gemuPrivacy Policy
This page describes what we collect when you use gemu and how we keep that data protected. We at gemu take your privacy seriously. When you open an account, deposit via DANA, e-wallet, mobile banking, or another payment method, or place a wager on Liga 1 fixtures or live-dealer tables, we collect certain information. This policy explains what we collect, why we collect it, who has access to it, and what rights you have over your data.
Our servers are located outside Indonesia; your data may be processed in jurisdictions with different privacy laws. We use industry-standard encryption to protect your information in transit and at rest. We do not sell your data to third parties. We share data only with payment processors, anti-fraud services, and legal authorities when required by law.
Our services are available only where local law permits. Users are responsible for verifying that their access and use comply with their own jurisdiction's law.
What Data We Collect
We collect data in three categories: account information, transaction data, and behavioural data.
Account Information
When you register on gemu, we collect your email address, phone number, and a password. During account verification (required before your first withdrawal), we collect your full name, national ID number (KTP), date of birth, and proof of address. We store this information securely and use it only to verify your identity and comply with anti-money-laundering regulations.
Transaction Data
We record every deposit, withdrawal, and wager on gemu. For deposits, we log the payment method (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment), amount, timestamp, and settlement status. For withdrawals, we record the destination account, amount, and processing time. For wagers, we log the game type (Liga 1 match, live-dealer table, slot game, esports market), bet amount, odds, and outcome. This data is retained for seven years to comply with financial regulations.
Behavioural Data
We collect information about how you use gemu. This includes your login times, which games you play, how long you spend on each product, and which payment methods you prefer. We use this data to improve our platform, detect fraud, and personalise your experience. We do not use this data to target you with advertising or sell it to third parties.
How We Use Your Data
We use your data for the following purposes:
- Account management: We use your email and phone to send account notifications, password resets, and security alerts.
- Payment processing: We share your payment details with our payment processors (e.g., online payment, e-wallet, mobile banking) only to complete deposits and withdrawals. We do not store your full card or bank details on our servers.
- Fraud detection: We analyse your transaction patterns to detect unusual activity. If we flag a transaction as suspicious, we may ask you to verify your identity before processing it.
- Legal compliance: We retain transaction records to comply with anti-money-laundering and counter-terrorism-financing regulations. We may share data with government authorities if legally required.
- Platform improvement: We use behavioural data to understand which games are popular, which payment methods are preferred, and where our interface can be improved.
Third-Party Processors
We work with third-party service providers to operate gemu. These include:
- Payment processors: local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment. We share only the information necessary to complete your transaction.
- Fraud-detection services: We use third-party tools to analyse transaction patterns and detect fraud. These services may see your transaction history but not your personal identity.
- Cloud hosting providers: Our servers are hosted by a third-party cloud provider. Your data is encrypted; the provider cannot read it without our encryption keys.
- Customer support platforms: Our support team uses a ticketing system to manage inquiries. Your support messages are stored on this system and visible only to our support staff.
All third-party processors are contractually obligated to protect your data and use it only for the purposes we specify. We do not permit them to sell your data or use it for their own marketing.
Cookies and Tracking
We use cookies to keep you logged in and to remember your preferences (e.g., your preferred payment method, your language setting). These cookies are stored on your device and expire after 30 days of inactivity. We do not use cookies to track you across other websites or to build a profile of your browsing habits outside gemu.
We do not use third-party analytics tools (e.g., Google Analytics) on gemu. We track user behaviour only within our own platform to improve our service. If you disable cookies in your browser, gemu will still work, but you will need to log in each time you visit.
We at gemu do not track you across the internet. Your data stays on gemu and is used only to operate our platform and comply with law.
Your Rights
You have the right to access, correct, and delete your personal data. To exercise these rights, contact our support team via chat on gemu or email us at the address provided in the Legal Notice. We will respond within 30 days.
You can request a copy of all data we hold about you. We will provide this in a machine-readable format (e.g., CSV) within 30 days. You can also request deletion of your account and all associated data. Once deleted, your account cannot be recovered, but we will retain transaction records for seven years as required by law.
You have the right to object to our use of your data for fraud detection or platform improvement. However, we cannot delete transaction data or account information required for legal compliance. If you object to fraud detection, we may restrict your account or require additional verification for future transactions.
Data Security
We protect your data using industry-standard encryption (TLS 1.2 or higher) for data in transit and AES-256 encryption for data at rest. Our servers are protected by firewalls and intrusion-detection systems. We conduct regular security audits and penetration testing to identify vulnerabilities. Our staff access your data only when necessary and are bound by confidentiality agreements.
Despite our security measures, no system is completely secure. If we discover a data breach, we will notify you within 72 hours and explain what data was compromised and what steps we are taking to remediate it. We will also notify relevant authorities as required by law.
International Data Transfers
Our servers are located outside Indonesia. When you use gemu, your data is transferred to and processed in these jurisdictions. These jurisdictions may have different privacy laws than Indonesia. By using gemu, you consent to this transfer. We ensure that your data receives the same level of protection regardless of where it is processed, through encryption and contractual safeguards.
Changes to This Policy
We may update this privacy policy from time to time. If we make material changes, we will notify you via email and display a notice on gemu. Your continued use of gemu after such changes constitutes your acceptance of the updated policy. We encourage you to review this policy periodically to stay informed about how we protect your data.
Contact gemu
If you have questions about this privacy policy or how we handle your data, contact our support team via chat on gemu. For formal inquiries or data-access requests, email us at the address provided in our Legal Notice. We will respond within 30 days.
We at gemu are committed to protecting your privacy and operating transparently. Your trust is essential to us, and we take that responsibility seriously.