harumwin Casino & Sportsbook Data Care
This page describes what we collect when you use harumwin and how we keep that data protected. We gather information when you create an account, deposit funds, place bets, and withdraw winnings. Our data handling practices reflect regulatory requirements and our commitment to safeguarding your identity documents, payment credentials, and gaming history. All information collected on harumwin is encrypted in transit and stored securely on servers that comply with standard data-protection protocols.
We are transparent about third-party processors who handle specific functions on our behalf—payment gateways for DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, and local payment transfers; live-dealer studios that broadcast table games; and sportsbook data providers who supply game information. Each processor operates under data-protection agreements that bind them to the same confidentiality and security standards we maintain internally. This policy explains what data flows to whom and why.
We do not sell your data to marketers or data brokers. We do not share your gaming history with unaffiliated parties. We retain your transaction records indefinitely so you can audit your account activity. If you request account closure or data deletion, we honor that request subject to legal obligations (such as anti-money-laundering record retention). Our commitment is transparency: you have the right to know what we hold, why we hold it, and who can access it.
What we collect and how we use it on harumwin
Information we collect from you
We collect your email address when you create a harumwin account. We ask for a full legal name, date of birth, and contact phone number to verify your identity before deposits are accepted. For identity verification (KYC), we request a government-issued ID—national ID card, passport, or equivalent—and proof of address (utility bill or bank statement from the last three months). These documents are required by anti-money-laundering regulations; we do not collect them optionally.
We collect payment method information: the account number or wallet ID associated with your chosen deposit method (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet). We do not store your bank password or e-wallet credentials; instead, we tokenise payment references so you authorize deposits without sharing sensitive credentials directly with harumwin. When you place a bet or withdrawal request, we record the amount, the outcome (if applicable), and the timestamp. All transaction data is linked to your account and archived indefinitely.
How we use your data on harumwin
We use your email and phone number to send account notifications—deposit confirmations, withdrawal status updates, and security alerts (e.g., login from a new device or withdrawal request initiated). We use your identity documents to verify you are eligible to hold an account on harumwin and to comply with anti-money-laundering regulations. We do not use your data for marketing unless you explicitly opt in; if you do, you can opt out at any time through your account settings.
We use your transaction history to settle disputes, detect fraud, and audit your account for compliance. For example, if you report a game outcome as incorrect, we review the transaction log and live-dealer studio recording to verify what occurred. We do not use your gaming history to profile you for advertising or to sell insights to third parties. Our servers may sit outside your jurisdiction (e.g., in data centres in Southeast Asia or beyond); this is standard practice for online platforms. Data in transit between your device and our servers is encrypted using HTTPS and TLS protocols.
What harumwin collects and does not collect
- We collect: email, name, date of birth, identity documents, payment method references, transaction history
- We do not collect: passwords (except for your harumwin login), bank credentials, payment card full numbers, sensitive personal data unrelated to account operation
- We do not sell data to marketers or data brokers
- We do not profile you based on gaming activity for behavioral targeting
- We do not share gaming history with third parties outside harumwin without your explicit consent
Third parties we work with for harumwin operations
Payment processors for mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, and bank-transfer services (online payment, e-wallet, mobile banking, local payment) receive your payment method reference and transaction amount. They do not receive your full identity document or gaming history; they process only what is necessary to move funds between your account and harumwin's merchant account. All payment processors operate under strict data-protection contracts.
Live-dealer studios (e.g., Pretty Gaming) receive information that you are an active player on harumwin—your user ID and current session—but do not receive your identity documents, payment methods, or account balance. They operate the table games and stream outcomes; they do not retain copies of your identity data or transaction history beyond the session itself. Sportsbook data providers supply odds and match results; they do not receive any personal information about you, only aggregate betting volumes if we share anonymised statistics.
- KYC (Know Your Customer)
- Identity verification process harumwin requires before deposits. We collect government ID and address proof to comply with anti-money-laundering regulations.
- Tokenisation
- Process where we store a reference to your payment method instead of your actual credentials. Allows you to authorize deposits without sharing passwords or card numbers directly.
- Encryption (HTTPS/TLS)
- Protocol that scrambles data between your device and harumwin servers so eavesdroppers cannot read it in transit.
- Data processor agreement
- Contract that binds third parties (payment gateways, studios, data providers) to the same confidentiality and security standards harumwin maintains.
Your rights and our harumwin commitments
Your rights regarding harumwin data
You have the right to access what data we hold about you on harumwin. Log in to your account and navigate to the Data section; you can download a copy of all personal information we store. You have the right to correct inaccurate information—if your address or contact details change, update them through your account settings immediately. You have the right to request deletion of your account and associated data, subject to legal obligations. For example, we retain transaction records for a minimum period to comply with anti-money-laundering regulations; we cannot delete those records on request, but we can close your account and mark it inactive so no new bets are accepted.
You have the right to object to non-essential data processing. If we send you promotional emails and you do not wish to receive them, you can opt out through the Preferences section of your account or by clicking the unsubscribe link in any email from harumwin. You have the right to lodge a complaint if you believe we have mishandled your data. Our Data Protection Officer can be contacted through the contact form on harumwin; we will investigate complaints and respond within standard windows (typically within two weeks).
How harumwin protects your data
All harumwin servers use encryption at rest, meaning data stored on disk is scrambled. Access to sensitive data (identity documents, payment credentials) is restricted to authorised staff who need it for account verification, fraud detection, or dispute resolution. We use role-based access control: a customer-support agent cannot view your bank account reference; a payments team member cannot view your identity documents unless investigating a specific transaction dispute.
We conduct regular security audits and penetration testing to identify vulnerabilities. If we discover a security incident—unauthorised access, data breach, or system compromise—we notify affected account holders via email without delay and describe what occurred, what data was exposed, and what steps we are taking to remediate. We maintain incident response procedures to contain breaches, preserve evidence, and restore normal operations as quickly as possible. We do not pay ransoms or negotiate with attackers; instead, we work with law enforcement and cybersecurity professionals.
Cookies and tracking on harumwin
We use cookies and similar tracking technologies on harumwin for essential functions: maintaining your login session, remembering your language preference, and preventing fraud (e.g., detecting suspicious login patterns). These essential cookies are necessary for harumwin to operate; you cannot opt out of them without losing functionality. We also use optional cookies for analytics—understanding which pages users visit, how long they stay, and which features are popular. These analytics cookies do not identify you personally; they collect aggregate behaviour only. You can disable optional cookies through your browser settings without affecting your ability to use harumwin.
Third-party analytics providers (e.g., server logs stored on cloud platforms) may process limited information about your session—IP address, device type, pages visited—but not your identity or payment data. If you are accessing harumwin from Jakarta, Surabaya, Bandung, Medan, Semarang, or Yogyakarta, your IP address may be logged; this is standard practice for fraud detection and compliance.
Data retention and account closure on harumwin
We retain your transaction records indefinitely so you can audit your harumwin account activity at any time. Identity documents (KYC data) are retained for a minimum of five years after account closure to comply with anti-money-laundering regulations; after five years, we securely delete them. Email and contact information associated with your account are retained as long as your account is open; after closure, they are archived separately and not used for contact unless you explicitly re-engage with harumwin.
If you request to close your harumwin account, we mark it inactive and you lose access to play, deposit, or withdraw. Any balance remaining in your wallet is frozen; you can request a withdrawal before closure or forfeit it. Once your account is closed, your email cannot be used to create a new harumwin account for a minimum of 30 days. If you wish to permanently delete all data beyond the legal retention period, contact our Data Protection Officer through the contact form; we will process your request and confirm deletion once the retention period expires.
Updates to our harumwin privacy policy
We may update this policy from time to time to reflect changes in our operations or legal requirements. If we make material changes—such as expanding what data we collect or how we use it—we will notify you via email and update this page. We will not use your data in ways materially inconsistent with what you consented to at the time of collection without your explicit approval. If you disagree with policy changes, you have the right to close your account and request data deletion (subject to legal retention obligations).
Summary: Your data on harumwin
We collect only what is necessary to operate harumwin: your email, identity documents for verification, payment method references for deposits and withdrawals, and transaction history for settlement and fraud detection. We encrypt all data in transit and at rest. We do not sell your data, profile you for marketing without consent, or share your gaming history with unaffiliated parties. Third-party processors (payment gateways, studios, data providers) access only what they need for their function and operate under data-protection contracts. You have the right to access, correct, and delete your data (subject to legal retention obligations). If you have questions about how we handle your data, contact our Data Protection Officer via the contact form on harumwin.