Reference

How rajahoki Handles Your Personal Data

Your personal data — from your account registration details to every DANA, OVO, GoPay, or QRIS transaction you make — is handled under a clear, documented policy that…

Encrypted account dataDANA, OVO, GoPay, QRIS transaction records protectedData access request within 7 business daysNo third-party sale of your informationIndonesia-region data handling
rajahoki How rajahoki Handles Your Personal Data
PRIVACY CONTACT PATHS

How to Reach Our Privacy Team

If you want to access, correct, or delete the personal data we hold on your account, our privacy team is reachable through three dedicated channels. We aim to acknowledge all data-related requests within 24 hours and resolve them within 7 business days. Whether you are in Jakarta or Yogyakarta, the same response timeline applies regardless of your region.

Team online

Live Chat — Privacy Queue

Open the live chat widget in your account dashboard and select the Privacy Request option. Available 07:00–23:00 WIB, seven days a week, for account-specific data queries and deletion requests.

Email — Privacy Support

Send a written data request to our privacy email address listed in your account settings. Include your registered email and the specific data action you are requesting; we respond within 7 business days.

Account Settings — Data Centre

Log in, go to Account Settings, and select My Data. From there you can download a copy of your stored profile data or submit a deletion request without needing to contact support directly.

DATA HANDLING PRACTICES

Six Ways We Protect Your Information

Beyond the legal minimum, we have put specific operational controls in place around data storage, cookie use, account security, retention schedules, and your rights as an account holder.

End-to-End Encryption

All data exchanged between your device and our servers — including every DANA, OVO, GoPay, and QRIS payment instruction — travels over TLS 1.3 encrypted connections. Stored account records are encrypted at rest using AES-256.

Cookie Transparency

We use session cookies to keep you logged in, analytics cookies to measure page performance, and no advertising cookies from third-party ad networks. You can review and manage cookie preferences from the footer link on any page.

Account Security Layer

Two-factor authentication is available for all accounts and strongly encouraged. Login attempts from unrecognised devices trigger an email alert to your registered address before access is granted, giving you visibility of any unusual activity.

Retention Schedule

Account activity logs are kept for 12 months from the date of each event. Payment records — including QRIS and GoPay transaction IDs — are retained for 5 years in line with Indonesian financial record-keeping requirements, then securely deleted.

Third-Party Data Sharing

We share data only with payment processors (DANA, OVO, GoPay, QRIS networks) and identity verification partners required to operate your account. We do not share your data with advertising platforms or data brokers, and we require all partners to apply equivalent data protections.

Your Right to Request Changes

You may request a full export of your stored data, ask us to correct inaccurate records, or request deletion of your account data at any time through Account Settings or via our privacy email. Where local law permits, we will action all verified requests within 7 business days.

Privacy Policy — What You Need to Know

These are the questions we receive most often about how we handle personal data, what rights you hold, and how to act on them. Each answer reflects our actual operating process — not a generic legal template.

We collect your name, email address, and the payment details needed for DANA, OVO, GoPay, or QRIS transactions. We also log device identifiers and session data to keep your account secure and prevent unauthorised access.

Payment instructions travel over TLS 1.3 encrypted connections and are stored in AES-256 encrypted databases. Transaction records are retained for 5 years as required by Indonesian financial rules, then permanently deleted from our systems.

Yes. Log in, go to Account Settings, and select My Data to download your stored profile. Alternatively, email our privacy team with your registered address and we will send a full export within 7 business days.

Submit a deletion request through Account Settings under My Data, or contact our live chat privacy queue between 07:00 and 23:00 WIB. Where local law permits, we will process verified deletions within 7 business days.

We share data only with the payment networks required to process your DANA, OVO, GoPay, and QRIS transactions, and with identity verification partners. We do not sell your data or share it with advertising platforms.

We use session cookies for login continuity and analytics cookies for page performance measurement. No third-party advertising cookies are placed. You can review and update your cookie preferences using the link in our page footer.

We post an updated version of this policy whenever changes are made and note the revision date at the top of the page. For material changes affecting how we process account or payment data, we send a notification to your registered email address.