koi138 Platform Privacy Notice

This page describes what we collect when you use koi138 and how we keep that data protected. When you create an account, deposit funds, or play on our platform, we gather information needed to verify your identity, process your payments, and deliver our service. We take data protection seriously and follow standard industry practices to keep your information secure.

We at koi138 operate across multiple regions, and our data handling reflects the legal requirements of each jurisdiction where we operate. Our servers may sit outside your location, but we apply consistent security standards everywhere. You have rights over your data—this notice explains what those rights are and how to exercise them.

This is our full privacy policy. If you have questions after reading it, our support team can clarify any section. You can contact us anytime through the koi138 app or website.

What Data We Collect on koi138

We collect data in several categories. First, we collect account information: your email address, phone number, full name, date of birth, and government ID number. This is required for account creation and identity verification before your first withdrawal.

Second, we collect address information. We ask for your street address, city, postal code, and country. This helps us verify your location and comply with regional regulations. If you live in Jakarta, Surabaya, Bandung, Medan, or Semarang, we use this information to confirm you're in a jurisdiction where our services are available.

Third, we collect payment information. When you deposit or withdraw, we record the payment method you use—DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet. We don't store your full payment details on our servers; payment processors handle that directly. We only store a reference to your payment method so you can reuse it for future transactions.

Fourth, we collect activity data. We log every position you place, every game you play, every deposit and withdrawal. This data helps us detect fraud, settle disputes, and provide you with an accurate transaction history. Your activity data is tied to your account and visible to you anytime.

We do not sell your data to third parties

Your personal information is used only to operate koi138, comply with law, and prevent fraud. We never sell or rent your data to marketers or data brokers.

How We Use Your Data

We use your data for several purposes. First, we use it to verify your identity and comply with anti-money-laundering (AML) and know-your-customer (KYC) regulations. Before you can withdraw, we confirm your identity matches your government ID and your address is real. This protects both you and us from fraud.

Second, we use your data to process payments. When you deposit via mobile banking or local payment, we send your payment details to the payment processor. When you request a withdrawal, we use your saved payment method to send funds back to you. We keep records of all transactions for accounting and dispute resolution.

Third, we use your data to detect and prevent fraud. We monitor for unusual account activity—like multiple failed login attempts, rapid withdrawals, or positions placed from different countries in a short time. If we detect suspicious activity, we may freeze your account temporarily and ask you to verify your identity.

Fourth, we use your data to improve koi138. We analyze how players use our platform—which games are popular, which payment methods are preferred, which features need improvement. This analysis is done on aggregated data, not individual profiles. We use these insights to make koi138 better.

We at koi138 keep your data only as long as needed to operate our service and comply with law. Once you close your account, we delete your data within a reasonable timeframe.

koi138 editorial team

Third-Party Processors and Data Sharing

We work with third-party processors to deliver koi138. These include payment processors (who handle online payment, e-wallet, mobile banking, local payment transactions), identity verification services (who confirm your government ID), and hosting providers (who store our servers). We share only the data each processor needs to do their job.

Payment processors see your payment method and transaction amount, but not your full account history. Identity verification services see your name, date of birth, and ID number, but not your account balance or activity. Hosting providers see encrypted data and cannot read it without our encryption keys.

We require all third-party processors to sign data protection agreements. These agreements require them to keep your data confidential, use it only for the purpose we specify, and apply security standards equal to ours. If a processor is breached, we require them to notify us immediately.

We may also share data with law enforcement or regulators if required by law. If a court orders us to disclose your information, or if a regulator investigates fraud, we comply with legal requests. We will notify you of such requests unless law prohibits us from doing so.

Cookies and Tracking

We use cookies to keep you logged in and to remember your preferences. A cookie is a small file stored on your device that identifies you to our servers. Without cookies, you'd have to log in every time you refresh the page.

We use two types of cookies. Session cookies expire when you close your browser. Persistent cookies stay on your device for a set period—usually a few weeks—so you stay logged in across visits. You can delete cookies anytime through your browser settings, but this will log you out of koi138.

We also use analytics cookies to track how players use koi138. These cookies tell us which pages are visited most, how long players stay on each page, and which features are used. This data is aggregated and anonymous—we cannot identify individual players from it. We use this data to improve our platform.

Your Rights and Data Access

You have rights over your data on koi138. You can request a copy of all data we hold about you. You can ask us to correct inaccurate information. You can request deletion of your data, though we may retain some data if required by law or to settle disputes.

To exercise these rights, contact our support team through the koi138 app or website. Provide your account email and a clear description of what you're requesting. We will respond within 30 days. If your request is complex, we may need additional time, but we'll keep you informed.

You can also control your account settings directly. In your koi138 account, you can update your email, phone number, and address. You can review your full transaction history anytime. You can download your data in a portable format if you want to move it elsewhere.

Data Security and Encryption

We at koi138 protect your data using industry-standard encryption. All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security). This means even if someone intercepts your connection, they cannot read your data.

Data stored on our servers is also encrypted. We use strong encryption keys and rotate them regularly. Our servers are protected by firewalls and intrusion detection systems. We conduct regular security audits and penetration tests to find and fix vulnerabilities.

We require all employees and contractors to sign confidentiality agreements. Access to your data is restricted to staff who need it to do their job. We log all access to sensitive data and review logs regularly for suspicious activity.

Despite our efforts, no security system is perfect. If we discover a data breach, we will notify you and relevant authorities as required by law. We maintain cyber insurance to cover costs if a breach occurs.

Data Retention and Deletion

We keep your data only as long as needed. Account information is retained for as long as your account is active. Transaction history is retained for at least 7 years to comply with financial regulations. After you close your account, we delete personal data within 90 days, except where law requires us to retain it longer.

If you request deletion of your account, we will delete your profile, preferences, and contact information. However, we retain transaction records and identity verification documents for the full 7-year period required by law. This protects both you and us in case of disputes or regulatory inquiries.

International Data Transfers

Our servers may be located outside your country. When you use koi138 from Jakarta, Surabaya, Bandung, Medan, or Semarang, your data may be transferred to servers in other regions. We apply the same security and privacy standards everywhere, regardless of server location.

We comply with data protection laws in each jurisdiction where we operate. If local law requires data to stay within a specific country, we honor that requirement. We use standard contractual clauses and other legal mechanisms to ensure data transfers are lawful.

Contact and Complaints

If you have questions about this privacy policy, contact our support team through the koi138 app or website. We respond to privacy inquiries within 14 days. If you believe we've violated your privacy rights, you can file a complaint with your local data protection authority.

We at koi138 are committed to protecting your privacy. This policy reflects our current practices, but we may update it as our service evolves. We will notify you of material changes by email or through the koi138 app. Your continued use of koi138 after changes means you accept the updated policy.

Our services are available only where local law permits. Users are responsible for verifying that access and use comply with their own jurisdiction's law. If you have concerns about data privacy in your region, contact us before creating an account.