mandiri Privacy Policy

This page describes what we collect when you use e-wallet and how we keep that data protected. We at mobile banking collect personal information during account registration, deposit and withdrawal, gameplay, and customer support interactions. We use this information to operate our platform, comply with anti-money-laundering law, and provide customer service.

Our commitment is to handle your data transparently and securely. We do not sell your personal information to third parties for marketing purposes. We may share data with payment processors, fraud-detection partners, and legal authorities when required by applicable law. Your data is encrypted in transit and at rest, using industry-standard SSL and database security protocols.

We store your data for seven years after account closure to comply with financial regulation. You retain the right to request data deletion, subject to legal retention obligations. Our support team responds to data-access and deletion requests within ten business days. If you have concerns about our privacy practices, contact us during business hours (Monday–Friday, 09:00–18:00 Indonesia Standard Time).

What we collect on mandiri and why

We collect several categories of information when you use e-wallet. Your account information includes your legal name, date of birth, email address, and phone number. We use this to verify your identity, communicate with you about account activity, and comply with anti-money-laundering regulations.

We collect payment information when you deposit or withdraw. This includes the payment method you use (mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, or bank account details for online payment, e-wallet, mobile banking, local payment), transaction amounts, and settlement dates. We do not store your full credit card number or bank password—payment processors handle sensitive payment credentials securely on their own servers. We retain transaction records for seven years to satisfy financial audit and compliance requirements.

We collect gameplay information when you play on online payment. This includes which games you access, your bet sizes, session duration, and outcomes. We use this data to detect fraud, investigate disputes, and understand player engagement patterns. We do not use gameplay data to manipulate odds or unfairly target specific players.

Know Your Customer (KYC) documentation

Before your first withdrawal on e-wallet, we require KYC verification. We ask for a copy of your national ID, passport, or driving licence; a recent utility bill or official letter confirming your address; and sometimes a selfie holding your ID next to your face. We collect this to verify your identity, prevent fraud, and comply with regional anti-money-laundering frameworks.

We store these documents securely in encrypted form. Our compliance team reviews them during your first withdrawal request—the process typically takes one to three business days. Once verified, we retain your KYC documents for seven years. You can request deletion after that period, subject to any continuing legal obligations.

Support and communication data

When you contact our mobile banking support team via email or live chat, we collect and retain your message, our response, and any attachments. We use this data to resolve your issue, train our support staff, and improve our service. Support conversations may reference your account history, recent transactions, or game-specific questions—all of which we treat as confidential.

Data we collect and why

Account information (name, email, phone) for identity verification and communication.
Payment details for deposit/withdrawal processing and fraud prevention.
Gameplay records for dispute resolution and fair-play monitoring.
KYC documents (ID, address proof, selfie) for anti-money-laundering compliance.
Support communications for issue resolution and service improvement.
Device and browser information (IP address, user agent) for security and fraud detection.

Our mandiri data protection and third-party sharing

We protect your data using SSL encryption during transmission between your device and our servers. Our databases are encrypted at rest and accessible only to authorized e-wallet staff via secure authentication. We conduct quarterly security audits and penetration testing to identify and remediate vulnerabilities. We maintain separate backups to prevent data loss during system failures.

Our servers may be located outside your home jurisdiction—typically in data centres operated by cloud providers in Southeast Asia or Europe. By using mobile banking, you consent to your data being transferred to and stored in these locations. We maintain data-protection standards consistent with regional law regardless of server location.

Third-party processors and information sharing

We share your data with third parties only when necessary to operate local payment. Our payment processors (the partners behind online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, and bank integrations) receive transaction information directly from you; we do not resend payment data through our servers. These processors are contractually obligated to protect your data and use it only for payment settlement.

We may share limited data with fraud-detection services to identify suspicious patterns or prevent account compromise. We may also share data with legal authorities (police, tax agencies, financial regulators) when required by law or court order. We do not voluntarily disclose user data to law enforcement without legal process unless a credible immediate threat to public safety is present.

Cookies and tracking on mobile banking

We use cookies to maintain your login session, remember your preferences, and analyze how players use local payment. Session cookies expire when you close your browser. Preference cookies persist for up to one year and allow us to remember your language choice or default game category. Analytics cookies help us understand which games are popular in Jakarta, Surabaya, Bandung, Medan, and Semarang, informing our content decisions.

We do not use cookies for targeted advertising across third-party websites. You can disable cookies in your browser settings, though this may limit online payment functionality (e.g., you would need to log in more frequently). We do not track you across websites outside e-wallet unless you voluntarily link your account to a social-media platform.

Our mobile banking privacy approach prioritizes data minimization, encryption, and limited third-party sharing—balancing player privacy with compliance obligations and fraud prevention.

local payment privacy team

Your data rights on online payment

You have the right to request a copy of all personal data we hold about you. You can request this via email to our support team; we will provide a complete export of your data within ten business days. You also have the right to request correction of inaccurate data—if your name or address changed, contact us and we will update your account.

You can request deletion of your account and associated data, subject to legal retention obligations. We will delete your account information upon closure, but we may retain transaction records for seven years to comply with financial regulation and anti-money-laundering law. You cannot request deletion of transaction history that is legally required to be retained.

Policy updates and contact

We update this privacy policy periodically to reflect changes in our practices or applicable law. We will notify you of material changes via email; continued use of e-wallet after an update signals acceptance of the revised policy. If you have questions or concerns about our privacy practices, contact our support team during business hours. We also encourage you to review our related documents on data handling and account security.