darma Privacy Policy

This page describes what we collect when you use darma and how we keep that data protected. We collect personal information—email, national ID, proof of address—to verify your identity and comply with anti-fraud and anti-money-laundering rules. We also collect transaction data (deposits, withdrawals, game activity) to manage your account and settle your bets.

We do not sell your data to third parties. We share information only with payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment), fraud-detection services, and legal authorities when required by law. Our servers may sit outside your jurisdiction; data transfers are encrypted during transit and at rest.

We keep this policy transparent so you understand exactly what we collect, how we use it, and your rights to access and delete your information.

What Information We Collect on darma

Account Registration Data

When you register on darma, we collect your email address and create a password-protected account. We require you to answer security questions so you can recover your account if you forget your password. We store this information encrypted in our database. We do not share email addresses or passwords with any third party.

Identity and Address Verification

To unlock deposits and withdrawals, we require identity verification. You submit a scan of your national ID (or passport) and proof of address (utility bill, rental agreement, or similar). We store these documents in encrypted, access-controlled folders. We do not publicly display your ID number, address, or any personally identifiable information from these documents. We retain these documents for the duration of your account plus seven years, per anti-money-laundering regulations.

We never request sensitive documents via email or chat

If a message claiming to be from darma asks you to share ID scans or photos via email, it is fraudulent. Always upload documents directly through your account dashboard in the Verification section. Report suspicious requests to our support team immediately.

Transaction and Activity Data

We collect every transaction: deposits via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank virtual accounts (mobile banking, local payment, online payment, e-wallet); withdrawals; game stakes; and game results. We store this data to manage your account balance, settle bets, prevent fraud, and comply with tax and regulatory obligations. We log timestamps, amounts, payment method names (not full card numbers or account numbers), and your account balance before and after each transaction. You can review your complete transaction history anytime in your account dashboard under "Statements" or "Game Logs."

Device and Usage Data

We collect limited technical data: your IP address, device type (mobile or desktop), browser type, and pages visited. We use this data to detect fraud, prevent unauthorized account access, and improve website performance. We do not sell this data to advertisers. If you log in from a new device or IP address, we may ask you to verify your identity via email before allowing withdrawals.

How We Use Your Data and Your Rights

Our Use of Your Information

We use your data for the following purposes:

  • Account management: We verify your identity, manage your balance, and settle your bets.
  • Payment processing: We share transaction details with DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, and bank processors (mobile banking, local payment, online payment, e-wallet) to complete deposits and withdrawals.
  • Fraud prevention: We analyze patterns to detect unauthorized access, duplicate accounts, and suspicious activity.
  • Legal compliance: We retain transaction records and ID documents per anti-money-laundering and tax regulations. We report suspicious activity to financial authorities if required.
  • Platform improvement: We analyze usage patterns to improve game performance and user experience.

Third-Party Data Sharing

We share your data only when necessary:

  • Payment processors: mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, and local payment receive transaction data to process deposits and withdrawals. These processors have their own privacy policies.
  • Fraud detection services: We use third-party fraud-detection tools to analyze IP addresses and detect account abuse. These services receive your IP address and transaction patterns but not your ID documents.
  • Legal authorities: We disclose account information, transaction history, and ID documents to government agencies, tax authorities, or law enforcement if required by court order or legal process.

We at darma keep your personal data encrypted, limit sharing to payment processors and fraud detection, and comply with data-protection laws in supported jurisdictions.

darma privacy commitment

Your Rights and Data Requests

You have the right to access your data, correct inaccuracies, and request deletion of certain information. To exercise these rights, contact our support team via email or your account dashboard. We typically respond within 14 days. Note: we may retain some data longer if required by law (e.g., transaction records for seven years per anti-money-laundering rules). We will not delete your account if you have outstanding balances or unresolved disputes.

Cookies and Tracking

We use cookies to keep you logged in and remember your preferences (language, theme). These are session cookies (deleted when you log out) and persistent cookies (lasting up to one year). We do not use tracking pixels or third-party analytics cookies that follow you across other websites. If you disable cookies in your browser, you may not be able to log into your darma account.

Data Security

We encrypt your data in transit using TLS (Transport Layer Security) and at rest using AES-256 encryption. Our servers are in secure, access-controlled data centres. We limit data access to authorized staff only. We conduct regular security audits and penetration testing. However, no system is completely secure; we cannot guarantee absolute protection. If we discover a data breach affecting your account, we will notify you via email within 30 days and guide you through recovery steps.

Data Protection Measures
  • Encryption in transit and at rest
  • Access limited to authorized staff
  • Regular security audits
  • Breach notification within 30 days
Limitations
  • Servers may sit outside your jurisdiction
  • Data shared with payment processors and authorities
  • Transaction records retained for seven years minimum
  • No absolute security guarantee possible

International Data Transfers

Our servers may sit outside your country. When you use darma from Jakarta, Surabaya, Bandung, or Medan, your data may be transmitted to and stored in other jurisdictions. By creating an account, you consent to these transfers. We encrypt data during transmission to protect it from interception.

Policy Changes

We may update this privacy policy from time to time. If we make material changes (e.g., we start sharing data with new third parties), we will notify you via email and update the "last modified" date on this page. Continued use of darma after changes means you accept the new policy.

Contact darma

If you have questions about this privacy policy, requests to access or delete your data, or concerns about data security, contact our support team. Use the support portal in your account dashboard or email us directly. We respond to privacy requests within 14 days. We take data protection seriously and are committed to transparency about how we collect, use, and secure your information on darma.