penida Platform Privacy Notice
This page describes what we collect when you use penida and how we keep that data protected. We are committed to transparency about our data practices and your rights regarding information you provide to us. When you open an account, deposit funds, or play games on penida, you share personal details with us — we treat this responsibility seriously.
Our privacy approach centres on three principles: we collect only the data we need to operate our platform safely, we protect that data with encryption and secure storage, and we do not sell your information to third parties outside our core business operations. This notice explains the specifics of what we collect, who has access to it, and how long we retain it.
Our services are available only where local law permits. Users are responsible for verifying that access and use comply with their own jurisdiction's law.
What Data We Collect on penida
Account Information
When you register on penida, we collect your email address, username, password (encrypted), date of birth, and full name. We store this information on secure servers to maintain your account and allow you to log in. Your email is used for account recovery, promotional announcements (which you can disable), and security alerts.
Identity and Address Verification
Before you can deposit or withdraw on penida, we require identity verification. We collect scans or photos of your government-issued ID (KTP or passport) and proof of address (utility bill, bank statement, or rental agreement). We use third-party identity-verification services to confirm the authenticity of these documents. Once verified, we store these documents in encrypted form for compliance and anti-fraud purposes. We retain these files for at least five years to meet regulatory requirements.
Payment Information
When you deposit or withdraw on penida, we collect transaction records including the date, amount, payment method (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank account details via mobile banking, local payment, online payment, e-wallet), and the status of the transaction. We do not store full credit card or bank account numbers; we store only tokenized references that allow us to process future transactions without retaining sensitive details. Payment processors handle the actual card or bank data — we receive confirmation of the transaction but not the underlying financial credentials.
Gameplay and Activity Data
We collect records of your gameplay on penida — which games you played, when you played them, how much you wagered, and the outcomes. This data helps us calculate your weekly cashback, track your tier status, and detect fraudulent activity. We also record your activity across sportsbook markets, live-dealer tables, and slot games to compute your loyalty multipliers during major events like Liga 1 fixtures, Piala Indonesia tournaments, and Piala AFF matchdays.
Device and Browser Information
We collect the device type, operating system, browser type, and IP address from which you access penida. We use this information to detect suspicious login attempts, prevent account takeovers, and ensure compatibility with our platform. If you log in from a new device, we may send you a security alert to verify it is you.
How We Use and Protect Your Data on penida
Data Use and Retention
We use the data we collect on penida to operate the platform, process your transactions, calculate bonuses and cashback, detect fraud, comply with anti-money-laundering regulations, and improve our service. We retain account information for as long as your account is active, plus at least five years after closure for compliance purposes. Transaction records are retained for seven years. Gameplay data is retained for one year for analytics and dispute resolution.
We do not use your data for marketing purposes outside penida without your explicit consent. You can manage your email preferences (promotions, alerts, newsletters) in your account settings. If you opt out of promotional emails, we will not send them, though we will still contact you about critical account security issues.
Third-Party Data Processors
We work with third-party service providers to operate penida. These include payment processors (for DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, and bank transfers), identity-verification services, email providers, and hosting infrastructure. We share only the specific data each processor needs to perform their function. All third-party processors are contractually obligated to protect your data and use it only for the purposes we specify. Our servers may sit outside your jurisdiction — data may be stored or processed in multiple countries.
Data Security
We encrypt all data transmitted between your device and penida servers using industry-standard TLS encryption. Stored data is encrypted at rest. We maintain firewalls, intrusion-detection systems, and regular security audits. We limit employee access to personal data to those who need it to perform their job. However, no security system is completely impenetrable — if you suspect unauthorized access to your account, change your password immediately and contact our support team.
We at penida treat your data as a trust that we protect with encryption, secure storage, and strict access controls.
Your Rights and Data Requests
You have the right to access, correct, and delete your personal data on penida. To request a copy of all data we hold about you, submit a data-access request through your account settings or contact our support team. We will provide the data within 30 days. If your data is inaccurate, you can correct it directly in your account or request our help. To request deletion, contact our support team — we will delete personal data after the applicable retention period expires, unless legal obligations require us to retain it longer.
Cookies and Tracking
We use cookies to maintain your login session, remember your preferences, and analyze how you use penida. Essential cookies are necessary for the platform to function; optional cookies help us improve the experience. You can disable non-essential cookies in your browser settings, though this may limit some functionality. We do not use cookies to track you across other websites.
Contact Us About Privacy
If you have questions about our privacy practices or want to exercise your data rights, contact our support team through your penida account. We handle privacy requests during business hours and respond within five business days. If you are accessing penida from Jakarta, Surabaya, Bandung, Medan, or Semarang, we maintain localized support channels for privacy inquiries.
This privacy notice may be updated as our platform evolves. Material changes will be communicated to you via email at least 30 days in advance. Continued use of penida after an update constitutes acceptance of the revised privacy practices.