sultanasiaPrivacy Policy

This page describes what we collect when you use sultanasia and how we keep that data protected. Our privacy practices centre on encrypted storage, restricted access, and transparent disclosure of how we share information with payment processors and regulatory authorities. When you register an account, make deposits via DANA, e-wallet, mobile banking, or local payment, or play our sportsbook and live-dealer games, we collect only the information necessary to deliver our service and comply with law.

We do not sell your personal data to marketers or advertisers. We do not track your behaviour outside sultanasia for advertising purposes. We do share account verification details and transaction records with our licensed payment partners to process deposits and withdrawals, and we may disclose information to regulatory bodies if required by law in your jurisdiction. This policy explains what we collect, how we use it, and what rights you have over your data.

What Data We Collect on sultanasia

We collect your email address, password, and basic registration information when you create an account. We ask for your full name, date of birth, phone number, and residential address so we can conduct Know-Your-Customer (KYC) verification and comply with anti-money-laundering regulations. We also request identity documents (national ID, passport, or driving licence) and address proof (utility bill or government correspondence) during the verification process.

When you make a deposit, we collect the payment method you select, the amount transferred, and a transaction reference. Your payment provider (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or your bank—mobile banking, local payment, online payment, e-wallet) handles the actual payment credentials; we never store your wallet password or bank login details. We record the timestamp, settlement status, and any fees charged by the payment provider.

As you use sultanasia, we log your gaming activity—which games you play, bet amounts, outcomes, and timestamps. We also record your IP address, device type (Android, iOS, browser), and approximate location based on your IP geolocation. This helps us detect fraudulent access, identify account compromise, and comply with jurisdiction restrictions. If you contact our support team, we keep records of your inquiry, our response, and any account actions taken as a result.

How We Use Your Data

We use your registration information to create and manage your account, verify your identity, and comply with regulatory obligations. Your KYC documents are retained for at least five years (or as required by law) to demonstrate compliance with anti-money-laundering frameworks in supported jurisdictions including Jakarta, Surabaya, Bandung, Medan, and Semarang.

We use your payment information to process deposits and withdrawals, prevent fraud, and detect suspicious patterns—for example, multiple rapid withdrawals or deposits from different payment methods in quick succession. We use your gaming history to calculate cashback and tier progression, ensure you meet bonus playthrough requirements, and investigate player disputes about account balance discrepancies.

We use your IP address and device information to detect unauthorized account access, prevent multi-accounting (where one person operates multiple accounts), and enforce jurisdiction restrictions. If your IP location indicates you are in a region where our service is not available, we may suspend your account pending verification.

Cookies and tracking: We use session cookies to keep you logged in and functional cookies to remember your preferences. We do not use tracking cookies for advertising. Your browser settings control whether third-party cookies are accepted; we recommend disabling them if you wish to limit external tracking.

Third-Party Data Processors

We share your data with licensed payment processors to execute deposits and withdrawals. When you deposit via mobile banking, local payment, online payment, or e-wallet, those payment providers receive your name, phone number, and transaction amount. When you request a bank transfer to mobile banking, local payment, online payment, or e-wallet, your account number and name are shared with your bank for settlement.

We use encrypted email services to send you account confirmations, password-reset links, and bonus notifications. Our email provider does not retain your messages beyond delivery; we store copies in our own systems for record-keeping.

We may engage customer support contractors to handle inquiries via email or in-app chat. These contractors sign non-disclosure agreements and access only the information necessary to assist you. We do not outsource verification, compliance, or financial processing to third parties; those functions remain in-house.

We may be compelled to disclose your account information to government authorities, law enforcement, or regulatory bodies if required by court order, subpoena, or legal obligation in supported jurisdictions. We will not voluntarily disclose your data to third parties except as described in this policy.

How Long We Keep Your Data

We retain your registration information and KYC documents for at least five years after account closure, as required by anti-money-laundering regulations. We keep transaction records (deposits, withdrawals, game outcomes) for at least seven years to comply with financial record-keeping obligations.

We retain your account activity logs and IP records for one year. If you request account deletion, we anonymize personal identifiers (name, email, phone number) but retain anonymized transaction data for compliance and fraud prevention purposes.

Your data rights on sultanasia

  • You can request a copy of all data we hold about you via the account settings or support contact
  • You can update your name, email, phone, and address in your account settings at any time
  • You can request deletion of your account and personal data, subject to compliance retention requirements
  • You can disable cookies in your browser settings; functional cookies cannot be disabled without breaking login
  • You can contact us to report data breaches or privacy concerns

How We Protect Your Data

We store all personal data on encrypted servers located in compliance-approved data centres. Data in transit between your device and our servers uses TLS 1.2 or higher encryption. Access to personal data is restricted to authorized employees who require it for account support, verification, or fraud detection.

We conduct regular security audits and penetration testing to identify vulnerabilities. We maintain encrypted backups of all account data stored separately from production systems. In the unlikely event of a data breach, we will notify affected users via email without undue delay and describe the scope and remedial steps taken.

You share responsibility for protecting your account. We recommend using a strong, unique password; enabling two-factor authentication; and logging out after each session, especially on shared devices. If you suspect unauthorized access, change your password immediately and contact our support team.

Jurisdiction and Contact Information

Our servers may sit outside your jurisdiction; by using sultanasia, you consent to your data being processed and stored in locations we designate for operational efficiency and compliance. This policy is governed by the laws of the jurisdictions where we operate and where you access our service.

If you have questions about this privacy policy, wish to request a copy of your data, or want to report a privacy concern, contact us via the email address or in-app support channel listed in your account dashboard. We aim to respond to data-access requests within thirty days and privacy complaints within seven business days.

Policy Updates and Transparency

We may update this privacy policy to reflect changes in our data practices, legal requirements, or operational needs. Major changes will be communicated via email to your registered address. Continued use of sultanasia after a policy update signifies your acceptance of the updated terms.

Our commitment to privacy remains constant: we collect only necessary data, protect it with encryption, limit access strictly, and disclose it only where required by law or to deliver our service. Whether you access our platform from Jakarta, Surabaya, or any other supported region, your data is treated with the same security and confidentiality standards.