indra Platform Privacy Notice
This page describes what we collect when you use indra and how we keep that data protected. We collect your email, legal name, identity documents, payment details (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet account information), and betting history. We use this data to verify your identity, process deposits and withdrawals, settle bets, and comply with local law.
Our servers may sit outside your jurisdiction. We encrypt sensitive data in transit and at rest. We do not sell your personal information to third parties. Payment processors, identity-verification vendors, and fraud-detection services may access your data as part of their contracted services to indra. We retain your data for as long as your account is active, plus a retention period for regulatory compliance.
You have the right to request access to your data, correct inaccuracies, and request deletion (subject to legal retention requirements). Contact our support team to exercise these rights. This policy applies to all users of indra, regardless of location, but our legal obligations vary by jurisdiction.
What Data We Collect on indra
We collect data in several categories. Account data includes your email, legal name, date of birth, phone number, and residential address. Identity data includes government ID (national card or passport) scans and verification status. Payment data includes your DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank account (mobile banking, local payment, online payment, e-wallet) details. Betting data includes all wagers, settlements, and account balance history.
We also collect device data (browser type, operating system, IP address) and usage data (pages visited, time spent, features used). This helps us detect fraud, improve platform performance, and comply with anti-money-laundering regulations. We do not collect biometric data or special categories of personal information (health, religion, political affiliation) unless required by law.
How We Use Your Data on indra
We use your email and identity documents to verify you are who you claim to be. This verification is mandatory before your first withdrawal. We use your payment details to process deposits and withdrawals via mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, and bank transfers. We use your betting history to calculate payouts, settle disputes, and maintain your account ledger.
We use device and usage data to detect fraud, prevent account takeover, and comply with anti-money-laundering rules. If we detect suspicious activity (multiple accounts, unusual betting patterns, rapid deposits and withdrawals), we may freeze your account pending investigation. We use your contact details to notify you of account changes, settlement disputes, and policy updates.
We do not use your data for marketing emails, promotional offers, or third-party advertising. We do not sell your data to brokers, data aggregators, or marketing firms. We do not profile you for credit scoring or insurance purposes. Our use of your data is limited to operating indra and complying with law.
Third-Party Processors and Data Sharing
We share your data with third-party service providers who help us operate indra. Payment processors (online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) receive your payment details to process transactions. Identity-verification vendors receive your government ID and personal details to confirm your identity. Fraud-detection services receive your device data and betting patterns to flag suspicious activity.
We require all third-party processors to sign data-protection agreements. They may not use your data for purposes other than their contracted service to indra. They may not share your data with other parties without our explicit consent. We audit third-party compliance annually.
We may disclose your data if required by law (court order, regulatory investigation, law enforcement request). We will notify you of such disclosure unless legally prohibited. We do not disclose data to third parties for commercial purposes.
We at indra treat your data as a trust. We encrypt it, limit access, and use it only for operating our platform and complying with law. We do not monetise your personal information.
Data Retention and Deletion
We retain your account data (email, name, identity documents, payment details) for as long as your account is active. After account closure, we retain this data for seven years to comply with anti-money-laundering and tax regulations. We retain betting history and settlement records indefinitely for dispute resolution and audit purposes.
You may request deletion of your account and associated data. We will close your account and anonymise your personal information within 30 days. However, we will retain anonymised betting records and transaction logs as required by law. We cannot delete data if an active dispute, investigation, or legal hold is in place.
Device data (IP address, browser type) is retained for 90 days. Usage data (pages visited, time spent) is retained for 12 months. We delete this data automatically after the retention period expires.
Your Rights and Our Security Practices
You have the right to access all personal data we hold about you. Contact our support team with a data-access request; we will provide a copy of your data within 30 days. You have the right to correct inaccurate data (e.g., if your address is wrong, you can update it). You have the right to request deletion of your data, subject to legal retention requirements.
We encrypt all sensitive data (payment details, identity documents) using industry-standard encryption (AES-256 or equivalent). Data in transit is encrypted using TLS 1.2 or higher. We do not store passwords in plain text; we hash them using bcrypt or similar algorithms. We restrict access to personal data to authorised staff only. We conduct annual security audits and penetration testing.
Our Data Protections
- Encryption at rest and in transit
- Restricted staff access to personal data
- Annual security audits and penetration testing
- Fraud detection and account-takeover prevention
What We Don't Do
- Sell personal data to third parties
- Use data for marketing or profiling
- Share data without legal basis
- Retain data longer than necessary
Cookies and Tracking Technologies
We use cookies to maintain your login session, remember your preferences, and detect fraud. Session cookies expire when you close your browser. Persistent cookies remain for up to 12 months. We do not use cookies for third-party advertising or behavioural tracking. You can disable cookies in your browser settings; however, some indra features may not work without them.
We use analytics tools to measure platform performance (page load time, feature usage, error rates). These tools do not identify you personally; they aggregate usage data across all users. We do not use analytics for marketing or profiling.
Jurisdiction and Policy Changes
Our services are available only where local law permits. Users in Jakarta, Surabaya, Bandung, and Medan may have different legal protections depending on local data-protection laws. We comply with applicable regulations in each jurisdiction where we operate. If your jurisdiction's law changes, we may need to update our data practices; we will notify you of material changes.
We may update this privacy policy at any time. Changes take effect immediately upon publication on this page. Continued use of indra after such publication indicates your acceptance of the revised policy. If you disagree with our privacy practices, you may request account closure and data deletion (subject to legal retention requirements).
Contact our support team if you have questions about this policy, wish to exercise your data rights, or believe we have mishandled your personal information. We will respond within 30 days.