asu138 Platform Privacy Notice

This page describes what we collect when you use asu138 and how we keep that data protected. Our privacy practices centre on transparency, data minimization, and security. When you register, verify your identity through KYC, deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank virtual accounts (mobile banking, local payment, online payment, e-wallet), or withdraw funds, we collect personal information necessary to operate our platform and comply with local regulations. We do not sell or rent your data to marketers or data brokers. We share your information only with payment processors, compliance partners, and where required by law.

We recognize that your privacy is important. We encrypt all sensitive data — passwords, identity documents, payment information — and store it on secure servers. We limit access to your data to asu138 staff and authorized third parties who need it to process your requests. This policy outlines our complete data practices and your rights regarding your information. If you have questions after reading this notice, contact our support team through the asu138 platform.

What Data We Collect on asu138

We collect data in several stages of your interaction with asu138. At registration, we collect your username, password, email address, and phone number. These basics allow us to create your account and send you important notifications about your activity, deposits, or withdrawals.

To comply with KYC (Know Your Customer) requirements, we request a photo of your national identity document — your passport, driver's licence, or national ID card — and a proof of address (utility bill, bank statement, or government letter dated within the last three months). We use this information to verify your identity, confirm you are of legal age, and detect fraud. Our verification team reviews these documents and retains them securely for compliance and dispute resolution.

When you deposit or withdraw funds, we collect payment method details. If you use e-wallets (DANA, e-wallet, mobile banking, local payment, online payment), we do not store your wallet credentials — you authorize payment directly in the e-wallet app, and we only record the transaction amount and timestamp. If you use e-wallet or a bank virtual account, we record the transfer details (amount, date, receiving bank account) but not your banking credentials. All transaction records are encrypted and linked to your asu138 account.

We also collect data about your activity on asu138: which games you access, your stake amounts, game results, and your account balance. This data helps us operate the platform, detect unusual activity, and resolve disputes if you have questions about a transaction or game outcome.

Technical data: We collect your IP address, browser type, mobile device model, and operating system to diagnose technical issues and optimize asu138 for different devices and networks.

Cookies and tracking on asu138 mobile

Our mobile app and website use cookies to remember your login session and user preferences. Cookies are small files stored on your device that help us recognize you when you return to asu138. You can disable cookies in your browser settings, but doing so may limit your ability to access certain features. Our Android app does not require cookie approval — it uses local storage directly. Our iOS browser experience works identically to our Android app regarding data storage.

We do not use cookies for advertising or third-party tracking. We do not share your activity data with social media platforms or analytics vendors like Google Analytics. Our only tracking is internal — we count how many users access asu138 each day, which game categories are most popular, and whether our platform performs well across different networks — to improve your experience.

How We Use Your asu138 Data

We use your data for specific purposes only:

1

Account administrationCore function

We use your email and phone number to verify your account, send login links, confirm deposits, and notify you of withdrawals or account changes.
2

Compliance and fraud preventionLegal obligation

We use your KYC documents and transaction history to verify your identity, prevent money laundering, detect fraudulent activity, and comply with regulations in your jurisdiction.
3

Payment processingService delivery

We share deposit and withdrawal details with your payment provider (DANA, your bank, etc.) to execute the transaction. These providers are bound by confidentiality agreements.
4

Dispute resolutionCustomer service

If you report a disputed transaction or game outcome, we retrieve your account history and communicate with you to investigate and resolve the issue.
5

Platform improvementInternal analytics

We analyze game popularity, user engagement patterns, and technical performance (in aggregate, not individually) to improve asu138's speed and reliability.

We do not use your data for marketing or promotional purposes without your explicit consent. We do not send unsolicited promotional emails or SMS messages. If we choose to notify you about new games, platform updates, or seasonal events, you can unsubscribe from such notifications at any time through your account settings on asu138.

At asu138, your data serves one purpose: to keep your account secure, your transactions accurate, and your gaming experience smooth. We never monetize your personal information.

asu138 data ethics

Data storage and jurisdiction

We store your asu138 data on servers located outside your jurisdiction. Our data infrastructure is distributed across secure, encrypted facilities. Your data may be processed in countries with different privacy laws than your own. By opening an asu138 account, you consent to this international data transfer. We maintain industry-standard security practices (encryption, firewalls, access controls) at all storage locations to protect your information regardless of jurisdiction.

Your rights regarding your asu138 data

You have the right to access your personal data on asu138. You can download your account history, transaction records, and KYC verification status directly from your account dashboard on our mobile app or website. You have the right to request correction if any personal data on asu138 is inaccurate — contact our support team with details of the error, and we will update it. You have the right to request deletion of your account and associated data, provided you do not have pending withdrawals or active disputes. To exercise these rights, contact our privacy team through the support form on asu138 or by emailing the address provided in our Legal NoticeWe will respond within 30 days.

You may withdraw consent for us to use your data for non-essential purposes (such as platform analytics or notification emails) at any time through your account settings. However, we cannot delete data necessary for compliance (KYC documents, transaction history) as long as we are legally required to retain it.

Third-party processors and payment partners

We work with trusted payment processors and compliance partners to operate asu138. When you deposit via e-wallet, mobile banking, local payment, online payment, or e-wallet, those e-wallet providers process the payment and receive your transaction details. When you transfer to a bank virtual account (mobile banking, Mandini, local payment, online payment), the receiving bank processes the deposit. These third parties are bound by confidentiality agreements and use your data only to process your transaction. We do not control how these payment providers store or retain your data — review their privacy policies directly if you have concerns.

Our compliance partner verifies your KYC documents against anti-money-laundering databases. This partner receives only your identity information and verification status — not your account balance or gaming activity. We retain contracts with all third-party processors requiring them to maintain equivalent security and confidentiality standards to ours.

Data retention on asu138

We retain your account data and transaction history for the duration of your account and for seven years afterward to comply with financial regulations and resolve potential disputes. KYC documents (identity photos and proofs of address) are retained for the account duration plus seven years. After that period, we delete or anonymize your data. If you request account deletion, we anonymize identifying information but retain transaction records (without your name) for compliance purposes.

Security practices and data breaches

We encrypt all data in transit (using SSL/TLS) and at rest (using AES-256 encryption). We implement multi-factor access controls so that no single employee can view sensitive data without authorization. We conduct regular security audits and penetration testing to identify and patch vulnerabilities. If we discover a data breach affecting your asu138 account, we will notify you within 72 hours via email and provide guidance on steps to protect your account (such as changing your password). We will also report the breach to relevant authorities as required by law.

Your responsibility: We encrypt data on our servers, but your mobile device's security depends partly on you. Protect your device with a strong password or biometric lock, keep your operating system updated, and do not access asu138 from compromised or shared public WiFi.

Changes to this privacy policy

We may update this privacy policy periodically to reflect changes in our practices or applicable law. We will notify you of material changes via email at least 30 days before the change takes effect. Continued use of asu138 after the change date indicates your acceptance of the updated policy. We recommend reviewing this policy regularly, particularly before opening an account or making a deposit.

Contact us about privacy on asu138

If you have questions about our privacy practices, your data on asu138, or how we handle information during events like Liga 1 seasons or Idul Fitri holidays, contact our privacy team through the support form on our platform or by referencing our Legal Notice for direct contact information. We respond to privacy inquiries within seven business days. For data-access requests or deletion requests, include "Data Request" in your subject line.

asu138 privacy and security team

Data protection officer and compliance

We remain committed to protecting your privacy and maintaining asu138 as a secure, trustworthy platform for users across Jakarta, Surabaya, Bandung, Medan, and supported jurisdictions worldwide.

Our privacy practices reflect our belief that your data is yours. We collect only what we need, use it only for its intended purpose, protect it with industry-standard security, and respect your rights to access, correct, and request deletion. Thank you for entrusting asu138 with your information.