 288. Use the table below to see how scope, retention and contact paths line up.
Privacy policy covers account, session and transaction reference data — matching the narrower account-terms description and the cookie notice that handles browser-side identifiers.
24-month rolling default here mirrors the account terms; KYC documents follow a longer regulatory window described in the AML clause rather than this page.
Privacy inbox is the single front door across pages. The terms page points to the same email for data questions to keep routing consistent for you.
Marketing opt-in language matches the registration screen wording exactly so what you tick at sign-up reads identically when you revisit this policy later.
Both this page and our terms use the phrase where local law permits, keeping access language uniform across supported regions of Indonesia without contradiction.
Quarterly review here is faster than the annual terms refresh, reflecting that data handling shifts more often than the contractual relationship behind your account.
Material policy changes trigger an in-lobby banner and an email — the same dual-channel notice pattern used for terms updates and security advisories.
A quick map of the elements you'll find here so the document stays easy to scan rather than a wall of text.
Every section uses everyday wording first and legal phrasing second. If a term needs precision, we define it inline rather than sending you to a separate glossary page.
We enumerate exactly which fields sit in your account record. No vague we may collect information catch-alls — the categories are bounded and described in concrete terms.
Access, correction, deletion and portability rights are summarised near the top of the policy with the contact path attached so action steps are visible alongside the right.
Time windows for each data category are listed together rather than scattered, making it straightforward to see how long any specific record stays on file.
When this page changes, the lobby shows a banner pointing here. The badge in the hero records the last refresh date so you spot revisions immediately.
Indonesia-specific clauses sit in their own block rather than mixed with global text, so the rules that apply to your account are easy to isolate when reading.