jago138Privacy Policy

Data Collection on jago138

We collect different categories of information depending on how you interact with jago138:

Registration and account data

When you register a jago138 account, we require your legal name, date of birth, email address, mobile phone number, and national ID (KTP) for Indonesian users or equivalent government-issued ID for users in other jurisdictions. We also ask for your residential address. This information is used to verify your identity (KYC — Know Your Customer), comply with anti-money-laundering regulations, and ensure you are 18 or older. We store this data encrypted on our servers; it is not shared with third parties except where required by law or for fraud prevention.

Payment and transaction data

When you deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer (mobile banking, local payment, online payment, e-wallet), we record the deposit amount, timestamp, payment method, and settlement status. We do not store your full payment credentials (e.g., credit card numbers or bank account passwords) — payment processing is handled by our payment gateway partners, who maintain their own security standards. We retain deposit and withdrawal records for seven years to comply with accounting and tax regulations. During Idul Fitri, Idul Adha, Imlek, and other public holidays, transaction processing may experience delays, and we log these delays in our systems for troubleshooting.

Forecasting and activity data

We record your forecasts (Liga 1 entries, Champions League predictions, Mobile Legends tournaments, casino spins, slot games) along with entry amounts, settlement results, and timestamps. This data helps us detect fraud, resolve disputes, and provide account history for your reference. We use activity data to identify unusual patterns (e.g., rapid account creation and withdrawal) that might indicate fraud or money laundering; if detected, we may freeze your account pending review.

Device and access logs

We log your IP address, device type, operating system, and browser information each time you access jago138. We record login timestamps, logout times, and session duration. This data helps us detect suspicious access patterns (e.g., login from an unusual location or device) and assists with account recovery if you are locked out. We retain access logs for one year, then archive older logs for compliance purposes.

How We Use Your Data on jago138

We use the data we collect for the following purposes:

• Account verification and KYC: We verify your identity to comply with anti-money-laundering (AML) and counter-terrorism financing (CTF) regulations. Our compliance team reviews your KTP and selfie; if there are discrepancies, we may request additional documents or deny account creation.
• Payment processing: We use payment data to process deposits and withdrawals, reconcile transactions, and maintain accounting records. We share deposit data with our payment processors (mobile banking, local payment, online payment partners, etc.) to complete transactions.
• Fraud detection: We analyse your account activity, login patterns, and transactions to identify fraud, money laundering, or problem gambling signals. If we detect unusual patterns, we may place a temporary hold on your account pending investigation.
• Dispute resolution: If you dispute a settlement (e.g., a Liga 1 entry you believe was settled incorrectly), we use your activity and transaction history to investigate and respond.
• Legal compliance: We retain data as required by Indonesian law, including tax regulations, gaming licensing requirements (where applicable), and law enforcement requests.
• Customer support: We use your contact information to respond to support requests, account recovery, and service notifications.

Third-Party Data Processors and Partners

We share your data with the following categories of third parties:

Payment processors

When you deposit via e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, or bank transfer, we share your name, account number (for bank transfers), and transaction amount with the payment provider to complete the transaction. These third parties maintain their own privacy policies; we are not responsible for their data handling practices, but we select partners with strong security standards.

Compliance and fraud partners

We may share your KYC data (name, date of birth, national ID) with external compliance and fraud-detection services to verify your identity and detect money laundering or sanctions violations. These services operate under confidentiality agreements and are not permitted to use your data for marketing.

Law enforcement and legal requirements

We may disclose your personal data to law enforcement, tax authorities, or courts if we receive a valid legal request (subpoena, warrant, or court order). We comply with Indonesian law and laws of other jurisdictions where we operate. We do not proactively contact authorities about your account; disclosure occurs only in response to legal process.

Service providers

We engage hosting providers, email services, and customer support platforms to operate jago138. These vendors have access to your data only to the extent necessary to provide their services and are bound by confidentiality agreements.

Data Retention on jago138

We retain your personal data for the following periods:

• Identity and KYC data: Retained for seven years after account closure (for tax and AML compliance).
• Payment and transaction records: Retained for seven years for accounting and tax purposes.
• Forecasting and activity history: Retained for seven years; older entries are archived but accessible if you request account history.
• Access logs and device data: Retained for one year; older logs are deleted except where required for legal holds.
• Communications (support tickets, emails): Retained for three years unless a legal dispute requires longer retention.

If you close your jago138 account, we retain your data for the periods above to comply with legal obligations. We do not delete data prematurely even after account closure. If you request data deletion (subject to legal holds), we pseudonymise your data where possible — rendering it non-identifiable — rather than complete deletion.

Cookies and Tracking on jago138

We use cookies and similar tracking technologies on jago138 to:

• Session management: We use session cookies to keep you logged in while you browse football markets, place Liga 1 entries, or play casino games. These cookies expire when you close your browser or log out.
• Preference storage: We store your language preference (English or Indonesian), display preferences (light/dark mode), and account settings using persistent cookies.
• Security and fraud detection: We use cookies to track login history and detect unauthorised access attempts.
• Analytics: We use analytics cookies (via third-party services) to understand how users navigate jago138, which markets are most popular (e.g., Champions League or Piala AFF during tournament season), and how often you visit. This data is aggregated and does not identify you personally.

You can control cookies via your browser settings. If you disable cookies, some jago138 features (like staying logged in) may not work properly. We do not use third-party advertising cookies to track you across other websites for targeted advertising.

Your Rights on jago138

Depending on your jurisdiction, you may have rights regarding your personal data:

Right to access

You have the right to request a copy of all personal data we hold about you. Contact our support team via live chat, email, or in-app messaging to submit an access request. We will provide your data in a structured, commonly-used format (e.g., CSV or PDF) within 30 days.

Right to correction

If your KYC data (name, date of birth, address) is inaccurate, you can request correction. Log into your jago138 account, navigate to Account Settings, and update your information. If you cannot update a field (e.g., your national ID number), contact support to request a correction.

Right to deletion

You may request deletion of your personal data, subject to legal holds. We cannot delete data required by law (e.g., transaction records for tax purposes) or data needed to resolve disputes. Contact support to discuss deletion options; we will advise which data can be deleted and which must be retained.

Right to data portability

You can request that we export your data in a portable format so you can transfer it to another service. We provide data exports in standard formats upon request.

Right to object

You can object to certain uses of your data (e.g., analytics tracking, fraud-detection profiling) by adjusting your account preferences or contacting support. Note that some data uses are necessary for account security and compliance; objection may restrict your ability to use jago138.

Data Security on jago138

We use industry-standard security measures to protect your data:

• Encryption: All data in transit (between your device and our servers) is encrypted using TLS (Transport Layer Security). Data at rest on our servers is encrypted using AES-256.
• Access controls: We limit employee and vendor access to your data to those who need it for their roles. All access is logged and audited.
• Regular security testing: We conduct penetration testing and security audits to identify and fix vulnerabilities.
• Incident response: If we detect a data breach, we investigate, contain the breach, notify affected users, and report to regulators as required by law.

While we employ strong security practices, no system is completely secure. We cannot guarantee absolute protection against determined attackers or insider threats. If you suspect your jago138 account has been compromised (e.g., unauthorised login, missing balance), contact support immediately so we can verify and recover your account.

International Data Transfer

Our servers may be located outside Indonesia and may be in countries with different data protection laws. By using jago138, you consent to your data being transferred to and processed in these jurisdictions. We maintain adequate safeguards (such as encryption and contractual protections) to ensure your data remains secure regardless of server location. If you have concerns about international data transfer, contact our support team for details about our specific server locations and protections.

Contact Us About Privacy

If you have questions about this privacy policy, want to exercise your rights, or have a privacy concern, contact our support team:

• Live chat: Available during business hours; select "Privacy Inquiry" as your topic.
• Email: Send your request to our privacy contact (available in your account settings or via support).
• In-app messaging: Log into jago138 and use the in-app help feature to submit a privacy request.

We aim to respond to privacy requests within 30 days. If your request is complex or requires investigation, we may need more time; we will update you with a timeline.

Policy Changes

We may update this privacy policy periodically to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you via email or by posting a prominent notice on jago138. Your continued use of jago138 after policy changes constitutes acceptance of the updated policy. We encourage you to review this policy regularly to stay informed about how we handle your data.

Services on jago138 are available only where applicable law permits. This privacy policy applies to all jago138 users regardless of their location, but your rights and our obligations may vary by jurisdiction. If you believe we are not complying with applicable privacy laws in your jurisdiction, please contact us or your local data protection authority.