mposakti Platform Privacy Notice

This page describes what we collect when you use mposakti and how we keep that data protected. Digital payment adoption across Indonesia has grown significantly — DANA, e-wallet, mobile banking, and local payment now process millions of transactions monthly — and securing the information tied to those transactions is central to how we operate mposakti.

We collect personal data only to run our platform, process your account, handle withdrawals, and comply with local law. We encrypt all data in transit and at rest, store it securely, and do not share it with third parties except where required by law or for payment processing. You have rights over your data — you can request access, correct information, or ask for deletion under the conditions set out in this notice.

Our privacy policy covers account holders across Jakarta, Surabaya, Bandung, Medan, Semarang, and other supported regions. If you have questions about how we handle your data, our support team is available in English during business hours.

What Data We Collect on mposakti

We collect four categories of data when you use mposakti. First, account information — your name, email, phone number, date of birth, and residential address. You provide this when you register, and we use it to identify you, verify your account, and contact you if needed. Second, verification documents — government-issued ID and proof of address — which we collect during account verification and keep in encrypted form for the retention period required by law, then discard.

Third, payment information — your chosen payment method (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) and transaction history — which we collect to process deposits and withdrawals. We do not store full payment card details on our servers; your payment provider handles that. Fourth, activity data — your game play, bets, session logs, and login records — which we log to detect fraud, resolve disputes, and improve our service.

Data We Do Not Collect

We do not collect biometric data, browsing history outside mposakti, or data about your other online accounts. We do not use cookies to track you across websites; our cookies only track your session on mposakti itself (login state, language preference, session timing). We do not sell your data to advertisers or third-party marketers. We do not process special categories of data — religion, ethnicity, health status — unless you voluntarily provide it, and we do not use that data for any automated decision-making about your account.

Your data stays encrypted: We encrypt all personal data in transit (using TLS/SSL) and at rest (using AES-256). Even if our servers were breached, your data would remain unreadable without the encryption key.

How We Use Your Data on mposakti

We use your account information to verify your identity, process your deposits and withdrawals, and comply with anti-money-laundering (AML) and know-your-customer (KYC) regulations. We use your activity data to detect fraud, resolve disputes (for example, if you claim a game outcome was incorrect), and improve our platform. We use your contact details to send you account notifications — withdrawal confirmations, verification requests, security alerts — and respond to your support inquiries.

We do not use your data for marketing unless you opt in. We do not send promotional emails unless you have explicitly agreed to receive them. You can opt out of non-essential communications anytime by clicking the unsubscribe link in any email we send.

Data Retention and Your Rights on mposakti

We keep your account information and activity logs for the duration of your account and for seven years after closure to comply with financial regulations. Verification documents (ID, proof of address) are retained for five years after collection, then securely destroyed. Payment transaction records are retained for ten years per banking regulations. We do not keep data longer than necessary for these legal purposes.

Your Rights and Data Requests

Under data protection law, you have the right to request access to your personal data on mposakti. We will provide a copy of your information in a readable format within 30 days of your request. You also have the right to correct inaccurate data — if your address has changed, update it in your account settings or contact our support team. You can request deletion of your data, though we may retain some information if we are legally required to do so (for example, transaction records for tax or regulatory purposes).

To exercise these rights, contact our support team with a clear request — "I want to access my mposakti data", "Please correct my address to [new address]", or "I request deletion of my account and associated data". We will verify your identity and respond within 30 days. If you disagree with how we handle your data, you may lodge a complaint with your local data protection authority.

We treat your data as an asset we hold in trust, protected by encryption and used only for the purposes you agreed to when you opened your mposakti account.

mposakti Privacy Team

Third-Party Processors and Data Transfer

We use third-party processors to run mposakti securely. Our payment processors (linked to DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) handle payment data directly — we do not pass your full payment details to them, but they process your transaction. Our cloud infrastructure provider hosts our servers and databases. Our security auditor performs annual penetration tests and vulnerability assessments.

Our servers may be located outside your jurisdiction. By using mposakti, you consent to your data being processed and stored internationally in the locations where our servers operate. These locations are selected for security and performance, and we ensure all processors meet our encryption and security standards. Data transfers to processors comply with international data protection standards.

Cookies and Tracking on mposakti

We use cookies on mposakti for essential functions — maintaining your login session, storing your language preference, and tracking session duration for security (to log you out if you are inactive). These cookies are functional cookies, not tracking cookies. They do not follow you across other websites. You can disable cookies in your browser settings, but doing so will prevent mposakti from functioning correctly (you will be logged out frequently, for example).

We do not use advertising cookies or analytics cookies that track your behaviour. We do not share cookie data with third parties. If you want to see what cookies we set, inspect your browser's cookie storage while logged into mposakti — you will see only session-related cookies from mposakti.app.

Security Practices and Breach Notification

We protect your data using encryption, regular security audits, and staff access controls. Only staff members who need your data to perform their role can access it. We conduct annual security assessments by independent third-party auditors. If we discover a data breach that could harm you, we notify you and the relevant authorities within 72 hours as required by law.

You also have a responsibility to protect your mposakti account. Keep your password strong and unique, enable two-factor authentication (2FA), and do not share your login details with anyone. If you suspect unauthorised access, change your password immediately and contact our support team.

Contact Us About Privacy

If you have questions about how mposakti handles your data, our privacy team is available during business hours in English. Email our support address or use the contact form in your account dashboard. This privacy notice was last updated in accordance with current data protection standards and may be updated periodically — check this page for the most current version.