Reference

How gaco88 Protects Your Personal Data

Your account data — from registration details to transaction records across DANA, OVO, GoPay and QRIS — is handled under a clear, documented privacy framework we maintain for…

Encrypted account storageDANA, OVO, GoPay & QRIS data handled separatelyData access requests answered within 7 business daysNo data sold to third partiesRetention periods clearly defined
gaco88 How gaco88 Protects Your Personal Data
PRIVACY CONTACT PATHS

How to Reach Us About Your Data

If you have a question about how your personal data is used, want to request a copy of the information we hold, or need to correct something on file, our support team…

Live Chat Available 24/7 directly on the gaco88 site. Start a chat session from any page and select 'Account & Privacy' from the topic menu for data-related queries. Responses arrive within minutes.
Email Privacy Request Send your full account data request or correction notice to our privacy email. We acknowledge within 24 hours and complete the request within 7 business days as required by our data retention policy.
WhatsApp Support Reach our team via WhatsApp for privacy questions in Bahasa Indonesia or English. Available daily from 08:00 to 24:00 WIB. Share your registered email so we can locate your account record quickly.
DATA HANDLING STANDARDS

How We Keep Your Account Information Secure

Security around your data is not a feature we added later — it is part of how the account system was built.

Encryption at Rest and in Transit

All account data is encrypted using AES-256 at rest and TLS 1.3 in transit. This applies to every record — registration details, DANA deposit logs and session identifiers — without exception across all server environments.

Cookie Usage and Controls

We use session cookies to keep you logged in and analytics cookies to understand which pages load slowest on mobile. You can review and decline non-essential cookies from the cookie settings panel without losing access to your account.

Account Access Verification

Suspicious login attempts from unrecognised devices trigger an immediate email alert to your registered address. We ask you to verify the session before it proceeds, so unauthorised access is blocked at the point of entry.

Data Retention Periods

Transaction records are kept for five years to satisfy financial reporting requirements where local law requires it. Account profile data is deleted within 30 days of a verified account closure request, unless a legal hold applies.

Third-Party Data Sharing Limits

We share data with payment processors such as the networks behind DANA, OVO and GoPay only to complete your transaction. We do not supply personal data to marketing partners, data brokers or advertising platforms under any circumstances.

Your Right to Request Changes

You may request a full copy of the data we hold, ask us to correct inaccuracies, or request deletion of non-essential records at any time. Submit your request through live chat or email and we will action it within 7 business days.

Frequently Asked Questions About Our Privacy Policy

The questions below are ones we receive most often from account holders in Indonesia about how their personal data is collected, stored and managed. If your question is not covered here, our 24/7 live chat team can give you a direct answer tied to your specific account.

We collect your full name, email address, phone number and date of birth at registration. When you make a deposit via DANA, OVO, GoPay or QRIS, the transaction amount and timestamp are also recorded. We do not store full payment credentials after a transaction is completed.

Your payment data is passed only to the payment processor handling your specific transaction — for example, the DANA or OVO network — and only to complete that transaction. We do not share financial data with advertisers, analytics companies or any other third party.

Profile data is deleted within 30 days of a verified account closure. Transaction records are retained for five years where local law requires financial record-keeping. After that period, they are permanently removed from our active systems.

Yes. Send a data access request through our privacy email or live chat, quoting your registered email address. We will compile and deliver a complete record of the data we hold within 7 business days of verifying your identity.

Contact our support team via 24/7 live chat or email with the specific correction or deletion you need. We verify your identity first, then process the change within 7 business days. Deletion of transaction records may be limited where local law requires retention.

We use essential session cookies to keep your account active and optional analytics cookies to improve page performance. You can turn off non-essential cookies from the cookie settings panel on our site at any time without affecting your account login or deposit functions.

If we detect a breach that affects your personal data, we notify you by email within 72 hours of confirming the incident. We describe what data was involved, what steps we have taken, and what actions you should take to protect your account immediately.