LEGAL REFERENCE

Your privacy is how we build trust

Q: How do I delete my account and all my personal data?

Request account closure via support@hibikiwin.app or through your account settings. Your gaming history is anonymized immediately. Payment records are kept for tax compliance (seven years), but your name and contact details are deleted within 30 days.

We keep your account details, payment information and gaming activity secure. This policy explains exactly what we collect, how we protect it, and your rights over your data...

Account SecurityPayment ProtectionData TransparencyYour Control

Enter Game Lobby Read FAQ

Privacy policy scope and jurisdiction

hibikiwin operates in supported regions of Indonesia where local law permits online gaming. This policy covers all personal data we collect when you open an account, make deposits via QRIS, DANA, OVO or GoPay, play in our lobbies, and interact with our support team. We comply with Indonesian data protection standards and international best practices. Your data is stored securely and never

shared with third parties without your consent, except where required by law or payment processors need access to complete your transaction.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

SUPPORT

Privacy questions and contact

PLATFORM TRUST SIGNALS

How we earn privacy trust

Encryption Standard

All data transmitted between your device and our servers uses TLS 1.2+ encryption. Stored account and payment information is encrypted at rest.

Third-Party Audits

We undergo annual security reviews by independent firms to verify our data handling practices meet or exceed industry standards for player protection.

Payment Partner Vetting

QRIS, DANA, OVO and GoPay integrations are audited before launch. We only work with providers meeting strict data segregation and compliance requirements.

Clear Retention Schedules

We delete inactive account data after 24 months unless you request otherwise. Payment records are retained only as long as law or audit requirements demand.

No Data Brokering

We never sell your gaming history, payment details or personal information to marketers, brokers or external analytics firms without explicit written consent.

Breach Response Plan

If unauthorized access occurs, we notify affected players within 48 hours and provide guidance on account recovery, payment fraud checks and next steps.

Consistency across our policy pages

Terms of Service	Our ToS and Privacy Policy align on data use, account ownership and dispute resolution. Both apply when you open an account and deposit via QRIS, DANA, OVO or GoPay.
Cookie Policy	Separate policy details how we use cookies and pixels. We track lobby navigation only; we do not use cookies to build profiles for sale to third parties.
Payment Security Addendum	Payment-specific privacy protections are outlined here: card and e-wallet data handling, PCI DSS compliance, and your rights if a deposit fails or is disputed.
Account Recovery Policy	If your account is locked or compromised, our recovery process is documented separately. Data access during recovery is logged and disclosed to you.
Support Ticket Confidentiality	When you contact support, your message and any personal data shared is encrypted and visible only to our support team. Transcripts are kept for 90 days.
Affiliate & Referral Privacy	If you refer a friend or join as an affiliate, referral tracking is governed by a separate addendum. Your referral data is not merged with your gaming profile without consent.
Mobile App Data Collection	Our iOS and Android apps collect device identifiers and location signals only to deliver lobby and payment notifications. Full policy available in-app settings.

Privacy framework: what defines our approach

Minimal Collection

We collect only what's necessary: name, email, phone, payment details and gaming activity. No requests for credit history, employment data or unnecessary ID verification.

Purpose Limitation

Data collected for account creation is used for that purpose only. Payment info stays siloed from marketing; gaming activity is separate from payment records.

User Rights Dashboard

Export your data, update personal details, pause data collection for marketing, or request full anonymization—all from your account settings in one click.

Vendor Accountability

Every third party we work with (QRIS processor, analytics tool, email service) signs a Data Processing Agreement. We audit their practices annually.

Transparent Logging

Your account access history is visible to you: login times, deposit timestamps, support interactions, and any data exports are logged and downloadable.

Regular Policy Updates

When we change this policy, we email you 30 days beforehand and post updates clearly. You can object or request account closure before changes take effect.

Privacy policy questions answered

We collect your name, email, phone number, date of birth (for age verification), and account password. During your first deposit via QRIS, DANA, OVO or GoPay, payment address and banking details are also recorded. We do not collect employment history, family data, or browsing habits outside our site.

Payment details tied to a specific transaction are retained for seven years to satisfy Indonesian financial reporting rules. Your full banking information (e.g. OVO account number) is deleted after 24 months of account inactivity. You can request earlier deletion via our support email.

Yes. Open your account settings, select 'Data Export' and we'll prepare a CSV file of your account info, transaction history, login logs and support tickets. Download is available within 48 hours. Email [email protected] if the export link expires.

No. We never sell gaming history, session length, game preferences or payment patterns. We use your data only to run your account, comply with law, and improve our service. Marketing uses only anonymized aggregate counts—never individual player profiles.

We notify you by email within 48 hours of discovery. We'll describe what data was exposed, steps we've taken to stop the breach, and free credit monitoring options. We also file reports with Indonesian authorities if required.

Request account closure via [email protected] or through your account settings. Your gaming history is anonymized immediately. Payment records are kept for tax compliance (seven years), but your name and contact details are deleted within 30 days.

No. We use cookies only on hibikiwin.app to remember your login, lobby preferences and deposit method. We do not place tracking pixels on external sites or buy third-party cookie data. See our Cookie Policy for full details.