bosbandarq Privacy Policy

This page describes what we collect when you use bosbandarq and how we keep that data protected. We are committed to transparency about data handling across our sportsbook (Liga 1, Piala AFF, Champions League betting), live-dealer tables (roulette, blackjack, baccarat), slot games, and payment processing (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet). Our privacy practices comply with Indonesian data-protection frameworks and are designed to safeguard your account information, identity documents, and payment details.

We collect data only as necessary to operate bosbandarq — to verify your identity, process deposits and withdrawals, settle bets, comply with anti-money-laundering law, and detect fraud. We do not sell your data to third parties and do not use it for marketing beyond account-related communications. This policy applies to all users accessing bosbandarq from any jurisdiction where our service is available.

Our services are available only where local law permits. Users are responsible for verifying that access to bosbandarq complies with their own jurisdiction's applicable law.

What Data We Collect on bosbandarq

We collect data across three categories: account creation, identity verification, and gameplay activity. During account registration, we collect your email address, chosen username, hashed password, and IP address. We do not require your name or phone number at registration — these are requested only during KYC verification before your first withdrawal.

Before you can withdraw funds from bosbandarq, we require Know Your Customer (KYC) verification. You submit a government-issued ID (passport, national ID, or driver's licence), confirm your full name and date of birth, and provide a selfie holding your ID. We verify this information against government records through third-party identity providers. Once verified, your KYC data is encrypted and stored for seven years to satisfy anti-money-laundering obligations under Indonesian law.

Payment information is collected when you deposit or request withdrawal. For e-wallet deposits (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet), you authenticate directly with the e-wallet app — we receive only a confirmation token, not your e-wallet login or full account number. For bank transfers to mobile banking, local payment, online payment, or e-wallet virtual accounts, we generate a unique account number linked to your bosbandarq profile; your bank provides transfer confirmations directly to our system. We do not store your full bank account number — only a tokenized reference.

Gameplay and Account Activity

We record all gameplay activity on bosbandarq — bets placed, game results, cash-in (deposits), and cash-out (withdrawals). This includes timestamps, stake amounts, odds accepted, match or game outcomes, and your account balance before and after each transaction. We retain this data indefinitely for fraud detection, dispute resolution, and regulatory compliance.

We also log your IP address, device type (Android phone, iPhone, web browser), browser version, and general location (country/region inferred from IP). This helps us detect unauthorized access attempts and prevent account takeover. If you log in from an unusual location or device, our system may flag the session for secondary verification during withdrawal.

Cookies and Tracking

We use session cookies to keep you logged in while you use bosbandarq. These cookies expire when you close your browser or log out. We do not use persistent tracking cookies or third-party analytics trackers. Our website may use Google Analytics to track page views and aggregate user behavior, but this data is anonymized and does not identify individual accounts. We do not use cookies for advertising or targeted marketing.

KYC (Know Your Customer)

Identity verification process requiring government ID, name confirmation, and selfie; mandatory before withdrawal on bosbandarq

Tokenization

Security technique where payment account numbers are replaced with secure tokens; we store tokens, not full account numbers

Encrypted at rest

Data encrypted using AES-256 while stored on our servers; decryption requires keys held separately

HTTPS/TLS

Encryption protocol protecting data in transit between your device and bosbandarq servers

How We Use and Protect Your Data on bosbandarq

We use your data for core operational purposes: account management, deposit processing, bet settlement, withdrawal authorization, fraud prevention, and legal compliance. We do not use your data for marketing, advertising profiling, or third-party sales. If you receive promotional emails about bosbandarq events (e.g., tournament schedules during Liga 1 or Piala AFF season), these are triggered by your account activity, not by data sharing with external parties.

Our servers are located outside Indonesia (typically in Southeast Asia or Singapore). Your data crosses international borders when stored or accessed. We use HTTPS/TLS 1.2 encryption on all traffic, so data is protected during transit. At rest, we encrypt sensitive data (ID documents, selfies, payment tokens) using AES-256 encryption with keys held separately from the encrypted data.

We share your data only with internal teams (support, compliance, fraud analysts) and essential service providers. These providers include identity-verification vendors (for KYC), payment processors (for deposit/withdrawal confirmation), and legal counsel (for regulatory requests). We do not sell your data to advertisers, data brokers, or other third parties. We comply with law-enforcement requests only when presented with valid legal orders.

Your Rights on bosbandarq

You have the right to access your personal data on bosbandarq. Log in to your account and view your profile, KYC details, and transaction history. You have the right to correct inaccurate information — if your name or address on file is wrong, contact our support team via email with corrected details and supporting documentation.

You have the right to request deletion of your data after account closure. We will delete gameplay records, KYC documents, and payment tokens, except where retention is required by law (AML compliance typically requires seven-year retention). If you wish to close your account, contact our support team via email; they will assist with account deactivation and answer questions about data deletion timelines.

You have the right to lodge a complaint with Indonesian data-protection authorities if you believe we mishandled your data. Contact our support team first — we aim to resolve concerns directly within 30 days.

Third-Party Processors and Data Transfers

We engage third-party vendors to operate bosbandarq. Identity-verification providers (for KYC) are located in Singapore and Indonesia; they process your ID documents and selfie according to our data-protection agreements. Payment processors (for DANA, e-wallet, mobile banking, local payment, online payment deposits) are Indonesian e-wallet and banking partners; they handle tokenization and do not retain full account numbers on our systems. All vendors sign data-processing agreements requiring them to protect your data with the same standard we apply.

We do not share your full name, date of birth, or ID number with game providers (slot software companies, live-dealer studios). Game providers see only your player ID (a randomly generated number) and your gameplay activity — not your identity.

Account Security and Password Reset

We protect your bosbandarq password using bcrypt hashing with salt; even our internal staff cannot recover plaintext passwords. If you forget your password, we send a reset link to your registered email. Click the link, set a new password, and log in immediately. The reset link expires after one hour for security.

We offer two-factor authentication (2FA) via authenticator apps (Google Authenticator, Microsoft Authenticator). Enable 2FA in your account settings; when you log in from an unrecognized device, you must enter a time-based code from your phone app. This prevents account takeover even if your password is compromised.

Data Breaches and Incident Notification

If a security breach occurs that compromises your data, we will notify you via email as soon as we discover the breach. We will describe what data was exposed, what steps we are taking to contain the breach, and what actions you should take (password reset, 2FA enablement). We will also notify Indonesian authorities and cooperate with investigations.

Policy Updates and Contact

We may update this policy to reflect changes in our operations or legal requirements. Material changes will be announced via email to registered accounts. Your continued use of bosbandarq after policy changes constitutes acceptance of the updated terms.

Questions about our privacy practices or requests to access, correct, or delete your data can be directed to our support team via email. Include your account ID and a detailed description of your request. We respond to privacy inquiries within 14 days. For urgent security concerns (suspected fraud, unauthorized access), email immediately.

Our services are available only where local law permits. We do not offer access in jurisdictions where online gaming is prohibited by statute. Users must verify compliance with their own jurisdiction's law before creating an account or accessing bosbandarq.