LEGAL REFERENCE

How We Handle Your Account Data

This is the bandot privacy policy — the plain-English version of what we collect, why we hold it and how long it stays with us. You'll see how...

Account dataDevice signalsPayment referencesCookie controlsIndonesia scope
Account access Read FAQ
bandot How We Handle Your Account Data

Our Privacy Posture and Your Rights

We process your personal data where local law permits and only for purposes tied to your bandot account: identity checks, lobby personalisation, payout routing and fraud prevention. In supported regions across Indonesia, you can request access to your records, ask us to correct details, or close your account and have associated data retired in line with retention rules. We never sell your

details to outside marketers. Payment references tied to DANA, OVO, GoPay and QRIS are held only as long as needed to reconcile your transactions and satisfy local record-keeping obligations.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

PLAYER SUPPORT

Privacy Contact Paths

If something in this policy needs clarifying, or you want to exercise a data right on your bandot account, reach us through...

Privacy Inbox Email our data team at [email protected] with your...
In-App Chat Open the chat bubble from your bandot lobby...
Account Settings Head to your profile, open Privacy Controls and...
TRUST MARKERS

How We Keep This Policy Honest

Our privacy text is written by people, reviewed by counsel and refreshed when the rules around it change. Here's how we keep it credible.

Counsel Reviewed

Every clause in this policy is checked by data-protection counsel familiar with Indonesia's personal data rules before it goes live on bandot.app. We log each review with a date stamp.

Version History

We keep older privacy versions in our archive so you can see exactly what changed and when. Material updates trigger an in-lobby notice the next time you open your account.

Plain Language

We avoid clause-stacking and footnote-heavy legalese. If a sentence here needs two readings to parse, we rewrite it. Your rights should be readable, not buried under definitions.

Named Owner

A real person at bandot owns this policy and signs off on edits. That accountability sits with our data officer, not an outsourced compliance vendor working from a template.

Encrypted Storage

Personal data on bandot is encrypted at rest and in transit. Internal access is role-gated, logged and audited so only the staff who genuinely need a record can pull one.

Retention Discipline

We hold account data only as long as the law and your active relationship with bandot require. Closed accounts move into a short retention window, then the records are retired.

Consistent Across Our Legal Pages

This policy lines up with the other legal documents on bandot — terms, cookies, account closure. Here's how the pieces match up so nothing contradicts.

Terms of Use
Defines the account agreement; this privacy policy explains the data side of that same agreement, using identical defined terms so you don't have to translate between the two.
Cookie Notice
Lists categories and lifespans of cookies bandot drops; this policy explains the lawful basis behind each category and the controls you can flip from your profile.
Account Closure
Walks through how to shut your bandot account; this policy details what happens to your stored data afterwards and the retention windows that apply by record type.
KYC Notice
Covers identity document handling; this policy frames the wider data lifecycle, so KYC sits inside one consistent retention and access framework rather than a separate silo.
Marketing Preferences
Toggled inside your profile; this policy sets the lawful basis for those messages and explains how withdrawing consent flows back through our systems within 24 hours.
Payment Records
Reconciliation logs for DANA, OVO, GoPay and QRIS sit under finance retention rules. This policy tells you how long those references stay attached to your account.
Complaint Path
If a privacy concern isn't resolved by our desk, escalation routes are listed here and match the dispute clause in our terms — no duplicate forms, no contradictory deadlines.
SERVICE CONTEXT

What Shapes This Policy Page

A few elements define how this privacy page is built so you can navigate it quickly and find what matters to your bandot account.

Section Anchors Each clause has a jump-to anchor in the side rail...
Last Updated Stamp The header carries the date this policy was last edited...
Defined Terms Words like 'personal data', 'processing' and 'retention' are defined once...
Rights Summary A short panel near the rights clause lists everything you...
Contact Block The privacy contact sits in a fixed block, not buried...
Mobile Layout The page reflows cleanly on phones, with collapsible clauses and...

Common Questions About This Policy

We collect the basics you submit — name, contact details, date of birth — plus the identity document needed for verification and the payment reference linked to your chosen method, whether that's DANA, OVO, GoPay or QRIS.

Active account data stays with bandot for as long as your account is open. Once you close it, most records move into a short retention window set by Indonesian financial and tax rules, then they're retired from our live systems.

Yes. Open Privacy Controls inside your bandot profile and request an export. We package your account details, session history and transaction references into a readable file and email it to the address on file within seven days.

Only with processors we need to run the service — payment partners, identity verification providers and cloud infrastructure. Each sits under a written contract with confidentiality and security terms. We do not sell your data to outside marketers.

Essential cookies keep your session and lobby working. Analytics and marketing cookies only fire after you accept them in the banner. You can change those choices any time from the cookie panel linked in the footer.

References tied to DANA, OVO, GoPay and QRIS stay attached to finished transactions for the retention period required by local record-keeping rules. After that window closes, they're removed from our active databases along with the rest of your account data.

Email [email protected] or open the in-app chat and tag your message 'privacy'. Our data officer handles these directly, confirms receipt within one business day and works through standard requests inside a week.