LEGAL REFERENCE

How pandahoki Handles Your Account Data

This is the pandahoki privacy policy — a plain read of what we collect, why we collect it, and how long it sits on our systems. We've written...

Data scopeRetention windowsYour rightsIndonesia-alignedPlain language
pandahoki How pandahoki Handles Your Account Data

Privacy Posture and Jurisdiction Notes

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

PLAYER SUPPORT

Privacy Contact Paths

Reach our privacy desk through any of the channels below. We aim to acknowledge data requests within two working days and resolve standard access or deletion queries inside the windows set by Indonesian data-protection practice.

Team online

Privacy Inbox

Email our data team directly for access, correction or erasure requests. Include the email tied to your pandahoki account so we can match the record without asking for extra identity proof.

In-Lobby Chat

Open the chat panel from any logged-in screen and ask for the privacy queue. Agents route policy questions to the data officer rather than answering from the standard support script.

Postal Channel

For formal notices, written correspondence is accepted at our registered address. Mark the envelope for the privacy officer so it bypasses general account support and reaches the compliance desk.

WHY VISITORS TRUST US

Editorial Trust Signals for This Policy

This page is reviewed by named roles inside pandahoki, not auto-generated. Each update is logged with a date and a summary so you can see what changed.

Reviewed by Compliance

Our compliance lead signs off every revision before it goes live. That review checks the policy against current Indonesian guidance...

Legal Counsel Input

External counsel familiar with Southeast-Asian data rules reads the policy yearly. Their notes feed into the next revision so the...

Engineering Cross-Check

Before publishing, our engineering team confirms that what the policy describes matches what the database stores. If a field is...

Versioned Changelog

Every change is dated and summarised at the foot of this page. You can see when retention windows shifted, when...

Named Data Officer

A specific person owns this policy, not a generic inbox. Their role is published so requests get to the right...

Plain-Language Pledge

We rewrite legalese into sentences a new account holder can read once and understand. Where a term is unavoidable, we...

WHY THIS PLATFORM

Consistency Across Our Policy Pages

Our privacy policy is written to line up with the cookie notice, terms of service and account-closure pages. The table below shows where each topic lives so you don't have to re-read...

01

Data Categories

Listed in full on this page; summarised on the cookies notice for browser-side signals only. Both pages use the same category names so cross-referencing is direct.

02

Retention Windows

This page sets the master retention table. Terms of service references it; the account-closure page repeats the deletion timeline so you see it at the moment you decide to leave.

03

Third Parties

Named here under processors. The cookie notice lists the same vendors where they place browser tags, keeping vendor names identical across both surfaces for easy audit.

04

Your Rights

Spelled out on this page. The contact form short-links to the same rights list so you can pick access, correction, portability or erasure without re-reading the full policy.

05

Jurisdiction

Indonesia-aligned across every legal page. Where supported-region wording appears, it carries the same meaning on this policy, the terms and the deposit-rules page.

06

Update Cadence

Privacy and cookies share a quarterly review cycle. Terms move on a separate annual cycle, which is why timestamps may differ between the documents on any given visit.

07

Contact Routing

The privacy inbox handles only data matters. Account, payment and lobby queries go to general support, keeping response times tight on each queue.

What You'll See on This Policy Page

The privacy page is laid out so the answer you came for is reachable in one scroll. Each block below describes a visible element of the...

Section Anchors

A sticky list of section links sits to the side on desktop and collapses into a dropdown on mobile, so jumping to retention or third parties takes one tap rather than a long scroll.

Last-Updated Stamp

The header carries a clear date showing when the wording was last revised. Anything older than the current quarter triggers a review note from our compliance desk before the next publish.

Inline Definitions

Terms like processor, controller and lawful basis are defined on first use, inline with the sentence. You won't have to break flow to look up vocabulary mid-paragraph.

Change Summary

At the bottom of the page, a short bullet list explains what moved in the latest revision. Substantive shifts are flagged; copy-edits are noted but not highlighted.

Rights Shortcuts

Buttons next to the rights section open prefilled requests for access, correction, portability and erasure. The form attaches your account email so the privacy desk skips a step.

Print-Friendly Layout

The page prints cleanly on A4 with the date stamp and section numbering preserved. Useful if your bank or employer asks for a written copy of the privacy terms you accepted.

Privacy Policy Questions

At signup we collect your name, email, phone and date of birth. While you're logged in we record session signals and payment references tied to DANA, OVO, GoPay or QRIS top-ups. Nothing beyond that scope.

Active-account data stays while your account is open. After closure, records sit for the statutory minimum required in supported regions, then get anonymised. Specific windows are listed in the retention block above.

Only with payment processors, identity-verification partners and regulators where local law permits. We don't sell data to advertisers and we don't pass your contact details to marketing networks outside our own platform.

Yes. Use the rights shortcut in the highlights section or email the privacy inbox directly. We respond within the windows set by Indonesian data-protection practice and confirm identity before sending the file.

Open the account-closure page from your profile, confirm the request, and our team processes the erasure on the timeline shown there. Some transaction records must be kept for statutory periods even after closure.

We store transaction references — not your full e-wallet credentials. DANA, OVO, GoPay and QRIS keep the sensitive fields on their side. We hold only the data needed to reconcile a top-up to your account.

The last-updated stamp at the top changes with every revision and the change summary at the foot lists what moved. Material shifts also trigger an email to the address on your account.