How bandit4d Handles Your Account Data
This is the bandit4d privacy policy — the document that explains what we collect when you open an account, why we hold it, and how long it sits...
Privacy Posture and Jurisdiction Notes
Our privacy posture follows Indonesian data protection expectations and applies wherever local law permits account access on bandit4d. When you sign up we record identity fields, contact details, device fingerprints and the wallet reference linked to your deposits. We process this data to verify you, run anti-fraud checks, settle sportsbook and casino rounds, and meet record-keeping rules in supported regions. We do
not sell your data. Third-party processors — payment gateways, KYC vendors, hosting — see only what they need, under contract. You can request a copy, a correction, or deletion of your record by contacting our policy desk; we respond inside the windows set by Indonesian regulation.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
Privacy Contact Paths
Privacy Desk Email
Send data-subject requests, correction notices or deletion requests to our privacy inbox. We log every email, assign a ticket and reply within the response window Indonesian privacy rules require for your account.
In-App Policy Chat
Open the chat bubble inside your bandit4d account and pick the Privacy topic. Our agents route policy questions to the data team rather than the standard lobby support queue, so answers stay specific.
Postal Records Request
For formal records or regulator-routed requests, our registered correspondence address accepts written notices. Include your registered phone number and the DANA, OVO, GoPay or QRIS reference tied to the account.
How We Review This Policy
Legal Review Cycle
Our in-house counsel rereads this policy each quarter and after any Indonesian regulatory update. Edits are versioned, dated and pushed to this page so you always see the live posture, not last year's wording.
Data Team Sign-Off
Every policy change is signed off by the data protection lead before publication. They confirm what we describe here matches what our servers actually do across casino, slots and sportsbook flows.
KYC Vendor Audits
The vendors that verify your ID undergo annual audits. We document their certifications and only keep partners whose handling of your selfie and document matches the standards described in this policy.
Encryption Standards
Account credentials, KYC files and wallet references travel under TLS and rest encrypted at the database layer. Internal access requires named approval, and every read on your record is logged for review.
Breach Response Plan
If a data incident touches Indonesia accounts, we follow a written response plan: contain, assess, notify regulators inside legal windows, then email affected account holders with clear next steps and remediation.
Independent Complaints Path
You're not stuck with us. If our reply doesn't satisfy you, the policy points to the Indonesian regulator path you can escalate to, with the reference numbers we'll provide on request.
Consistency Across Our Policy Pages
| Privacy vs Terms | This page covers data handling. Our Terms page covers account conduct and settlement. Where they overlap — like KYC — both documents stay aligned and reference each other rather than contradicting. |
|---|---|
| Privacy vs Cookies | Cookie behaviour gets its own notice. This policy summarises it but the cookie page lists every tag, vendor and retention window so you can opt categories on or off. |
| Privacy vs AML | Anti-money-laundering checks live in our compliance notice. This privacy policy explains what data those checks consume and how long the resulting records stay on file. |
| Privacy vs KYC | KYC steps are described operationally in the verification notice. Here we focus on the privacy side: who sees your document, where it's stored, and when it's purged. |
| Privacy vs Payments | Payment terms describe how DANA, OVO, GoPay and QRIS settle. This policy describes which payment metadata we keep against your account and why we keep it. |
| Privacy vs Bonuses | Promo terms explain eligibility. This page explains what behavioural data informs eligibility checks and how we separate marketing data from settlement records. |
| Privacy vs Support | Support transcripts are retained under the windows listed here. The support page describes channels; this page describes how long the chat log against your account survives. |
What Defines Our Policy Layout
Versioned Header
Every revision shows a date and version tag at the top. You can tell at a glance whether the policy you're reading is the live one or an archived snapshot from a previous quarter.
Plain-English Sections
We split the policy into short, named sections — collection, use, sharing, retention, rights — so you can jump to the part you actually need instead of scrolling a single legal wall.
Indonesia Context Notes
Where Indonesian rules differ from generic privacy boilerplate, we flag the local context inline. You see exactly which clause applies because of where your account is registered.
Inline Definitions
Terms like processor, controller and KYC are defined the first time they appear. No glossary hunt — the meaning sits next to the sentence using the word.
Rights Summary Block
Your data rights — access, correction, deletion, objection — sit in their own block with the contact path right beside each one. One read tells you how to exercise any of them.
Change Log Footer
At the bottom we list what changed in the last few revisions in one line each, so returning readers can verify quickly whether anything material has shifted since their last visit.