mpoyou Privacy Policy

This page describes what we collect when you use mpoyou and how we keep that data protected. We at mpoyou take privacy seriously because our users trust us with sensitive information: email addresses, phone numbers, national ID details, and payment information tied to DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, and e-wallet accounts.

Our privacy practices align with our commitment to transparency. We do not sell user data to brokers or advertisers. We do not share your account details with unverified third parties. We encrypt sensitive information and limit access to staff who need it for account support, fraud prevention, or regulatory compliance.

Read this policy to understand what data we collect, how we use it, your rights, and how to contact us if you have questions or concerns.

What data we collect on mpoyou

We collect data in three main categories: account information, payment data, and usage logs.

Account information: When you create an mpoyou account, we collect your email address, phone number, password (hashed, never stored in plain text), and preferred username. During identity verification, we collect your full name, date of birth, national ID number (KTP, passport, or driver's licence), and a selfie. We use this data to prevent fraud, verify your age and identity, and process withdrawals accurately.

Payment data: When you deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer (mobile banking, local payment, online payment, e-wallet), we log the transaction amount, timestamp, and payment method. We do not store your full bank account number or e-wallet credentials—those remain with your bank or e-wallet provider. We retain transaction records for accounting and regulatory purposes.

Usage logs: We collect data about your mpoyou activity: which games you access, how long you play, which tables or markets you view, and which support tickets you open. We use this data to improve our platform, detect suspicious activity, and personalise your experience. We do not use this data to build marketing profiles or sell to advertisers.

Data we collect

  • Email, phone number, hashed password, preferred username
  • National ID, full name, date of birth, selfie for facial recognition
  • Deposit and withdrawal transaction records (amount, method, timestamp)
  • Game and table activity logs, support conversation history
  • Device type, browser version, IP address, cookies

How we use your data on mpoyou

We use collected data for six primary purposes: account administration, fraud prevention, regulatory compliance, platform improvement, customer support, and security.

  • 1
    Account administrationCore service

    We use your email and phone to verify your identity, send login codes, process password resets, and manage account recovery.

  • 2
    Fraud preventionSecurity

    We analyse usage patterns to detect suspicious account activity, unauthorised access attempts, and payment discrepancies.

  • 3
    Regulatory complianceLegal

    We retain transaction records and KYC documents to comply with anti-money-laundering (AML) and know-your-customer (KYC) regulations.

  • 4
    Platform improvementDevelopment

    We analyse usage logs to improve game loading speeds, identify broken features, and understand which games attract players in Jakarta, Surabaya, Bandung, Medan, Semarang, and Yogyakarta.

  • 5
    Customer supportService

    We use your account history to respond to support queries about deposits, withdrawals, game issues, and account recovery.

  • 6
    Security monitoringProtection

    We log IP addresses and device identifiers to detect account takeovers and prevent unauthorised access to mpoyou.

Our mpoyou data retention practices

We keep different categories of data for different periods. Account information (email, phone, hashed password) remains active as long as your mpoyou account exists. If you close your account, we retain minimal identifying information for regulatory purposes (typically 5–7 years) to satisfy AML compliance obligations.

Transaction records (deposits, withdrawals, game activity) are retained for 7 years to support tax reporting, dispute resolution, and regulatory audits. KYC documents (ID scans, selfies) are retained for the duration of your account plus 7 years after closure. Usage logs and analytics data are typically aggregated and anonymised after 90 days, so individual browsing patterns are not stored long-term.

If you request account deletion, we erase your email, password, and non-critical data within 30 days, but we retain transaction records and KYC documents as required by law. We will confirm deletion timelines in writing when you submit a deletion request via our support channels.

Data breach notification: If we discover unauthorised access to mpoyou accounts or personal data, we notify affected users within 72 hours via email and SMS with details of the breach and remedial steps.

Third-party processors and international transfers

We use third-party services to operate mpoyou: payment processors (e-wallet providers and banks), cloud infrastructure providers, and communication services (email and SMS). These processors handle your data only as instructed by us and under contract terms that require them to protect your privacy.

Our cloud servers may sit outside Indonesia—in Singapore, Australia, or elsewhere in Asia-Pacific—to ensure redundancy and fast loading times. When your data crosses borders, it remains encrypted in transit and at rest. We select processors in jurisdictions with privacy protections comparable to or stronger than Indonesia's.

We do not share your data with marketing agencies, data brokers, or advertisers. We share data with law enforcement or government agencies only when required by court order or legal process.

Your rights regarding mpoyou data

You have the right to access, correct, and delete your data subject to legal restrictions. You can access your mpoyou account details anytime by logging in. If you notice errors in your profile information, contact our support team via live chat, email, or WhatsApp to request corrections.

You can request deletion of your account and associated personal data. We will delete non-essential data within 30 days, but we retain transaction records and KYC documents as required by anti-money-laundering regulations. You have the right to request a copy of all personal data we hold about you; we will provide this within 14 days.

You can object to certain data processing activities (e.g., usage analytics) by emailing our privacy contact. We will honour requests unless we are legally required to retain the data for compliance purposes.

Cookies and tracking on mpoyou

We use cookies to remember your login status, language preference, and security settings. These cookies are essential for mpoyou to function and expire when you log out or close your browser. We also use analytics cookies to track aggregate usage patterns (not individual identities) to improve our platform.

You can disable non-essential cookies in your browser settings, but this may affect your mpoyou experience. We do not place third-party tracking cookies on our domain.

Contact us about privacy

If you have questions about our privacy practices on mpoyou, contact our support team:

  • Live chat: Available 8 AM–11 PM WIB, seven days a week
  • Email: Privacy queries answered within 24 hours
  • WhatsApp: Direct messaging during business hours

We review and update this privacy policy periodically. Major changes are announced via email to all mpoyou users. Your continued use of mpoyou after an update constitutes acceptance of the revised policy.

Our commitment to your privacy is non-negotiable. We operate mpoyou to serve our users, not to extract data or maximise ad revenue. When you understand how we handle your information, trust increases, and our relationship becomes more durable. That is why we prioritise transparency and responsiveness on all privacy matters.