idagent138Privacy Policy

This page describes what data we collect when you use idagent138 and how we keep that data protected. When you create an account, deposit funds, or play on our platform, we handle your personal information with encryption and secure storage. Our commitment is to be transparent about what we collect, why we collect it, and how long we keep it.

We at idagent138 collect personal data for three core reasons: Know Your Customer (KYC) verification to comply with anti-money-laundering regulations; payment processing to handle your deposits and withdrawals via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet; and account security to protect your balance and detect fraud. We do not sell your data to third parties, and we do not use it for marketing or advertising without your consent.

If you have questions about how we handle your data, want to request a copy of your personal information, or wish to delete your account, contact our support team. We will respond within five business days.

What data we collect on idagent138

When you open an account with us at idagent138, we collect the following information:

Email address

Used for account recovery, login verification, and communication about your account status.

Phone number

Used for two-factor authentication and account recovery. We send verification codes via SMS when you enable 2FA.

Full name and date of birth

Collected during KYC verification to confirm your legal identity and age.

Identity document

We require a scan or photo of your passport or national ID card for verification purposes.

Payment details

We store your registered e-wallet or bank account information to process deposits and withdrawals.

Betting history

We retain records of all wagers, outcomes, and balances for account reconciliation and dispute resolution.

IP address and device information

We log your IP address, device type, and browser information for security and fraud detection.

We also collect technical data automatically when you use our platform: your device type (Android, iOS, or desktop), your approximate location (derived from IP address), and your session activity (login times, game plays, table visits). This data helps us optimize our mobile app performance, detect suspicious account access, and identify technical issues.

How we use your data and who we share it with

KYC verification and compliance

We use your identity data (name, date of birth, ID document) to verify you are a real person and to comply with anti-money-laundering (AML) and Know Your Customer regulations. This verification is mandatory — we do not process withdrawals without completed KYC. We compare your information against sanctions lists and fraud databases to ensure you are not on any restricted party list. This verification process typically takes 24–48 hours.

Payment processing and financial records

We at idagent138 share your payment details only with our authorised payment processors. When you deposit via DANA, e-wallet, or any other e-wallet, we pass your phone number or account handle to the provider's API to initiate the transaction. When you withdraw, we send your registered bank account or e-wallet details to our settlement provider. We never store your credit card details or full bank account numbers — only the last four digits for reconciliation. Our payment processors are contractually bound to keep your data confidential and use it only for transaction settlement.

Third-party processors

We at idagent138 engage third-party service providers for specific functions:

• Payment processors: Handle deposits and withdrawals. They operate in multiple jurisdictions and may store data outside Indonesia.
• Fraud detection services: Monitor account behaviour for suspicious patterns and money laundering indicators.
• Email service provider: Sends account verification emails and password reset links.
• Analytics provider: Tracks app performance and crash logs to improve our platform (anonymised).

Each processor is required to meet data-protection standards equivalent to our own. We do not share your data with marketing companies, data brokers, or any party not directly involved in serving you on idagent138.

Legal and regulatory disclosure

We may disclose your personal data if required by law — for example, if a court issues a subpoena, if we receive a request from local gambling regulators, or if we suspect money laundering or fraud. We will notify you of such disclosure unless legally prohibited.

Data retention and deletion

We at idagent138 retain your account data while your account is active. After you close your account, we retain essential records (transaction history, identity verification) for seven years to comply with regulatory and tax requirements. We do not delete identity or financial data sooner. You may request deletion of non-essential data (such as your phone number or email) at any time, but we will retain minimum data for compliance purposes. Identity documents are deleted after seven years unless we are legally required to retain them longer.

Data security and encryption

We at idagent138 protect your data using industry-standard encryption (TLS 1.2 or higher) during transmission between your device and our servers. Data stored on our servers is encrypted at rest. Our data centres are physically secured and monitored 24/7. We conduct regular security audits and penetration testing. If we identify a data breach or unauthorised access, we will notify affected users within 72 hours and inform relevant authorities where required by law.

Cookies and tracking technologies

Our idagent138 platform uses session cookies to keep you logged in and to remember your preferences (language, dark mode, notification settings). These cookies do not track you across other websites. We do not use persistent advertising cookies or third-party tracking pixels. When you close your browser, session cookies are deleted automatically. You can disable cookies in your browser settings, but some platform features may not work properly if you do.

Your rights and data access

You have the right to request a copy of all personal data we hold on you. We will compile your data in a machine-readable format (CSV or JSON) and provide it within 14 days. You may also request correction of inaccurate data, though this does not change historical transaction records. You cannot request deletion of KYC data or financial records — we must retain these for regulatory compliance. You may request that we cease sending you marketing emails at any time. To exercise these rights, contact our support team with your account details and specific request.

International data transfers

Our servers operate primarily in Indonesia, but we may use cloud infrastructure or payment processors located in other countries (Singapore, Malaysia, or Australia). When your data is transferred outside Indonesia, we ensure it receives protection equivalent to Indonesian data-protection standards. You acknowledge that your data may be processed in multiple jurisdictions when you accept this privacy policy.

Policy updates

We at idagent138 may update this privacy policy from time to time. If we make material changes (such as new data collection or sharing with new third parties), we will notify you via email and ask for your consent before the changes take effect. Your continued use of idagent138 after we post updated terms constitutes acceptance of the new policy.

Contact us about privacy

If you have questions about our privacy practices, believe we have mishandled your data, or wish to exercise your rights, contact our support team. You may also file a complaint with the local data-protection authority in Jakarta, Surabaya, Bandung, Medan, or Semarang (depending on your location) if you believe we have violated your privacy rights. We will work to resolve your concern within 30 days.