gojek200 Platform Privacy Notice

What data we collect on gojek200

We collect information in several categories. During account registration, we ask for your email address, phone number, username, and a password. During account verification (KYC), we request your legal name, date of birth, government-issued ID number (KTP or passport), residential address, and a photo of your ID document. For payment processing, we collect details of your nominated withdrawal account—bank name, account number, account holder name—and payment method credentials (e-wallet app linked to your account).

We also log activity data: match dates, market selections, stake amounts, outcome results, login times, device information (browser type, operating system, IP address), and session duration. This activity log helps us detect fraud, resolve disputes, and comply with anti-money-laundering regulations. We do not retain passwords in plain text—they are hashed using encryption. We do not store full payment card numbers; payment processors handle card data separately using secure tokenization.

• Registration data: email, phone, username, password (hashed)
• Verification data: legal name, date of birth, ID number, residential address, ID photo
• Payment data: bank or e-wallet account details, withdrawal method
• Activity data: session logs, market engagement, transaction history, device info, IP address
• Communication data: support tickets, emails, chat transcripts

How we use your data on gojek200

We use registration and verification data to create and secure your account. We apply KYC data to verify your identity, prevent fraud, and comply with financial regulations. We use payment data to process deposits through DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, and e-wallet—and to route withdrawals back to your chosen method. We log activity data to track Liga 1, Piala AFF, Champions League, and other market engagement; to settle outcomes; and to identify unusual patterns that signal account compromise or fraud.

We may contact you via email or phone to confirm account activity, notify you of deposits or withdrawals, or ask follow-up questions during verification. We do not use your data for marketing unless you explicitly opt in. We do not share your information with advertisers or data aggregators. Our employees access data only when needed to support your account or investigate fraud. Payment processors (banks, e-wallet providers) see transaction data necessary to process your deposits and withdrawals—they have their own privacy policies governing their use of that data.

Data retention and deletion on gojek200

We retain account and verification data for as long as your account is active and for a period after closure (typically three to five years) to comply with anti-money-laundering regulations and resolve any disputes. Activity logs (session history, transaction records) are stored for the same period. Deleted account data is securely disposed of after the retention window expires—we do not retain it indefinitely. If you request account closure, we mark your account as inactive and retain only data necessary for legal and compliance purposes.

You have the right to request access to your personal data, to correct inaccuracies, and to request deletion where legally permitted. Contact our support team with your request, and we will respond within thirty days (or the timeframe required by applicable law). Note that we cannot delete data required for regulatory compliance or active dispute resolution—we will explain any limitations when you submit your request.

Third parties and data processors we work with

We work with payment processors—banks (mobile banking, local payment, online payment, e-wallet) and e-wallet providers (mobile banking, local payment, online payment, e-wallet, mobile banking)—who process deposits and withdrawals on our behalf. These processors receive transaction data and customer names but do not see your full gojek200 activity. They have their own privacy policies. We also work with cloud infrastructure providers who host our servers and databases. Our servers may sit outside your jurisdiction (commonly in Southeast Asia or the Asia-Pacific region). Data transfers to these processors are governed by data processing agreements that require them to protect your information.

We do not share data with law enforcement or government agencies unless required by legal process (court order, warrant). If we receive a request, we notify you unless law forbids us from doing so. We engage with fraud-detection services to identify suspicious account patterns and protect against misuse.

Your rights and our commitments on gojek200

We commit to protecting your data through encryption, access controls, and regular security audits. We use industry-standard protections: HTTPS for web communication, encrypted storage for sensitive data, and role-based employee access. Our servers are firewalled and monitored. In the event of a data breach, we notify affected users within the timeframe required by applicable law. We do not store backup copies of deleted data indefinitely—after retention periods expire, data is securely disposed of.

You have rights under applicable privacy law. You can request access to your data, ask us to correct inaccuracies, request deletion (subject to legal constraints), and object to certain uses. You can opt out of non-essential communications (e.g., promotional emails) by adjusting your account settings or contacting us. You have the right to data portability—we can export your account data in a structured format. To exercise these rights, contact our support team. We respond within thirty days or the timeframe required by your jurisdiction's privacy law.

Cookies and tracking on gojek200

Our platform uses cookies to remember your login, store language preferences, and track session activity. Cookies are small text files stored on your device. We use session cookies (deleted when you close your browser) for authentication and functional cookies to improve user experience. We do not use tracking cookies for advertising purposes. Third-party services we integrate (e.g., payment processors) may place their own cookies; their use is governed by their privacy policies.

You can disable cookies in your browser settings, but this may limit gojek200 functionality (e.g., you may need to log in each time). We do not use cookies to collect data outside of gojek200 or to build profiles for advertising. Our cookie use is minimal and necessary for platform operation.

Contact us about privacy on gojek200

If you have questions about how we handle your data, privacy concerns, or wish to exercise your data rights, contact our support team. You can reach us via the contact form on our FAQ pageby email to our compliance address, or through channels listed on our legal notice page. For data-subject access requests, include your account number and specify what data you are requesting. For deletion requests, specify which data category you wish deleted and explain your reason. Our team responds to routine inquiries within five business days; complex requests may take longer.

If you believe we have violated your privacy rights or applicable privacy law, you have the right to lodge a complaint with your jurisdiction's data protection authority. We cooperate with regulatory investigations and privacy inquiries. Your jurisdiction may have specific authorities (data protection officer, privacy commissioner) you can contact; we recommend consulting their website for complaint procedures. This policy is effective as of its publication date and may be updated periodically. We notify users of material changes via email or account notification.

We remain committed to protecting your privacy and maintaining transparency about how we use your data. Our practices reflect our obligation to you and our compliance with applicable privacy law across the jurisdictions where gojek200 operates.