idnscor Privacy Policy

This page describes what we collect when you use idnscor and how we keep that data protected. We take your privacy seriously and comply with standard data-protection practices across the regions where our service operates.

When you create an account, deposit funds, place bets on Liga 1 or Piala AFF markets, play live blackjack, or withdraw winnings, we collect personal information. We use that information to verify your identity, process payments via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, and e-wallet, prevent fraud, and respond to your support requests. We do not sell or rent your data to third parties.

Our servers may be located outside Indonesia; you acknowledge that your data may be stored and processed in jurisdictions other than your own. We encrypt data in transit and at rest, and we limit access to authorized staff only.

What We Collect When You Use idnscor

We collect information in three categories: account registration, gameplay, and payments.

Account Registration Data on idnscor

When you open an account on idnscor, we collect your email address, password (encrypted), date of birth, and full name. We use your email to send account notifications, password-reset links, and support responses. Your date of birth is used to verify you meet the legal age requirement for account holders (varies by jurisdiction). Before your first withdrawal, we request government-issued identification (national ID, passport, or driver's license) and proof of address (utility bill, bank statement, or government letter). We store these documents encrypted and segregated from your account balance data.

Gameplay Data on idnscor

Every bet you place on idnscor is logged: the game type (e.g. live blackjack, Football markets covering Liga 1, or slots like Mahjong Ways), the amount wagered, the outcome, the date, and the time. We retain these logs for seven years to comply with anti-money-laundering regulations and to investigate disputes. If you dispute a payout or a settlement, we use these logs to review what happened.

We also record your IP address and device information (browser, operating system, device type) each time you log in. This helps us detect unusual account access and protect against fraud. If your account is accessed from Jakarta one day and Surabaya the next, we flag this and may require 2FA re-verification.

Payment Data on idnscor

When you deposit via DANA, e-wallet, mobile banking, local payment, or bank transfer, we collect transaction details: the amount, the date, the payment method, and a confirmation code. We do not store your full bank account number, credit card details, or mobile wallet credentials. Instead, we store a "token" provided by the payment processor—a unique identifier that lets us process future transactions without re-entering your details.

Withdrawals follow the same principle. We collect your destination account details once, tokenize them, and use the token for subsequent withdrawals. Your actual banking credentials are held by the payment processor, not by idnscor.

Tokenization: A security method where sensitive payment details are replaced with unique tokens. We store tokens, not raw account numbers.
Encryption: We use industry-standard TLS 1.2+ to encrypt data during transmission and AES-256 for data stored on our servers.
IP Address Logging: We record your IP address at login to detect unusual access patterns and protect your account from unauthorized login attempts.
Data Retention: We retain account and gameplay logs for seven years to comply with regulatory requirements and to investigate disputes.

How We Protect and Share Your Data on idnscor

Our data security on idnscor relies on encryption, access controls, and regular audits. All data in transit (from your device to our servers) is encrypted with TLS 1.2+. All data at rest (stored on our servers) is encrypted with AES-256. Our servers are hosted in data centres with 24/7 physical security, redundant power, and automated backups. We conduct quarterly penetration testing and annual third-party security audits to identify vulnerabilities.

We limit access to your data to authorized staff members only. Our customer support team can view your email and account balance but not your payment details or identification documents. Our compliance team can view your KYC documents and payment history to investigate suspicious activity or respond to regulatory requests.

Third-Party Processors on idnscor

We share your data with third parties only when necessary to provide our service. Specifically:

Payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, banks): We share your name, account/wallet details, and transaction amounts so they can process deposits and withdrawals.
Hosting providers: Our servers are hosted by a third-party data centre. The hosting provider has access to raw server storage but cannot read encrypted data without our encryption keys.
Anti-fraud services: We use third-party fraud-detection tools to assess whether deposits or withdrawals are suspicious. These tools may analyze your IP address, device information, and transaction patterns.
Government authorities: We comply with legal requests from financial regulators, tax authorities, and law-enforcement agencies. If a court order or official investigation requires disclosure of your data, we provide it.

We do not sell your data to marketers, advertisers, or data brokers. We do not use your data to train AI models or build customer profiles for sale.

Your Rights and Data Deletion on idnscor

You have the right to request deletion of your account and associated data. To do so, contact our support team with a deletion request. We delete your account record, gameplay logs, and personal information within 30 days, except where law requires retention (e.g., anti-money-laundering records may be retained for seven years even after deletion requests).

You can request a copy of all data we hold about you. We provide this in a machine-readable format (e.g., CSV or JSON) within 14 days of your request.

If you believe your data has been misused or breached, contact us immediately. We will investigate and notify you within 72 hours if a data breach has occurred. We also notify relevant regulators as required by law.

Cookies and Tracking on idnscor

Our website and mobile app use cookies and similar tracking technologies. These cookies are either essential (required to log you in and remember your session) or analytical (used to count page views and understand user behavior). We do not use tracking cookies to follow you across other websites or build profiles for advertising purposes.

You can disable cookies in your browser settings, but doing so may prevent idnscor from functioning correctly. Our mobile app does not use cookies; instead, it stores your session token locally on your device.

Key points on idnscor data practices

We encrypt all data in transit and at rest using industry-standard methods.
We do not store full bank account numbers or credit card details; we store tokenized identifiers provided by payment processors.
We share data with payment processors, hosting providers, and anti-fraud services only when necessary to provide our service.
We retain gameplay logs for seven years to comply with anti-money-laundering regulations and to investigate disputes.
You can request deletion of your account and a copy of your personal data at any time via our support team.
Our services are available only where local law permits. Data handling complies with applicable local and international data-protection standards.

Contact Us on idnscor Privacy Matters

If you have questions about how we handle your data, how to request deletion, or concerns about a data breach, contact our support team via live chat (available 24/7) or email. We respond to privacy inquiries within 48 hours on business days (09:00–21:00 Jakarta time, Monday–Friday) and within 72 hours on weekends or during Idul Fitri, Idul Adha, Imlek, or Nyepi holidays.

This privacy policy is subject to change. We will notify you of material changes via email or in-app notification. Continued use of idnscor after changes are posted means you accept the updated policy.