ngawi Privacy Policy

This page describes what we collect when you use ngawi and how we keep that data protected. We collect personal information only to operate our platform, process your deposits and withdrawals, verify your identity, and comply with anti-money-laundering regulations. We do not sell your data to third parties, and we do not use your information for marketing purposes without your consent.

Our ngawi platform processes data across multiple systems. Your account credentials, balance, and transaction history are stored on our servers. When you deposit via DANA, e-wallet, mobile banking, local payment, online payment, or direct bank transfer through e-wallet, mobile banking, local payment, or online payment, payment data flows through encrypted channels to our payment processors. We retain transaction records for compliance and dispute resolution. Your data is encrypted in transit and at rest using industry-standard SSL and AES encryption.

We are transparent about how we handle your information. This policy explains what data we collect, how we use it, who has access to it, how long we keep it, and what rights you have. If you have questions about your data or wish to exercise your privacy rights, contact our support team via the in-app support form.

What Data We Collect on ngawi

We collect data in several categories. First, account information: your email address, password (hashed, never stored in plain text), full name, date of birth, phone number, and residential address. We require this information to create your ngawi account and verify your identity during KYC (Know-Your-Customer) verification.

Second, identity documents: we collect a copy of your national ID, passport, or driver's license, and proof of address (utility bill, bank statement, or government letter). We use these documents to verify your identity before your first withdrawal. We store these documents securely and delete them after verification is complete, unless we are required by law to retain them longer.

Third, payment information: when you deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer, we record the payment method, amount, timestamp, and transaction ID. We do not store your full payment card details or bank account numbers—payment processors handle that data directly. We retain payment records for 7 years to comply with financial regulations.

Fourth, gameplay data: we record every bet, spin, prediction, and game session you participate in. This includes the game type (sportsbook, live dealer, slots, esports), stake amount, outcome, and timestamp. We use this data to calculate your leaderboard rank, detect fraud, and resolve disputes. We retain gameplay data for 3 years.

Fifth, device and connection data: we log your IP address, device type (Android phone, iPhone, desktop), operating system version, browser type, and approximate location (city-level, derived from IP). We use this data to detect unauthorized access, prevent fraud, and ensure our ngawi platform works across different devices.

KYC data: Identity documents and proof of address collected during account verification. We delete these after verification unless legally required to retain them.
Transaction data: Records of all deposits, withdrawals, and gameplay activity. We retain these for 3–7 years for compliance and dispute resolution.
Device data: IP address, device type, browser, and location. We use this to detect fraud and ensure platform security.

How we use your data on ngawi

We use your data for five primary purposes. First, account management: we use your email and password to authenticate you when you log in. We use your name and address to verify your identity and comply with anti-money-laundering regulations. Second, payment processing: we share your payment information with our payment processors (mobile banking, local payment, online payment, etc.) to execute deposits and withdrawals. These processors are bound by confidentiality agreements and use your data only to process transactions.

Third, fraud detection: we analyze your gameplay patterns, device data, and transaction history to detect suspicious activity. If we detect unusual behavior—such as rapid account creation and deletion, simultaneous logins from different countries, or sudden large withdrawals—we flag your account for manual review. Fourth, leaderboard and tournament ranking: we use your gameplay data to calculate your rank on our ngawi leaderboards and determine tournament prizes. Fifth, legal compliance: we retain transaction records and KYC documents to comply with Indonesian financial regulations and anti-money-laundering laws.

We do not use your data for marketing, profiling, or behavioral targeting. We do not sell your data to third parties. We do not share your gameplay history with other players—leaderboards show only your rank and username, not your personal details.

Data retention: We keep account data for as long as your ngawi account is active. After you close your account, we retain transaction records for 7 years for compliance. We delete personal documents (ID, proof of address) after verification unless we are legally required to retain them.

Our ngawi Privacy Practices and Your Rights

Third-party processors and data sharing

We share your data with third parties only when necessary to operate ngawi. Our payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) receive your payment information to process deposits and withdrawals. Our hosting provider stores our servers and databases. Our email service provider sends you account notifications and password-reset links. All third parties are bound by confidentiality agreements and are prohibited from using your data for any purpose other than providing services to ngawi.

We may disclose your data if required by law. If a court issues a subpoena or if Indonesian financial authorities request information for an investigation, we will comply. We will notify you of such requests unless we are legally prohibited from doing so.

Cookies and tracking on ngawi

Our ngawi platform uses cookies to maintain your login session and remember your preferences. When you log in, we set a session cookie that expires after subject to verification of inactivity. This cookie contains only your session ID, not your password or payment information. We also use analytics cookies to track how users navigate our platform—which games are most popular, which payment methods are used most frequently, and where users encounter errors. These analytics cookies do not identify you personally; they aggregate data across all ngawi users.

You can disable cookies in your browser settings, but doing so may prevent you from logging into ngawi or using certain features. Our ngawi mobile app does not use cookies—it uses secure tokens stored locally on your device.

Your rights regarding your ngawi data

You have the right to access your data. You can view your account information, transaction history, and gameplay records anytime by logging into ngawi. You have the right to correct inaccurate data—if your address or phone number is wrong, you can update it in your Account Settings. You have the right to request deletion of your account and associated data. If you request account deletion, we will close your account and delete personal information (name, address, phone) within 30 days. We will retain transaction records for 7 years as required by law.

You have the right to data portability. If you wish to export your transaction history or gameplay records, contact our support team and we will provide your data in a standard format. You have the right to object to certain data processing—for example, if you do not wish to receive email notifications, you can disable them in your Account Settings.

Data security and encryption on ngawi

We encrypt all data transmitted between your device and our ngawi servers using SSL (Secure Sockets Layer) technology. Your password is hashed using bcrypt, a cryptographic algorithm that makes it impossible for us to recover your password even if our database is compromised. Your payment information is encrypted using AES-256 encryption. Our servers are protected by firewalls, intrusion-detection systems, and regular security audits.

We conduct annual penetration testing to identify vulnerabilities. If we discover a security breach, we will notify affected users within 72 hours and provide guidance on protecting their accounts. We maintain a bug-bounty program—if you discover a security vulnerability in ngawi, you can report it to our security team and we will investigate and reward you for responsible disclosure.

Cross-border data transfer

Our ngawi servers may be located outside Indonesia. When you use ngawi, your data may be transferred to and stored on servers in other countries. By using ngawi, you consent to this cross-border data transfer. We ensure that data transferred outside Indonesia is protected by the same security standards we apply domestically—SSL encryption, access controls, and regular audits.

Contact us about privacy

If you have questions about our privacy practices, wish to exercise your data rights, or believe your data has been misused, contact our support team via the in-app support form. We will respond to privacy inquiries within 10 business days. You can also contact us during business hours via email or phone—contact details are available in your Account Settings.

This privacy policy is effective as of the date posted on our ngawi website. We may update this policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by email or by posting a notice on our platform. Your continued use of ngawi after such changes constitutes your acceptance of the updated policy.