mahasepin Platform Privacy Notice

This page describes what we collect when you use mahasepin and how we keep that data protected. We collect personal information during account registration, verification, deposits, withdrawals and gameplay to verify your identity, process transactions, and comply with anti-money-laundering (AML) and Know Your Customer (KYC) regulations. We do not sell your data to third parties; we use it only for account security, fraud prevention, and service delivery.

Our mahasepin platform processes payment details from DANA, e-wallet, mobile banking, local payment, online payment, e-wallet and bank transfers (mobile banking, local payment, online payment, e-wallet). We encrypt sensitive financial data and store it securely. You have rights to access, correct and request deletion of your personal data subject to legal retention requirements. This notice covers the scope and use of all data we collect on mahasepin.

For questions about privacy or data requests, contact our support team through your mahasepin account. Detailed data processing practices are outlined below.

What We Collect on mahasepin

We collect several categories of data when you register, deposit, withdraw or play on mahasepin. Identity data includes your full legal name, date of birth, nationality and government-issued ID number (passport, national ID, or e-card). Contact data includes email address and phone number. Address data is your registered residential address. Financial data includes payment method details (e-wallet account, bank account number) and transaction history (deposits, withdrawals, game plays). Behavioural data includes your login history, game preferences, and gameplay patterns used to detect fraud and unusual account activity.

We collect this data for specific purposes: account verification (KYC compliance), transaction processing, fraud prevention, regulatory reporting, and customer support. We do not use your data for marketing without your explicit consent. We do not sell, rent or lease your data to third parties. We may share data with payment processors (DANA, e-wallet, mobile banking, local payment operators and banks) to complete transactions and with compliance officers to meet legal obligations.

Info: We encrypt all sensitive data (ID numbers, payment details) in transit and at rest. We use industry-standard SSL/TLS protocols. Your mahasepin balance is segregated in trust accounts; we do not commingle player funds with operational accounts.

How We Use Your Data on mahasepin

We use identity and address data to complete Know Your Customer (KYC) verification required by anti-money-laundering regulations. Payment method data is used only to process your deposits and withdrawals; we do not retain credit card details after transactions. We use your email and phone for account recovery, transaction confirmations and support communications. Your gameplay data is analysed to detect fraud patterns, account takeover attempts, and collusion. We retain transaction logs to respond to disputes and maintain audit trails for compliance.

Data Retention and Deletion on mahasepin

We retain your account data while your mahasepin account is active. After account closure, we retain identity documents and transaction records for a minimum of five years to comply with regulatory requirements. We do not delete data before that retention period ends. After the retention period, data is securely deleted unless legal obligation requires continued storage. You may request data deletion before the retention period ends, but we may be unable to grant it if deletion would breach regulatory requirements. You can request a data subject access report showing all data we hold about you; we will respond within 30 days.

1

Collection on mahasepinRegistration onwards

Identity, contact, financial and behavioural data collected during registration, KYC, deposits and gameplay.
2

Use and protectionOngoing

Data used for verification, transaction processing, fraud detection and compliance. Encrypted in transit and at rest.
3

Retention5+ years

Data retained for regulatory compliance after account closure. Deletion requests considered subject to legal requirements.
4

Your rightsRequest anytime

Access, correct or request deletion of your data. Contact support via your mahasepin account for data subject requests.

Cookies, Third Parties and Jurisdiction on mahasepin

We use cookies on mahasepin to remember your login session, track your language preference, and analyse usage patterns. Cookies are small files stored on your device; they contain no personal data beyond your session ID. You can disable cookies in your browser settings, but some mahasepin features may not work without them. We do not use third-party cookies for advertising or tracking; all our cookies are first-party only.

We use third-party payment processors to handle deposits and withdrawals. These processors—DANA, e-wallet, mobile banking, local payment, online payment, e-wallet operators, and banks mobile banking, local payment, online payment, e-wallet—receive only the payment details necessary to complete your transaction. We do not share your full identity data with payment providers unless required for fraud prevention. Payment processors have their own privacy policies; we recommend reviewing them.

Our mahasepin servers may be located outside your jurisdiction.

Data processing may occur in multiple countries. By using mahasepin, you consent to your data being processed and stored internationally where necessary for service delivery and compliance.

Data Security and Breach Notification on mahasepin

We implement industry-standard security measures to protect your data from unauthorized access, alteration or disclosure. These include encryption, firewalls, access controls and regular security audits. All mahasepin staff have signed confidentiality agreements. We conduct background checks on all employees with access to personal data. If a data breach occurs, we will notify affected users and relevant authorities as required by law within 30 days of discovery.

Your Data Rights on mahasepin

You have the right to access all data we hold about you. Submit a data subject access request through your mahasepin account support channel; we will provide a copy within 30 days. You have the right to correct inaccurate data—update your profile directly in your account settings or contact support. You have the right to request deletion of non-essential data subject to regulatory retention requirements (identity and transaction data must be kept for five years minimum). You have the right to data portability—we can provide your data in machine-readable format upon request. You have the right to object to processing of your data for marketing purposes (which we do not do without consent anyway). To exercise these rights, contact our support team through your mahasepin account.

Policy Updates

We may update this privacy notice from time to time. Material changes will be communicated to you via email or in-app notification. Your continued use of mahasepin after changes are posted constitutes acceptance of the updated policy. We will not reduce your rights without explicit consent.

We at mahasepin take data protection seriously. Our goal is transparent collection, secure storage, and responsible use of your information. We do not monetise your data; we protect it. For privacy questions, contact our support team. For data subject access requests, use the request form in your mahasepin account settings. For jurisdictional concerns or legal matters related to privacy, see our terms of use for escalation channels. We respond to all data requests and privacy inquiries within 30 days.

Service Jurisdiction and Legal Framework

Service availability

We at mahasepin offer our platform only in jurisdictions where local law permits online gaming and sportsbook services. We do not operate in jurisdictions where online gaming is prohibited or restricted by statute. Service availability varies by region; mahasepin may be accessible in some areas and restricted in others based on local regulation. We determine jurisdiction eligibility based on the user's IP address and registered location. If we detect that your location is in a jurisdiction where mahasepin is not available, we will restrict or terminate your access. We do not provide service in jurisdictions where we cannot operate legally; this is a principle we maintain across all markets. Users from Jakarta, Surabaya, Bandung, Medan and other supported regions can access mahasepin where applicable law permits. We comply with regulatory requirements in each jurisdiction where we operate, including Liga 1, Piala AFF, Champions League betting markets and all other product categories. Service availability may change if local law changes; we will notify users of any restrictions affecting their region. Users accessing mahasepin from an unsupported jurisdiction do so at their own legal risk.

Account eligibility

To open an account on mahasepin, you must meet eligibility requirements set by applicable law in your jurisdiction. We do not impose a single global age requirement; instead, we defer to the legal requirements of each user's location. During account creation and verification, we collect age and identity information to confirm you meet local eligibility standards. We verify this information through government-issued ID documents. If you cannot provide valid proof of eligibility or if we determine you do not meet the requirements of your jurisdiction, we reserve the right to refuse or close your account. Account eligibility also requires that you have the legal capacity to enter into binding agreements and to engage in online gaming under your local law. You represent and warrant at all times that you meet these requirements. We conduct periodic eligibility reviews; if an account is found to be ineligible, we will close it and return remaining funds to your registered payment method. Ineligible accounts will not be reinstated. If you are uncertain whether you meet eligibility requirements in your location, we recommend consulting independent legal counsel before opening a mahasepin account.

Local-law responsibility

Users of mahasepin are solely responsible for determining whether access and use of our platform comply with the laws and regulations of their own jurisdiction. We do not provide legal advice; we do not warrant that mahasepin is legal or compliant in any particular location. Before creating an account, depositing funds, or placing any bet on Liga 1, Piala AFF, Champions League or other sports and games offered on mahasepin, you must independently verify the legal status of online gaming and betting in your region. Laws vary significantly across jurisdictions and change without notice. Users uncertain about legal status should not access mahasepin and should seek independent legal counsel. We are not liable for any legal consequences, fines, or penalties resulting from your access or use of mahasepin in violation of local law. We also do not accept liability for changes in local law that may render mahasepin illegal in your jurisdiction; in such cases, we will terminate service and return your funds. By continuing to use mahasepin, you acknowledge that you have verified compliance with your jurisdiction's requirements and accept full responsibility for any breach of local law.

Data and privacy scope

mahasepin collects personal and financial data during account registration, verification and gameplay to comply with Know Your Customer (KYC) and anti-money-laundering (AML) requirements applicable in the jurisdictions where we operate. Data collected includes your name, date of birth, address, government-issued ID number, phone number, email and payment method details. We use this data solely for account verification, transaction processing, fraud prevention, compliance and account security. We do not sell, rent or lease user data to third parties. Our complete data practices are outlined in our privacy notice above, which covers data retention, security measures, your access rights and deletion procedures. We encrypt sensitive data in transit and at rest using industry-standard SSL/TLS protocols. You have the right to request access to your data, correct inaccuracies, request deletion subject to legal retention requirements (minimum five years), and obtain a copy of your data in portable format. We comply with applicable data protection regulations in the jurisdictions where we operate. Data breaches are reported to affected users and relevant authorities within 30 days as required by law. For detailed privacy practices and to submit data subject requests, use the support channel in your mahasepin account.

Contact for legal inquiries

If you have legal, compliance or regulatory questions about mahasepin, contact our legal team through the support channel in your mahasepin account. You may also email us with subject line "Legal Inquiry" using the contact address provided in your account settings. We will respond to legal inquiries within 5 business days. For urgent compliance or regulatory matters, escalate your inquiry through account support; it will be routed to our compliance department immediately. We maintain a dedicated compliance team to review user concerns about jurisdiction, eligibility, data practices and regulatory compliance. Responses to legal inquiries are provided for informational purposes only and do not constitute legal advice. If you require legal counsel, we recommend consulting an independent attorney licensed in your jurisdiction. Disputes arising from our privacy practices or your use of mahasepin may be subject to binding arbitration or other dispute-resolution mechanisms permitted by your local law. For data subject access requests specifically, use the data request form in your mahasepin account settings; these are processed separately from general support inquiries and have a 30-day response window.