bakkara Platform Privacy Notice: How We Protect Your Data

This page describes what we collect when you use bakkara and how we keep that data protected. We understand that your personal information is sensitive. Every piece of data we hold—from your identity documents to your payment methods—is encrypted, logged, and accessed only by authorised staff under strict protocols.

We do not sell your information to advertisers, data brokers, or third parties. We do not use your data to profile you beyond what is necessary to prevent fraud and comply with local regulations. When you register with bakkara, you grant us permission to collect and process specific information. You retain the right to access, correct, or request deletion of that data at any time.

Our privacy commitments apply across all regions where bakkara operates. If you have questions about how we handle your information, contact our support team through the app or via email. We respond to all privacy requests within fourteen days.

What we collect when you join bakkara

We collect your full legal name, date of birth, email address, and physical address during registration. These details are mandatory for account verification. We also collect your government-issued identification number (KTP, passport, or driving licence number) as part of our Know Your Customer (KYC) obligations.

When you make a deposit or withdrawal, we record your payment method and transaction history. If you use DANA, e-wallet, mobile banking, local payment, or online payment, we receive a transaction token from those providers—not your full payment credentials. Bank transfers via e-wallet, mobile banking, local payment, or online payment are recorded with your account and beneficiary details.

We also collect behavioural data: which games you play, how long you stay on bakkara, which markets you view, and your device type. This helps us understand user patterns and detect suspicious activity. We log your IP address and approximate geographic location for fraud prevention.

We do not store your payment card details

When you deposit via e-wallet or bank transfer, our servers never touch your credit card or bank credentials. Payment processors handle that encryption separately. We receive only a token confirming the transaction succeeded.

How we use your data on bakkara

We use your personal information to verify your identity, process deposits and withdrawals, detect fraud, and comply with anti-money-laundering (AML) regulations. Your behavioural data helps us identify unusual account activity—for example, if someone attempts to access your account from a new device or location, we flag it and may request additional verification.

We analyse aggregate data (without identifying individuals) to understand which games are popular during Idul Fitri or Idul Adha, or how demand shifts during Liga 1 season. This helps us improve our platform and offer better features. Your data also lets us send you account notifications—when your withdrawal is processed, when your 2FA code is needed, or when your account shows a login from an unfamiliar location.

We do not use your data to send unsolicited marketing messages, sell targeted advertising, or build psychological profiles for manipulation. We do not combine your bakkara activity with data from other platforms to infer your interests or preferences.

Third parties we work with and data sharing on bakkara

We share your data with payment processors (e-wallet, mobile banking, local payment, online payment, and bank partners) only to complete your transaction. These processors receive your name and transaction amount, but nothing more. We share your identity information with our compliance team and, if required by law, with regulatory authorities in your jurisdiction.

Our servers are hosted by a third-party cloud provider. This provider has access to encrypted backups of your data but does not have decryption keys. They are contractually bound to use your data only for infrastructure maintenance and cannot access or share it. We audit these providers annually for security compliance.

Note: We do not share your data with other gambling operators, sports betting platforms, or affiliate networks without your explicit written consent.

Cookies and tracking on bakkara

Our website uses cookies to remember your login session, store your language preference, and track which pages you view. These are essential for bakkara to function. We do not use third-party cookies for advertising or behavioural tracking.

You can clear cookies from your browser settings at any time. Clearing cookies will log you out of bakkara, but your account data remains safe on our servers. We also use cookies to detect fraud—for example, if a cookie changes suddenly, we flag the session as suspicious.

Your rights and data retention on bakkara

You have the right to access all data we hold about you. You can request a copy of your information, which we provide within fourteen days. You have the right to correct inaccurate information—if your address is wrong, you can update it yourself in your account settings or contact support.

You have the right to request deletion of your account and associated data. However, we may retain certain information for legal and regulatory reasons. For example, we must keep transaction records for seven years to comply with AML laws. If you request deletion, we anonymise your personal identifiers while preserving transaction history.

We retain account data for as long as your account is active plus two years after closure. Behavioural data (login history, game history) is retained for one year and then aggregated or deleted. Payment transaction records are retained for seven years as required by Indonesian financial regulations.

Account security and data protection practices on bakkara

We encrypt all data in transit (TLS 1.3) and at rest (AES-256). Your password is hashed using bcrypt, meaning we cannot read it even if our database is compromised. Your identification document is stored in an encrypted vault separate from your account data.

We require two-factor authentication (2FA) on all withdrawal requests. This prevents someone with your password from accessing your balance. Our support team does not have the ability to override 2FA—only you can authorise a withdrawal.

We conduct annual security audits and penetration testing. We have a responsible disclosure policy—if a researcher discovers a security flaw, they can report it to us, and we respond with a fix and potential reward. Our team monitors for data breaches 24/7.

Contact us about your privacy on bakkara

If you have questions about how we handle your data, contact our support team. We provide responses in English via the bakkara app. For formal privacy requests, email us with "Privacy Request" in the subject line, and we will respond within fourteen days.

This privacy notice was last updated in 2025 and applies to all bakkara users. We may update these terms to reflect changes in our practices or regulatory requirements. We will notify you of material changes via email or in-app notification. Continued use of bakkara after notification means you accept the updated terms.