gemmaPrivacy Policy

This page describes what we collect when you use gemma and how we keep that data protected. We take your privacy seriously—we do not sell your information to third parties, and we limit data collection to what is necessary to operate our platform, process payments, and comply with law.

Our privacy practices apply to all users of gemma, whether you access us via our mobile app, iOS Web, or desktop browser. We collect data across Jakarta, Surabaya, Bandung, Medan, Semarang, and other regions where our service operates. This policy explains your rights and our obligations under applicable data-protection law.

If you have questions about how we handle your data, contact our support team. We respond to privacy inquiries within five business days.

What data we collect on gemma

We collect data in three categories: account information, transaction data, and behavioral data.

Account information: When you open a gemma account, we collect your email, phone number, and identity documents (KTP or passport). We use this to verify your identity and prevent fraud. We also store your chosen password (encrypted) and any profile details you provide.

Transaction data: We record every deposit, withdrawal, and game activity on gemma. This includes the payment method you used (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet), the amount, the timestamp, and the outcome. We retain this data for accounting, dispute resolution, and regulatory compliance.

Behavioral data: We log your login times, game selections, session duration, and device information (operating system, browser type, IP address). We use this to detect fraud, optimize platform performance, and understand usage patterns. We do not track your location beyond what your IP address reveals.

Identity documents: We collect and store government-issued ID to verify your identity before allowing withdrawals on gemma.
Payment method data: We store your linked payment methods (mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment) to process deposits and withdrawals.
Session logs: We record login times, game activity, and device details to detect fraud and optimize gemma performance.

How we use your data on gemma

We use the data we collect on gemma for the following purposes:

Account management: Verify your identity, process deposits and withdrawals, and manage your account settings.
Payment processing: Transmit your payment information to online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, and e-wallet to complete transactions.
Fraud prevention: Detect suspicious activity, prevent account takeover, and investigate disputes.
Platform optimization: Analyze usage patterns to improve gemma's performance, fix bugs, and enhance user experience.
Legal compliance: Comply with anti-money-laundering (AML) regulations, tax reporting, and other legal obligations.
Customer support: Respond to your inquiries and resolve issues with your gemma account.

We do not use your data for marketing purposes without your explicit consent. We do not sell your information to third parties. We do not share your identity documents with anyone except payment processors and legal authorities when required by law.

Third-party processors and data sharing on gemma

We share your data with third parties only when necessary to operate gemma:

Payment processors: We transmit your payment method and transaction details to mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, and local payment to process deposits and withdrawals. These companies have their own privacy policies; we recommend reviewing them.

Identity verification services: We use third-party services to verify your identity documents. These services receive your KTP or passport data and cross-reference it against government records.

Legal authorities: We may disclose your data to law enforcement, tax authorities, or regulators if required by law or court order. We will notify you of such disclosure unless legally prohibited.

Our servers may sit outside your jurisdiction

We store gemma data on servers located in multiple regions. Your data may be processed outside Indonesia. By using gemma, you consent to this cross-border data transfer.

Data retention on gemma

We retain your data for as long as your gemma account is active, plus a retention period after closure. Account information (email, phone, identity documents) is retained for seven years to comply with financial regulations. Transaction logs are retained for five years for dispute resolution and audit purposes. Behavioral logs (login times, session data) are retained for one year.

If you request account deletion, we will remove your personal information from active systems within 30 days. However, we may retain anonymized or aggregated data for analytics and legal compliance.

Your rights regarding your data on gemma

You have the following rights regarding your data on gemma:

Access: You can request a copy of all data we hold about you. Contact our support team and we will provide it within 14 days.
Correction: If your data is inaccurate, you can request correction. We will update it within five business days.
Deletion: You can request deletion of your account and associated data. We will comply within 30 days, subject to legal retention requirements.
Portability: You can request your data in a portable format (CSV or JSON). We will provide it within 14 days.
Objection: You can object to certain data processing. We will review your objection and respond within 14 days.

Cookies and tracking on gemma

We use cookies on gemma to maintain your login session, remember your preferences, and analyze platform usage. Cookies are small files stored on your device. You can disable cookies in your browser settings, but this may affect gemma functionality.

We use analytics cookies to understand how users interact with gemma—which games are popular, which payment methods are preferred, and where users encounter issues. We do not use this data to track you across other websites.

Security measures on gemma

We protect your data on gemma using industry-standard encryption, firewalls, and access controls. All data transmitted between your device and our servers is encrypted using TLS 1.2 or higher. We conduct regular security audits and penetration testing to identify vulnerabilities.

However, no security system is perfect. If we discover a data breach affecting gemma, we will notify affected users within 72 hours and provide guidance on protective steps.

Changes to our privacy policy on gemma

We may update this privacy policy periodically to reflect changes in law, technology, or our practices. We will notify you of material changes via email or in-app notice. Continued use of gemma after an update constitutes acceptance of the new policy.

Contact us about privacy on gemma

If you have questions about our privacy practices, wish to exercise your rights, or want to report a data breach, contact our support team. We respond to privacy inquiries within five business days. You can also file a complaint with your local data-protection authority if you believe we have violated your rights.

Our commitment on gemma is to handle your data transparently, securely, and only for legitimate purposes. We respect your privacy and will continue to improve our practices as technology and law evolve.