gajah138 Platform Privacy Notice

This page describes what we collect when you use gajah138 and how we keep that data protected. We are committed to transparent data handling and compliance with privacy regulations in the jurisdictions where we operate. Your personal information is used solely to operate our platform, verify your identity, process payments, and communicate with you about your account.

We at gajah138 collect minimal data—only what is necessary to let you open an account, deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or Indonesian banks (mobile banking, local payment, online payment, e-wallet), and withdraw your funds. We do not sell your data to advertisers or third-party marketers. Our data storage and processing comply with applicable regulations, and you have the right to request access to or deletion of your personal information.

The sections below explain what data we collect, how we use it, who has access, and what rights you have. If you have questions about our privacy practices, contact our support team via the Help Center.

What Data We Collect on gajah138

When you open an account on gajah138, we collect your email address, phone number, and a password of your choice. These are required for account access and verification. We also collect your full name, date of birth, and gender during the signup process to match your identity against government records during verification.

Before your first withdrawal, we require government-issued identification (such as an ID card or passport) and proof of address (utility bill, bank statement, or government-issued document dated within three months). We scan these documents and store them securely in an encrypted database separate from your account profile. This verification is mandatory under anti-money-laundering regulations and applies equally to all users, whether you are in Jakarta, Surabaya, Bandung, Medan, or Semarang.

We log your game activity on gajah138: which markets you view (Liga 1, Piala AFF, MotoGP, live-dealer tables, slots), what selections you place, and the outcome. This data helps us detect fraud and settle disputes. We also log your IP address and browser type for security and fraud prevention. We do not track you outside of gajah138 or sell browsing data.

How We Use Your Data on Our gajah138 Platform

We use your email and phone to verify your account during signup and to send you important notifications: account confirmations, deposit confirmations, withdrawal requests, and security alerts. You can opt out of promotional emails (such as offers for new bonuses or tournaments) via your account settings, but we will continue to send transactional emails about your account.

Your identification and address data are used to verify your identity and confirm that you are in a jurisdiction where gajah138 operates. We retain these documents for the duration of your account plus seven years for regulatory compliance. We also use your data to comply with anti-money-laundering regulations, preventing fraud, and detecting suspicious activity such as duplicate accounts or stolen payment methods.

Your game activity and transaction history are used to settle disputes, investigate complaints, and calculate your tier level and cashback eligibility. We may review your activity if you report a technical issue (such as a missing withdrawal) or if we detect unusual patterns that suggest fraud. Your data is not used for any purpose beyond account management and regulatory compliance.

Email & Phone

Account access, verification, and transactional notifications (deposits, withdrawals, security alerts).

ID & Address

Account verification, anti-money-laundering compliance, and fraud prevention. Retained for 7 years after account closure.

Game & Transaction History

Dispute resolution, settlement calculation, tier progression, and account activity review upon request.

IP & Browser Data

Security monitoring, fraud detection, and session management. Logs are retained for 90 days.

Third Parties and Data Processors on gajah138

Our gajah138 platform uses third-party payment processors to handle deposits and withdrawals. When you choose online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet, those companies receive your payment details and process the transaction on their own systems. We do not have access to your full card or e-wallet credentials; only your payment processor sees those details. We follow their privacy policies and you should review them before choosing a payment method.

We also use a third-party identity-verification service to validate your government ID. Your ID image and personal details are sent securely to this service for automated verification. We do not store the original image after verification is complete; only a confirmation code is retained.

Our servers are hosted in data centres that may be located outside Indonesia. This means your data may be stored or processed on servers in other countries, subject to the privacy laws of those jurisdictions. We use encryption and access controls to protect your data in transit and at rest. We do not share your personal information with marketing companies, data brokers, or any third party except as required by law or regulatory authorities.

Your Rights and Data Retention on gajah138

You have the right to request access to your personal data stored on gajah138. You can contact our Help Center and request a copy of all your information in a machine-readable format. You also have the right to request correction of inaccurate data—for example, if your address on file is outdated, we will update it upon request and verification.

You have the right to request deletion of your personal data, subject to legal retention requirements. If you request account closure, we delete your email, phone, and payment tokens immediately. However, we retain your ID, address, and transaction history for seven years to comply with anti-money-laundering regulations and financial reporting requirements. After seven years, we securely purge these records.

You may opt out of promotional communications (newsletters, bonus offers) at any time via your account settings. You cannot opt out of transactional emails (account confirmations, withdrawal notifications, security alerts) as these are essential for account operation.

Cookies and Tracking on Our gajah138 Service

We use cookies to maintain your login session and remember your preferences (such as your preferred language or display theme). These cookies do not track you outside gajah138 and do not serve advertising. You can disable cookies in your browser settings, but doing so may prevent you from logging in or using certain features.

We do not use third-party tracking pixels or analytics services that identify you personally. We may use aggregate analytics (such as total page views or most-played games) to understand platform usage, but this data is anonymised and does not identify you. We do not sell or share this aggregate data.

Security and Data Protection on gajah138

We use encryption (TLS/HTTPS) to protect data in transit. Your personal information is encrypted at rest in our database. Access to your data is restricted to authorised gajah138 staff only (such as customer support, compliance, and technical staff). We use multi-factor authentication internally to prevent unauthorised access.

We undertake regular security audits and penetration testing. If we discover a data breach affecting your information, we will notify you within 30 days and advise you of steps to take. Our Help Center provides contact information so you can report suspected security issues directly.

Your account is protected by your password. You are responsible for keeping your password confidential. If you suspect unauthorised access, change your password immediately and contact our support team.

Related pages