grd138Privacy Policy

This page describes what we collect when you use grd138 and how we keep that data protected. We at grd138 take data security seriously: every piece of personal information—from your email to your payment details—is encrypted, stored in secure facilities, and never shared without your consent or legal requirement. Our privacy practices comply with data protection standards applicable to our service region.

When you access grd138, we collect information necessary to verify your identity, process your deposits and withdrawals, detect fraud, and improve our platform. This includes your email address, government-issued ID, proof of address, payment method details, and your activity history on our live-dealer tables, sportsbook, and slot games. We explain below exactly what we collect, why, and how long we retain it.

You have rights over your data: you can request a copy of what we hold, ask us to correct errors, or request deletion (subject to legal retention requirements). Contact us anytime via our support page to exercise these rights. Our privacy commitments apply across all grd138 services in Jakarta, Surabaya, Bandung, Medan, Semarang, and other supported regions.

What Data We Collect on grd138

We collect the minimum data necessary to operate grd138 securely and compliantly. When you register, we collect your email address and password. We verify your email by sending a confirmation link; you must click it within 24 hours. This confirms that the email address is valid and under your control.

Before you can withdraw funds, we require identity verification (KYC). We ask you to upload a government-issued ID such as a passport, national identity card, or driver's license. We also request proof of address—a utility bill, bank statement, or government document dated within 3 months showing your residential address. We use this information to comply with anti-money-laundering regulations and to prevent account fraud.

When you deposit funds on grd138, we collect payment method details. If you use DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or direct bank transfer via mobile banking, local payment, online payment, or e-wallet, we store your transaction history showing date, amount, and payment provider. We do not store full credit card or bank account numbers; payment processors handle sensitive financial data directly.

As you play on grd138, we log your activity: which games you access, your bets, your results, your balance changes. This data is stored for audit and dispute resolution purposes. We also collect technical information: your device type, browser, IP address, and approximate location (country or region level, not street address). This helps us detect fraud, prevent duplicate accounts, and understand platform usage patterns.

Note: We collect no data from your device beyond what you explicitly provide or what is necessary to operate grd138. We do not access your contacts, photos, location history, or other apps.

If you contact our support team, we log your inquiry, our response, and any attachments you send. This information is retained for 2 years to handle follow-up questions and to improve our support processes.

How We Use and Share Your Data on grd138

We use your data to operate grd138 and fulfill our obligations to you. Specifically: we verify your identity and eligibility to use our platform; we process your deposits and withdrawals; we settle your bets and calculate your balance; we detect and prevent fraud, money laundering, and account abuse; and we respond to your support requests and legal inquiries.

We may share your data with third parties only when necessary: payment processors (to process deposits and withdrawals), identity verification partners (to confirm your ID and address), and regulatory authorities (if required by law). Payment processors such as mobile banking, local payment, online payment, and e-wallet have their own privacy policies; we encourage you to review them.

Our servers may be located outside your jurisdiction. If you are in Indonesia, your data may be processed in data centers in Southeast Asia, Europe, or North America. By using grd138, you consent to this international data transfer. We use encryption (TLS/SSL) to protect data in transit and at rest.

We encrypt all communications on grd138 using industry-standard protocols. Your password is hashed and salted; we never store it in plain text. Only you can access your account.

grd138 security team

We do not sell your personal data to advertisers or marketing companies. We use your email address only to send account notifications (verification links, withdrawal confirmations, support responses). You can opt out of promotional emails anytime from your account settings.

Data Retention, Cookies, and Your Rights on grd138

We retain your account data for as long as your account is active plus 5 years after closure (to comply with anti-money-laundering regulations). Shorter-term data is deleted automatically: temporary login tokens expire after subject to verification, session cookies after 24 hours. Payment transaction records are retained for 7 years as required by financial regulations.

grd138 uses cookies to recognize you when you log in and to remember your preferences (language, table limits). These are session cookies (deleted when you close your browser) and persistent cookies (stored for up to 1 year). Cookies contain no sensitive data—only your session ID and preferences. You can disable cookies in your browser, but this may prevent you from using some grd138 features.

We also use analytics tools to understand how players interact with grd138—which games are most popular, which payment methods are preferred, which regions see peak activity during Liga 1 or Piala AFF tournaments. This data is anonymized and helps us improve our platform.

1

Request a copy of your dataRight 1

Contact support and ask for a data export. We provide your personal information in a portable format within 14 days.
2

Correct or update your informationRight 2

If your address or contact details change, update them in your account settings. We correct data within 5 business days.
3

Request deletion of your accountRight 3

Close your account anytime from settings. Personal data is deleted after legal retention periods expire (typically 5 years).

We take data breaches seriously. If we discover unauthorized access to grd138 accounts or payment data, we notify affected users within 48 hours and work with payment providers and authorities to investigate. We maintain cyber liability insurance and conduct annual security audits.

Our privacy policy may change as we improve grd138. We notify you of material changes via email and require your acceptance before they take effect. Minor clarifications are updated without notice.

For privacy questions or to exercise your data rights, contact our data protection team via supportWe respond within 5 business days. If you are unsatisfied with our response, you may lodge a complaint with your regional data protection authority.