daduku Privacy Policy

This page describes what data we collect when you use daduku and how we keep that data protected. We collect personal information during account registration, identity verification, payment processing, and your use of our platform to bet on Liga 1 fixtures, play live baccarat, access slots, or withdraw funds via DANA, e-wallet, mobile banking, or bank transfer.

We at daduku treat your privacy seriously. We encrypt all data in transit, restrict staff access to verified business purposes only, and comply with data-protection standards applicable to our operating jurisdictions. We do not sell your personal information to third parties for marketing. We do share data with payment processors, fraud-detection services, and regulatory authorities only where required by law.

Our privacy practices may change as our platform evolves or as laws change. We notify account holders of material updates via email or account notification. Continued use of daduku after notification constitutes acceptance of updated privacy terms.

What data we collect on daduku

Registration and account creation

When you create a daduku account, we collect your legal name, date of birth, national ID number (for Indonesian users, your KTP), residential address, phone number, and email address. We use this information to verify your identity, determine your eligibility under applicable law, and establish your account.

We do not collect sensitive personal data (health, religious affiliation, political views) unless you volunteer it. We do not sell or transfer this data to unrelated third parties.

Identity verification data

Before your first withdrawal from daduku, we conduct identity verification (KYC). You submit photographs of your government-issued ID, a recent utility bill or official address document, and a selfie holding your ID for facial recognition. We process these documents through our verification team and may retain digital copies for regulatory compliance and fraud prevention.

We store verification documents in encrypted form on secure servers. Documents are accessible only to our compliance team and are retained for the duration of your account plus a regulatory retention period (typically 5–7 years for anti-money-laundering compliance).

Note: We use automated facial recognition to match your selfie against your ID photo. This process is governed by our facial recognition privacy notice, which you accept when you submit verification documents.

Payment and transaction data

We collect payment information when you deposit or withdraw funds on daduku. This includes your bank account number or wallet identifier (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or direct bank account for mobile banking, local payment, online payment, e-wallet), transaction amount, timestamp, and payment status. We do not store your full bank card details; payment processors handle card encryption and tokenisation.

We retain transaction records for regulatory compliance (AML reporting, tax authorities, law enforcement) and dispute resolution. Transaction history is visible in your daduku account dashboard.

Betting and gaming activity

We collect data on every bet, wager, and game session. For Liga 1 betting, we record your bet slip (teams, odds, stake, settlement outcome). For live baccarat, we log your table session, bet amounts, and game outcomes. For slots (Aviator, Sweet Bonanza, Gates of Olympus), we record your spins, payouts, and bonus triggers. We use this data to settle your account, detect fraud, and generate your transaction statement.

Your betting data is retained on daduku for the lifetime of your account plus a regulatory retention period. We do not share individual bet data with third parties except where required by law enforcement or regulatory authorities.

Device and usage data

We collect technical information when you access daduku: your IP address, device type, operating system, browser type, and pages visited. We use cookies and similar tracking technologies to remember your login, language preference, and betting history. We do not track you across unrelated websites.

Our servers may sit outside Indonesia; your data may be transferred to and processed in other jurisdictions. We implement standard security practices (SSL encryption, secure password hashing, intrusion detection) regardless of server location.

Cookies on daduku: We use session cookies (deleted when you log out) and persistent cookies (for remembering your preferences). You can disable cookies in your browser settings, but some daduku features may not function properly without them.

How we use and protect your data

Data usage and third-party processors

We use your data to verify your identity, process deposits and withdrawals, settle bets, detect fraud, and comply with anti-money-laundering regulations. We share data with third-party processors for specific purposes: payment providers (for transaction processing), fraud-detection services (for account security), and verification vendors (for KYC automation). All third parties sign confidentiality agreements and may only use your data for stated purposes.

We do not use your data for marketing purposes without your explicit consent. You may opt out of promotional email by clicking "Unsubscribe" in any email we send or by managing your notification preferences in your daduku account settings.

Data security on daduku

We encrypt all personal data in transit (HTTPS/TLS) and at rest (AES-256 or equivalent). We restrict staff access to verified business purposes; most employees do not have access to customer data. We conduct regular security audits and penetration testing. We maintain a data-breach response plan and will notify affected users within 72 hours of discovering a breach affecting personal data.

However, we cannot guarantee absolute security. Transmission over the internet carries inherent risk. We recommend using a strong, unique password for your daduku account and enabling two-factor authentication if available.

Your rights regarding your data

You have the right to access, correct, and request deletion of your personal data subject to legal and regulatory constraints. To exercise these rights, contact daduku support via your account dashboard and select "Data Access Request". We process such requests within 30 days. Some data must be retained for regulatory compliance, fraud prevention, and dispute resolution; we will explain retention reasons if we cannot fully delete your data.

You also have the right to lodge a complaint with a data-protection authority in your jurisdiction if you believe we have mishandled your data. We cooperate fully with regulatory investigations.

Data retention and deletion

We retain personal data for as long as your account remains active plus a regulatory retention period (typically 5–7 years). After account closure, we retain transaction records, verification documents, and betting history for compliance with financial-reporting regulations and potential dispute resolution. We do not retain device logs, cookies, or non-essential operational data beyond their functional purpose.

If you request permanent deletion of your account and data, we delete non-regulated data (device logs, cookies, preferences). However, we retain transaction history, verification documents, and betting records as required by applicable law.

International data transfers

Our daduku servers may be located outside Indonesia. Your personal data may be transferred to, stored in, and processed in jurisdictions outside your country of residence. We implement standard contractual clauses and data-protection agreements to ensure your data receives equivalent protection regardless of server location. By using daduku, you consent to such transfers.

Your data protection rights on daduku
  • Access your personal data and account activity
  • Request correction of inaccurate information
  • Request deletion subject to legal retention
  • Lodge complaints with data-protection authorities
Data we do not collect
  • Sensitive personal data (health, religion, politics)
  • Full payment card numbers (only tokenised references)
  • Tracking across unrelated websites or apps

Contact for privacy inquiries

For questions about our privacy practices, data access requests, or complaints, contact daduku via your account dashboard. Select "Privacy / Data Request" and describe your inquiry. Our data protection team responds within 14 days during standard business hours (Monday–Friday, 08:00–18:00 Jakarta time, excluding Idul Fitri, Idul Adha, Imlek, and other Indonesian national holidays).

For urgent data-protection matters (suspected breach, unauthorised access, data misuse), mark your inquiry "URGENT: PRIVACY BREACH" and we will escalate to senior management for immediate review.

If you believe we have violated your privacy rights or applicable data-protection law, you may lodge a complaint with your local data-protection authority or regulatory body. We cooperate fully with any investigation conducted by government authorities. Our terms and conditions contain our dispute resolution procedures and jurisdiction-specific legal information.

daduku data protection team
Privacy policy maintainer

We design our privacy practices to balance user protection with operational transparency. Your data security is foundational to our service—we invest in encryption, compliance audits, and staff training to maintain trust across our daduku community.

Legal and jurisdiction framework

Expand for detailed service availability, eligibility, and compliance information

Service availability

We at daduku offer our platform and services (betting, gaming, account management, withdrawals) only in jurisdictions where local and national law permits online gaming and wagering. Our service is not globally available; instead, we conduct regulatory compliance assessments for each region we serve and do not operate where doing so would violate applicable statute or regulation. The legal status of online gaming varies significantly across countries, states, provinces, and municipalities. What is permitted in one region may be prohibited in another, and regulations change frequently. We do not publish a formal list of approved or prohibited jurisdictions because legal interpretation varies and our compliance posture evolves with changing regulations. Instead, we implement geolocation verification, user attestation, and ongoing compliance monitoring to reduce access from restricted territories. Our systems use IP geolocation and user-supplied location data to identify users accessing daduku from unsupported regions. Users who gain access to daduku from unsupported jurisdictions do so at their own risk; daduku assumes no liability for access from prohibited regions and may suspend or terminate such accounts without prior notice. We cooperate fully with regulatory authorities in all jurisdictions where we operate or where users attempt to access us. If you are uncertain whether online gaming is legally permitted in your jurisdiction, we recommend consulting local legal counsel before creating a daduku account or depositing funds. Our compliance team is available to discuss jurisdictional questions during standard business hours.

Account eligibility

We at daduku require that account holders meet the legal minimum age and eligibility requirements established by the laws of their jurisdiction. We do not impose a single fixed age threshold globally because legal gaming ages vary by region—some permit gaming at age 16, others at 18, others at 21 or higher. During account registration, you confirm that you meet your jurisdiction's applicable minimum age for online gaming. We perform identity verification using government-issued ID and supporting documentation to confirm users meet stated eligibility criteria. Users who misrepresent their age or eligibility face account termination and immediate fund forfeiture with no refund. Our verification process is mandatory before first withdrawal; unverified accounts on daduku may deposit and play but cannot withdraw funds. We do not provide account controls, account preferences, or "Game Rules" mandatory features as standard account safeguards. Such features vary by jurisdiction and are not universally required by law. Users concerned about their gaming activity may contact daduku support to discuss case-by-case account management options, but we do not enforce such restrictions automatically. Where required by law in specific jurisdictions, we maintain compliance with state-mandated exclusion registries and implement required safeguards. Your eligibility status may change if you relocate to a restricted jurisdiction; you are responsible for notifying daduku immediately of jurisdiction changes. Continued access from a newly prohibited jurisdiction may result in account suspension and potential legal consequences.

Local-law responsibility

We at daduku emphasise that each user bears sole responsibility for ensuring their access to and use of our platform comply with the laws and regulations of their own jurisdiction. Online gaming regulations vary significantly by location and change frequently. Legality in one jurisdiction does not guarantee legality elsewhere. Daduku does not provide legal advice and cannot assess the lawfulness of our services in your specific location. Before opening an account, depositing funds, or placing wagers on daduku, you must independently verify that online gaming and wagering are legally permitted under the laws applicable to your residence. This responsibility applies whether your jurisdiction explicitly criminalises access to foreign gaming platforms, remains silent on the matter, or operates in a regulatory grey area. By creating a daduku account and depositing funds, you affirm that you have conducted this legal verification and that your use of daduku complies with applicable law in your jurisdiction. We operate on the assumption that users have taken this responsibility seriously and do not monitor or police user jurisdiction compliance. If you become aware that your jurisdiction has prohibited or restricted online gaming after opening a daduku account, notify us immediately. We will assist with account closure and fund withdrawal in compliance with applicable law. Daduku assumes no liability for legal consequences—fines, criminal charges, civil penalties—arising from user access to our platform from jurisdictions where such access is prohibited by law.

Data and privacy scope

We at daduku collect and process personal data necessary for account creation, identity verification, payment processing, compliance with financial regulations, and fraud prevention. This data includes your legal name, date of birth, national ID number (KTP for Indonesian users), residential address, phone number, email address, banking information, and device identifiers. We collect additional data during identity verification—copies of ID documents, address proofs, and facial recognition photos. We use this data to verify eligibility, prevent fraud, process deposits and withdrawals, comply with anti-money-laundering (AML) and know-your-customer (KYC) regulations, and respond to regulatory inquiries. Your personal data on daduku is stored on secure servers in encrypted form and accessed only by personnel requiring it for legitimate business purposes. We do not share your data with third parties except as required by law (regulatory reporting, law-enforcement requests, court orders) or as necessary for payment processing, fraud prevention, and customer support. Our full data-handling practices, including retention periods, deletion rights, and international data transfers, are detailed in this comprehensive privacy policy. By using daduku, you consent to collection and processing of your data as described. You have rights to access, correct, and request deletion of your personal data subject to legal and regulatory retention requirements. Requests should be submitted via your daduku account dashboard or by contacting our support team; we process such requests within 30 days where legally permissible. Some data must be retained for regulatory compliance and fraud prevention even after account closure.

Contact for legal inquiries

We at daduku maintain multiple channels for users to contact our legal and data-protection team regarding questions, complaints, or disputes. For most inquiries, use the "Help" section in your daduku account dashboard. Select "Privacy / Legal" from the inquiry category and describe your question or complaint. Our support team is available during standard Indonesian business hours (Monday–Friday, 08:00–18:00 Jakarta time, excluding national holidays). Response times typically range from 24 to 72 hours during business days. For urgent data-protection matters (account suspension, suspected breach, unauthorised access), mark your inquiry "URGENT: DATA PROTECTION" and we will escalate to senior management for priority handling. Out-of-hours urgent inquiries are acknowledged within 48 hours. We do not provide real-time legal advice but will direct you to appropriate resources or escalate your matter if it requires specialised review. Legal and privacy inquiries are treated confidentially and documented for audit and regulatory purposes. If you believe daduku has violated applicable law or your privacy rights, you may file a formal complaint with your local data-protection authority or regulatory body; we cooperate fully with any official investigation. For specific data-access or deletion requests, mark your subject line "DATA REQUEST"; these are routed to our data protection officer and processed within 30 days. All legal and privacy matters are handled transparently and in accordance with applicable law and regulation.