imbas Platform Privacy Notice

This page describes what data we collect when you use imbas and how we keep that data protected. We at imbas take privacy seriously because your personal information—email, identity documents, payment details, and betting history—underpins every account you create and every transaction you make on our platform.

We collect only what is necessary for account verification, payment processing, and compliance with local law. We do not sell your data to advertisers or marketing firms. We do share information with payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) and fraud-detection services, but only to complete your request or prevent abuse.

Below, we detail what we collect, how long we keep it, your rights, and how to contact us if you have privacy concerns. This policy applies to all imbas users accessing our platform from any device or jurisdiction where our services are available.

What data we collect on imbas

When you register an account on imbas, we collect your email address and a password you set. We do not store your password in plain text; we hash it so even our staff cannot read it. If you forget your password, we send a reset link to your email—we never send the password itself.

Before your first deposit or withdrawal, we require identity verification. We collect one government-issued ID (KTP, passport, or SIM), a selfie for facial matching, and proof of address (utility bill or bank statement). We store these documents encrypted and retain them for seven years to comply with anti-money-laundering regulations.

We collect transaction data: every deposit, withdrawal, bet, and win. We log your IP address, device type, browser version, and approximate location (country/region, not street address) to detect fraud and comply with our terms. We also collect cookies and session tokens so you stay logged in across page refreshes.

Data we collect on imbas

  • Email address and hashed password
  • Government ID, selfie, and proof of address for verification
  • Payment details sent only to payment processors (we do not store card numbers)
  • Betting history, wins, and losses (for your account statement and tax compliance)
  • IP address, device type, and session cookies
  • Support tickets and chat history if you contact our team

How we use your data on imbas

We use your email to verify your account and send withdrawal confirmations, support replies, and critical security alerts. We do not use your email for marketing unless you explicitly opt in. We use your identity documents to confirm you are above the minimum age, match your name to your payment method, and comply with anti-money-laundering rules.

We use your betting history to generate your account statement (showing deposits, withdrawals, and net wins/losses), to detect problem gambling patterns (if you request account restrictions), and to comply with tax reporting if required by your jurisdiction. We use your IP address and device data to prevent account takeovers and fraud.

If you contact our support team—whether via live chat during Liga 1 season, email during Idul Fitri holidays, or in-app help during Piala AFF coverage—we store your message and our response so we can assist you faster on future issues and improve our service. We also analyze support trends to identify common problems.

Who we share your data with on imbas

We share your data with payment processors when you deposit or withdraw. When you request a DANA withdrawal, e-wallet receives your name, phone number, and amount—that is necessary for them to complete the transfer. We do not share your ID document or betting history with payment processors.

We may share aggregated, anonymous data with fraud-detection services and analytics companies—for example, "500 logins from Jakarta in the last hour" or "non-specific info of users from Medan requested a withdrawal on Idul Adha." This data is anonymized; it does not identify you personally.

We share your data with law enforcement or regulators if compelled by legal process (subpoena, warrant, or court order). We notify you of such requests unless prohibited by law. We do not share your data with advertisers, brokers, or any third party for marketing purposes.

Our data retention policy on imbas

We retain your identity documents for seven years (anti-money-laundering requirement). We retain your transaction history for at least seven years (tax and audit compliance). We retain support chat logs and email for two years unless you request deletion. We retain your email address and hashed password as long as your account exists; if you delete your account, we anonymize your data after 30 days.

If a dispute arises (e.g., you claim a withdrawal did not arrive), we retain relevant records indefinitely to resolve it. Cookies and session tokens expire after 30 days of inactivity or when you log out.

Note: Our servers may sit outside your jurisdiction. Your data may be processed in data centres outside Indonesia or your country of residence. By using imbas, you consent to this cross-border data transfer.

Your rights on imbas

You have the right to request a copy of your data. Contact our support team with "Data Request" in the subject line, and we will provide your account details, transaction history, and identity documents in a machine-readable format within 30 days.

You have the right to request correction or deletion of inaccurate data (e.g., if your name is misspelled on your verified ID). However, we may retain data longer if required by law or to resolve disputes. You have the right to object to our use of your data for fraud detection or analytics—contact support to discuss.

You have the right to account deletion. Contact our support team and request account closure. We will anonymize your personal data after 30 days but retain transaction records as required by law for seven years.

Cookies and tracking on imbas

We use cookies to keep you logged in, remember your preferences, and detect fraud. These are essential cookies; without them, imbas would not function. We do not use cookies to track you across other websites. We do not sell cookie data to advertisers.

You can disable cookies in your browser settings, but this will log you out of imbas and may break features. We also use local storage (similar to cookies) to cache game data so slots and live-dealer tables load faster on low-data connections in Surabaya and Bandung.

Summary of our imbas privacy commitment

We at imbas collect only the data necessary for account verification, payment processing, and compliance. We do not sell your data. We encrypt sensitive information and delete it after legal retention periods expire. We share data with payment processors and fraud services only when necessary, and with law enforcement only under legal compulsion.

You have rights: request a copy of your data, correct inaccuracies, delete your account, and opt out of non-essential processing. If you have privacy concerns or believe we have mishandled your data, contact our support team immediately. We investigate privacy complaints and respond within 30 days.

This policy may change as we improve imbas or respond to new regulations. We will notify you of material changes by email and post an updated policy on this page with a "last updated" date. Your continued use of imbas after a change constitutes acceptance of the new policy.

Contact us about privacy on imbas

If you have questions about how we handle your data, email our support team with "Privacy" in the subject line. We respond in English and Indonesian within 4–6 business hours. You can also reach us through the in-app Help section. If you believe we have violated your privacy rights and our support team has not resolved your concern, you may lodge a complaint with your local data protection authority or the Indonesian Personal Data Protection Office if applicable in your jurisdiction.