LEGAL REFERENCE

How bbm88 Handles Your Account Data

This is the bbm88 privacy policy — the document that tells you exactly what we collect when you open an account, how we store it, and who can...

Plain-English clausesIndonesia-awareAccount-level scopeUpdated regularlyReader-first
See the Lobby Read FAQ
bbm88 How bbm88 Handles Your Account Data

Our Privacy Posture & Jurisdiction Notes

We collect the minimum we need to keep your account secure: your registration details, device fingerprint, session logs and payment references tied to DANA, OVO, GoPay or QRIS transactions. We process this data where local law permits and only inside supported regions. We do not sell your information to third parties. Marketing channels stay opt-in, and you can withdraw consent from your

account panel at any time. Where Indonesian regulation requires record retention, we hold transaction metadata for the statutory window and then archive it under encryption. If you close your account, identifying fields are scrubbed after the retention period closes, leaving only anonymised aggregates for audit.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

PLAYER SUPPORT

Privacy Contact Paths

Data Requests Inbox Email our privacy desk when you want a copy of the data tied to your bbm88 account, a correction to a field, or a full deletion once your balance sits at zero and pending bets have cleared.
Live Chat Privacy Queue The chat widget routes privacy questions to a separate queue so account agents don't see your request. Use it for consent changes, marketing opt-outs, or quick clarifications on a specific clause in this policy.
Escalation Channel If a privacy response from us doesn't resolve your concern, ask for escalation. A senior reviewer re-reads the case and replies within five working days with a written outcome and the next steps you can take.
PLATFORM TRUST SIGNALS

How We Keep This Policy Honest

Named Reviewers

Each revision of this policy is signed off by a named compliance lead before it goes live. You can ask support for the reviewer's role and the date the clause you're reading was last touched.

Version History

We keep a dated version log of every privacy policy change. When wording shifts, we tell you what moved and why, instead of silently swapping paragraphs in the background and hoping nobody notices.

Encryption At Rest

Account fields, payment references and verification documents sit behind encryption at rest. Access is logged per-staff, per-record, so we can trace who opened your file and when, if a question ever arises.

Vendor Scrutiny

Third-party processors that touch your data — fraud screening, payment routing, analytics — are listed by category in this policy. We review each vendor's posture annually and drop ones that fall short.

Data Minimisation

We don't ask for fields we don't need. If a form has grown over time, we audit it and trim. Less stored data means less risk for you and a smaller surface for us to defend.

Reader-First Wording

Legal teams draft, but editors rewrite. The version you read here is the editor's pass — clear sentences, no buried clauses, no surprise consent tucked into a sub-bullet on page nine.

Consistency Across Our Policy Pages

ScopeThis privacy policy aligns with our terms of service and cookie notice — same definitions, same retention windows, same contact points, so you don't get conflicting answers across pages.
TonePlain English throughout. Where a legal term is unavoidable we define it inline rather than linking out to a separate glossary you'd have to keep open in another tab.
Update CadencePrivacy, terms and cookie pages refresh on the same review cycle. When one moves, the others are checked the same week to keep cross-references accurate and dated correctly.
Contact RoutesThe privacy inbox, support chat and escalation path on this page match what's listed on the terms and cookie pages. One set of channels, no guessing which form to use.
Retention LogicRetention windows quoted here match those in our terms. If statutory rules change, both pages update together so you never see a 12-month figure on one and 24 on another.
Consent ModelMarketing consent is opt-in across every policy page. The toggles in your account panel reflect the exact categories named here, with no hidden defaults flipped on after sign-up.
JurisdictionEvery policy page references the same wording — supported regions, where local law permits — so the Indonesia framing stays consistent whether you're reading privacy, terms or the cookie notice.
QUICK SIGNAL

What This Policy Page Shows You

01
Clause Index A short index at the top of each section lets you jump to retention, consent, vendors or contact paths without scrolling through unrelated clauses. We've kept it visible on mobile so you can navigate one-handed.
02
Last-Updated Stamp Every section carries the date of its most recent edit. If a clause hasn't moved in a year, you'll see that too — transparency cuts both ways and stale wording deserves to be flagged.
03
Defined Terms Inline Words like processor, controller and retention window are defined right where they appear. No pop-up glossary, no footnotes — the definition sits next to the sentence that needs it.
04
Account Panel Links Where a clause maps to a setting you control — marketing opt-in, data export, deletion request — we link straight to that panel so you can act on what you've just read.
05
Reader Feedback Box At the foot of the page, a short feedback box asks whether the clause you just read made sense. Comments route to the editor, not support, so wording fixes get logged.
06
Mobile-First Layout The whole policy renders cleanly on phone screens — collapsible sections, large tap targets, no horizontal scroll. We expect most of you to read this on the device you signed up with.

Privacy Policy — Common Questions

We collect your name, contact details, date of birth, device fingerprint and the payment reference tied to your chosen channel — DANA, OVO, GoPay or QRIS. Nothing beyond what your account and verification need to function.

Transaction metadata is held for the statutory retention window Indonesian regulation requires. After that, identifying fields are scrubbed and only anonymised aggregates remain for audit purposes. Your closure request triggers the countdown automatically.

Yes. Email the privacy inbox from the address tied to your account. We return a structured export covering registration fields, session history and payment references within the working-day window stated in the response notice.

We share with payment processors, fraud-screening vendors and analytics providers strictly for the function each performs. We do not sell data. Vendor categories are listed in the details section above so you know who touches what.

Open your account panel, head to communication preferences, and toggle off the channels you don't want. Changes apply immediately. Transactional messages — security alerts, payment confirmations — stay on because they're tied to account safety, not marketing.

We post the revised version with a dated change log explaining what moved and why. Material changes trigger an in-account notice the next time you sign in, so you see the update before continuing to use the lobby.

Ask for escalation through chat or email. A senior reviewer re-reads the case independently and replies within five working days with a written outcome, the reasoning behind it, and the next steps available to you.