How We Handle Your Account Data
This is the ulti188 login privacy policy — a plain reading of what we collect when you open an account, why we keep it, and how long it...
Our Privacy Posture, Plainly Written
We collect only what your account needs: the email and phone you register, the device you sign in from, the deposit channel you pick, and the lobby actions tied to your balance. Where local law permits, we store this data on servers serving supported regions and apply Indonesian data-protection norms on top. We don't sell your details. We share them with payment
partners — DANA, OVO, GoPay and QRIS rails — only to settle a transaction you started, and with our identity checks when verification is required. You can ask us to export or delete your record at any time, and we'll confirm the action by email within a working week.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
How We Review This Policy
Named Data Officer
A named officer signs off every revision of this policy. You can request their contact through our privacy inbox if you need a written response for a regulator or your bank.
Quarterly Refresh
We re-read the policy every quarter against Indonesian guidance and adjust wording when a payment partner or hosting region changes. Past versions stay archived for your reference.
Encrypted Transit
Sign-in traffic, deposit references and chat sessions move over encrypted channels. Your DANA, OVO, GoPay and QRIS handles never appear in plain text inside our internal logs.
Minimal Collection
We only ask for fields the lobby actually needs. If a feature stops requiring a data point, we drop the field from the form and purge the historical column on the next cycle.
Vendor Audits
Every third party touching your data — from KYC checks to SMS gateways — signs a processing agreement with us, and we audit their access logs against our own at least twice a year.
Clear Retention
Active accounts hold data while you sign in. Closed accounts roll into a short legal-hold window and then drop out of our systems, leaving only the minimum the law asks us to keep.
Consistency Across Our Policy Pages
| Terms of Service | Our terms cover what you agree to when you open an account; this privacy policy covers what data that account creates. Both documents reference the same defined terms. |
|---|---|
| Cookie Notice | The cookie notice lists every tag we drop on your browser. This policy explains how the resulting data joins your account record once you sign in to the lobby. |
| KYC Statement | Identity-check rules sit in the KYC statement. Here we only describe how the documents you upload during KYC are stored, encrypted and eventually disposed of. |
| Payment Terms | Payment terms describe deposit timing for DANA, OVO, GoPay and QRIS. Privacy explains which transaction fields we keep and for how long after settlement. |
| Promo Rules | Promo eligibility data — opt-ins, qualifying deposits, bonus ledger — is covered briefly here and in full inside the promo rules document linked from your account. |
| Account Closure | Closure flow lives in the account help centre. This policy explains the data tail: which fields survive closure for legal hold and which we delete immediately. |
| Complaints Path | The complaints page lists escalation steps. Privacy adds the data angle — what we record about your complaint and who inside the team is allowed to read it. |