gayo138 Platform Privacy Notice

This page describes what we collect when you use gayo138 and how we keep that data protected. When you register, deposit, withdraw, or play on our platform, we collect personal information necessary to verify your identity, process payments, and maintain account security. We encrypt all sensitive data and store it on secure servers. We do not share your information with third parties without your consent, except as required by law.

Our privacy policy applies to all users accessing gayo138 through Android APK installation, iOS browser, or desktop. We comply with data-protection standards and respect your rights to access, correct, and delete your personal information. This document explains our data practices in plain language — no legal jargon where simpler phrasing works.

If you have questions about how we handle your data, our support team can provide specific answers. We remain committed to transparency about our data practices and your control over your personal information on gayo138.

What data we collect on gayo138

We collect personal information when you create an account on gayo138. During registration, we ask for your email address and a secure password. We use your email to send account notifications, password resets, and withdrawal confirmations. Your password remains encrypted and never appears in plain text in our database.

When you complete identity verification (KYC), we collect your full name, date of birth, and a government ID number. You upload a clear photo of your ID document, which our compliance team reviews to verify you are who you claim to be. We store these documents encrypted in a separate, highly secured database. We do not use your identity information for any purpose other than account verification and regulatory compliance.

We collect payment information when you deposit or request a withdrawal. For DANA, e-wallet, mobile banking, local payment, and online payment deposits, we record your transaction ID and the amount transferred. For bank transfers via e-wallet, mobile banking, local payment, or online payment, we collect the bank account number you transfer from (the last four digits only are visible in your account history). We encrypt all payment details and store them separately from other account data.

We collect gameplay data as you use gayo138 — which games you play, your stakes, your results, and your account balance changes. This data helps us track fair payouts, detect fraud, and respond to player disputes about game outcomes. We maintain permanent records of all game results and can verify any specific outcome with timestamps.

Note: We collect no browsing data through cookies or similar trackers on gayo138. We do not track your activity outside our platform or across the internet. Your privacy is limited to your interaction with gayo138 only.

How we use your data on gayo138

We use your personal information to operate your gayo138 account. We verify your identity through KYC to comply with financial regulations and prevent fraud. We process your deposits and withdrawals using the payment details you provide. We calculate your account balance, process your game results, and maintain your transaction history.

We use your data to detect suspicious activity. Our fraud-prevention team monitors for patterns that suggest unauthorized access, money-laundering, or account abuse. If we detect unusual activity, we may temporarily suspend your account and contact you to verify that the activity was legitimate. We do not share our fraud-detection findings with third parties unless legally required.

We use your email address to send transactional notifications — account login confirmations, deposit receipts, withdrawal confirmations, and password resets. These messages are essential to account security and you cannot opt out of them. We may also send optional notifications about game updates, new features, or tournaments relevant to Liga 1, Piala Indonesia, or Piala AFF coverage if you have enabled notifications in your account settings.

We use gameplay data to improve gayo138. We analyze which games are most popular, which payment methods work most smoothly, and which features players use frequently. This analysis helps us make platform improvements. We never use your individual gameplay patterns for marketing or sell your data to advertisers.

Where we store your data and how long we keep it

We at gayo138 store your personal information on secure servers. Some of our servers may sit outside your jurisdiction — this is standard practice for online platforms. All data remains encrypted whether in transit or at rest. We use industry-standard encryption (TLS 1.2 and above for data in transit; AES-256 for data at rest).

We retain your account data indefinitely while your account remains active. This allows us to maintain your game history, transaction records, and account balance. If you close your account on gayo138, we retain your data for a minimum of seven years to comply with financial-regulatory requirements. After seven years, we delete your personal information unless we are legally required to retain it longer.

We retain identity verification documents (your ID photo and related KYC information) for as long as your account is active, plus seven years after closure. This retention allows us to respond to regulatory inquiries and resolve disputes about past transactions. We do not use these documents after your account closure except as required by law.

Your rights to access and delete your data

We at gayo138 give you the right to request access to your personal information, request corrections to inaccurate data, and request deletion of your data (subject to legal-retention requirements). To exercise these rights, contact our support team with your request. We respond to all data-access requests within 30 days.

Third-party service providers on gayo138

We use third-party payment processors to handle deposits and withdrawals on gayo138. When you deposit via e-wallet, mobile banking, local payment, online payment, or e-wallet, those payment providers handle the transaction. We do not receive or store your payment app credentials. We receive only a confirmation that your deposit was successful. Similarly, when you withdraw to your bank account or payment app, the third-party provider handles the final transfer.

We use third-party cloud providers to host our servers and store encrypted data. These providers have signed data-protection agreements with us and are not permitted to access your unencrypted information. We conduct regular security audits of our providers to ensure they maintain adequate data security.

We do not sell your personal information to advertisers, data brokers, or marketing companies. We do not share your data with any third party except payment processors (for deposits and withdrawals), cloud hosts (for secure storage), and law-enforcement authorities (when legally required by court order or regulatory request).

Cookies and tracking on gayo138

We do not use cookies to track your activity across the internet or build profiles for advertising purposes. We use session cookies only to keep you logged into your gayo138 account during your current session. When you close your browser, the session cookie expires and you are automatically logged out. This is a security measure, not a tracking mechanism.

We do not use web analytics services that track individual user behavior. We do not install pixels or beacons that follow you across websites. Your privacy on gayo138 is limited to your direct interaction with our platform — we collect no data about your activity outside gayo138.

If you access gayo138 through our Android app, your phone may send standard app-usage data to Google (for Android devices). This is controlled by your device settings, not by us. We do not access this data. You can disable app analytics in your phone's system settings.

How we protect your data on gayo138

We use encryption to protect sensitive data. All communication between your phone or computer and our servers uses TLS 1.2 encryption or higher. Your password is encrypted with one-way hashing — we cannot read it, even internally. Your identity documents and payment details are stored in encrypted form on our servers.

We require two-factor authentication (2FA) on all gayo138 accounts. When 2FA is enabled, login requires a one-time verification code sent to your phone or email — even if someone learns your password, they cannot access your account without the code. We strongly recommend enabling 2FA in your account settings.

We monitor our servers for unauthorized access attempts. Our security team maintains intrusion-detection systems and regular security audits. If we detect a data breach or security incident, we notify affected users immediately via email and take steps to contain the breach. We do not hide security incidents — we disclose them to users and regulators as required by law.

Your rights regarding your data on gayo138

You have the right to access your personal information. You can view your account details, transaction history, and KYC verification status anytime in your gayo138 account settings. To request a complete copy of your data in a portable format, contact our support team and we will provide it within 30 days.

You have the right to correct inaccurate information. If your name, email, or other details change, update them in your account settings. If you cannot change something yourself, contact our support team and we will make the correction.

You have the right to delete your data. You can close your gayo138 account anytime by requesting closure through our support team. We will delete your personal information seven years after closure, as required by financial regulations. During the seven-year retention period, we store your data encrypted and do not use it except as required by law.

You have the right to lodge a complaint if you believe we have violated your privacy rights. Contact our support team first — we will investigate your complaint and respond within 30 days. If you remain unsatisfied with our response, you may file a complaint with your local data-protection authority.

Changes to our privacy policy

We may update this privacy policy from time to time. If we make material changes that affect how we use your data, we will notify all gayo138 users via email at least 14 days before the changes take effect. Continued use of gayo138 after the notification period constitutes acceptance of the updated policy.

If you do not accept updated privacy terms, you can close your account before the changes take effect. We will process your account closure and withdraw your balance within our standard withdrawal review window.

Jurisdiction and applicable law

This privacy policy applies to all users accessing gayo138 from any location where our services are available under applicable law. We at gayo138 operate under jurisdiction-restricted framing — our services are available only where local law permits. Users remain responsible for verifying that their use of gayo138 complies with their local jurisdiction's data-protection and privacy regulations.

If you access gayo138 from Jakarta, Surabaya, Bandung, or Medan, this privacy policy describes our standard data practices across all supported regions. We maintain equivalent data protection, encryption standards, and user rights regardless of where you access our platform. Some jurisdictions may have specific data-protection laws that provide additional rights beyond what we describe here — those rights remain available to you.

If local law requires us to provide your data to government or law-enforcement authorities, we will do so only under a valid court order or formal legal request. We will notify you of such requests whenever legally permitted to do so. We will not provide your data in response to informal requests or without legal process.

We maintain our commitment to privacy and data security across holiday periods including Idul Fitri, Idul Adha, and Imlek. Our encryption and data-protection measures remain active continuously — no changes occur during holidays.