LEGAL REFERENCE

How purislot Handles Your Account Data

This is the privacy policy page for purislot. We've written it for Indonesia readers who want a plain account of what we store, why we store it, and...

Policy v3.2Indonesia scopePlain-EnglishAccount dataUpdated quarterly
Account access Read FAQ
purislot How purislot Handles Your Account Data

Scope, Lawful Basis and Your Rights

Our privacy posture follows Indonesia's PDP framework and the wider rules that apply where local law permits us to operate. We process your name, contact handle, device fingerprint and wallet reference under contract necessity — meaning we need them to open your account and route a DANA, OVO, GoPay or QRIS movement back to you. Marketing consent is separate and you can

withdraw it from your account panel at any time. We retain transactional records for the period our supported regions require, then anonymise them. You have access, correction, deletion and portability rights, and we respond to written requests within thirty days. Children under eighteen are out of scope and any account flagged as underage is closed immediately.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

SUPPORT

Privacy Contact Paths

Three ways to reach the team that actually handles privacy requests at purislot. Use whichever channel fits the request — deletion, correction...

Data Protection Inbox Email our DPO team directly for access, correction...
In-App Privacy Panel Open your account settings and head to the...
Live Chat Escalation Start with live chat in the lobby and...
TRUST MARKERS

Why This Policy is Reviewed

Editorial trust signals that show how our privacy policy is maintained, not just published once and forgotten.

Quarterly Legal Review

Our policy text is re-read every quarter by counsel familiar with Indonesia's data rules. Any change to retention windows or processor lists is dated at the top of this page so you can see the diff.

Named DPO

A real person owns privacy at purislot, not a shared mailbox. The DPO signs off on every processor we add and reviews complaints before they become formal regulator escalations from your side.

Processor Register

We keep a living list of every third party that touches your account data — payment routers for DANA, OVO, GoPay and QRIS, hosting, analytics. You can request the current register in writing.

Breach Window

If a breach affects your account, we commit to notifying you within seventy-two hours of confirmed detection, along with the scope, the data classes involved and the remediation steps we've already taken.

Encryption at Rest

Account credentials and wallet references sit behind layered encryption. Internal access is role-gated and logged, so even our own engineers cannot read your data without a recorded business reason.

Indonesia-Anchored

Policy decisions are made with Indonesia readers in mind first — language, payment context, regulator expectations. We don't reuse a generic global template that ignores how DANA or QRIS actually move.

Consistency With Our Other Policy Pages

How this privacy policy lines up with the cookie, terms and account-closure pages elsewhere on purislot.

DefinitionsThe terms 'account data', 'wallet reference' and 'session log' carry the same meaning here as in our cookie notice and terms — one glossary across every policy page.
Retention WindowsRetention periods quoted here match what the terms page commits to. If we shorten a window, both pages are updated in the same release so you never see conflicting numbers.
Contact RouteThe privacy inbox listed above is the same address our terms and account-closure pages point to. One door for every formal written request you send us.
Jurisdiction WordingWhere this policy says 'supported regions' or 'where local law permits', the terms page uses identical phrasing. We avoid creative rewording that could be read as a different commitment.
Consent ModelMarketing consent toggles described here are the same toggles documented on the cookie page, so switching one off in your panel reflects everywhere consistently.
Update CadenceAll policy pages share a quarterly review cycle. When privacy changes, cookie and terms are checked in the same pass to keep cross-references accurate.
Version StampEach policy page carries a version number and date at the top. Matching versions across pages mean they were reviewed together, not patched in isolation.
PLATFORM SNAPSHOT

What This Policy Page Actually Shows You

The visible elements that define the layout of this privacy page — so you know where to look for what.

01
Versioned Header The top of the page carries the policy version and the date of last review. If you bookmarked an older version, the stamp tells you immediately whether the wording has moved on since.
02
Plain-Language Body Every clause is written once in plain English before any legal phrasing, so you can skim the policy in two minutes without a dictionary or a lawyer sitting beside you.
03
Rights Checklist A clear block lists your access, correction, deletion and portability rights with the channel for each. No buried footnotes — the actions sit where you can find them.
04
Processor Context We name the categories of processors that touch your data, including the payment routers behind DANA, OVO, GoPay and QRIS, so the data flow isn't a black box on your side.
05
Contact Block The DPO contact route is repeated near the foot of the page. You shouldn't have to scroll back up to find where to write when you've finished reading a clause.
06
FAQ Anchor Common privacy questions are answered inline below. The anchor links jump straight to the answer so you can share a specific clause with someone else.

Privacy Questions We Hear Often

We hold your name, contact handle, device fingerprint, wallet reference and session logs. That set is the minimum we need to open your account, route a DANA or OVO movement, and keep your sign-in secure across devices.

Open the privacy tab in your account panel and trigger closure, or write to our DPO inbox. We confirm receipt the same day and complete erasure within thirty days, keeping only records the law requires us to retain.

Primary storage sits with hosting partners we've vetted for Indonesia data handling. Backup copies are encrypted and held in supported regions where local law permits the transfer. The processor register names each location on request.

Only the minimum needed to settle a movement. DANA, OVO, GoPay and QRIS each receive the wallet reference and amount. They do not receive your gameplay history or any data unrelated to that single transaction.

Open your account panel, head to the privacy tab and toggle marketing consent off. The change applies immediately across email and push, and we keep a timestamped record so the choice persists if you sign in elsewhere.

Session logs are held for ninety days for security review, then automatically purged. Transactional records tied to DANA, OVO, GoPay or QRIS movements follow the longer retention our supported regions require for financial recordkeeping.

We update the version stamp at the top and email account holders when a material clause shifts. The previous version stays available on request for thirty days so you can compare the wording yourself.