sumeru Platform Privacy Notice

This page describes what we collect when you use sumeru and how we keep that data protected. We at sumeru collect personal information—email, phone, verified identity documents—to open your account, process deposits and withdrawals, and comply with anti-money-laundering law. We do not sell your data, and we do not share it with marketers or data brokers. Your information is encrypted and stored on secure servers.

Our privacy commitments apply to users in all supported jurisdictions: Jakarta, Surabaya, Bandung, Medan, Semarang, and elsewhere where our services are available. If you access sumeru via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer, your payment data passes through secure, encrypted channels. We outline exactly how that works below.

We update this privacy notice periodically to reflect changes in our data practices or regulatory requirements. Your use of sumeru signifies that you accept our privacy policy as written on this page.

What Data We Collect on sumeru

When you register on sumeru, we collect your email address, phone number, and a chosen password. We then request Know Your Customer (KYC) documents: a government-issued ID, proof of residential address (utility bill or bank statement), and a selfie with your ID visible. We use this information to verify your identity, prevent fraud, and comply with anti-money-laundering regulations.

Once your account is verified, we collect transaction data—every deposit, withdrawal, bet, hand, spin, and result. We log the time, amount, game type, and outcome. This data is retained for audit purposes and dispute resolution. We also collect metadata: your IP address, browser type, and device information. This helps us detect suspicious activity and protect your account from unauthorized access.

When you contact our support team on sumeru, we retain chat transcripts and email records. These are kept to resolve disputes and improve our service. We do not use support interactions for marketing purposes.

Payment Data: We do not store your full credit card or bank account numbers. When you deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet, your payment processor handles that transaction. We receive only a confirmation that funds arrived. Your payment details never touch our servers.

How We Use Your Data on sumeru

We use your data for the following purposes:

  • Account creation and verification: We verify your identity to prevent account takeover and fraud.
  • Transaction processing: We process deposits and withdrawals using your verified payment details.
  • Regulatory compliance: We maintain records to comply with anti-money-laundering (AML) and know-your-customer (KYC) regulations applicable in your jurisdiction.
  • Dispute resolution: We pull transaction logs to settle disagreements about outcomes or payouts.
  • Security and fraud prevention: We analyze transaction patterns to detect and block suspicious activity.
  • Service improvement: We use anonymized usage data to improve sumeru—fixing bugs, adding features, optimizing performance.

We do not use your data for targeted advertising, automated decision-making about your account, or sharing with third parties without your explicit consent.

Third-Party Processors and Data Sharing

We work with third-party service providers who process data on our behalf. These include payment processors (to handle mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, and bank transfers), server hosting providers (our servers may sit outside Indonesia), and KYC verification vendors (who confirm your identity documents). Each processor signs a data processing agreement committing them to confidentiality and security.

We may disclose your data if required by law—for example, if a court orders us to share information with law enforcement, or if a regulatory body requests records. We will notify you of such a request unless we are legally prohibited from doing so. We never share your data with marketers, data brokers, or third parties for their own commercial purposes.

Your Privacy Rights on sumeru

Data Access and Correction

You have the right to request a copy of all data we hold about you on sumeru. Contact our support team with "data access request" in the subject line. We provide your data in a standard format within 30 days. If any information is inaccurate, you can request a correction, and we will update your record.

Data Retention

We retain your account data, transaction history, and support records for as long as your sumeru account is active. After account closure, we retain records for seven years to comply with legal and regulatory requirements. After that period, we delete or anonymize your data. Transaction logs are kept for audit purposes and dispute resolution for the same seven-year window.

Cookies and Tracking

Our website on sumeru uses cookies to maintain your session, remember your preferences, and measure site usage. These are functional and analytical cookies, not tracking cookies designed for advertising. You can disable cookies in your browser settings, but this may limit sumeru functionality. We do not use third-party tracking pixels or cross-site cookies.

Your privacy on sumeru is protected by encryption, access controls, and a commitment to use your data only for the purposes we disclose.

sumeru privacy team

Data Breach Notification

If we discover a data breach affecting your sumeru account, we will notify you by email within 72 hours of discovery. We will describe what data was exposed, what steps we took to secure it, and what steps you should take to protect yourself.

Contact and Complaints

If you have questions about our privacy practices on sumeru, contact our support team. If you believe we have violated your privacy rights, you can lodge a formal complaint. We investigate complaints within 30 days and provide a written response. In supported jurisdictions, you may also contact the relevant data protection authority.

International Data Transfers

Our servers may be located outside Indonesia. When we transfer your data across borders, we apply encryption and contractual safeguards to protect it. We comply with applicable data protection laws in your jurisdiction. If you are unsure whether your data may be transferred internationally, contact our support team before opening a sumeru account.

Summary

We at sumeru collect only the data necessary to operate our platform, process transactions, and comply with law. We encrypt that data, store it securely, and share it only with trusted service providers or as required by legal authorities. You have the right to access, correct, and request deletion of your data. We do not sell your information, and we do not use it for marketing purposes unrelated to sumeru.

If this privacy notice changes, we notify you by email at least 14 days before the change takes effect. Your continued use of sumeru after that period means you accept the updated notice.

Related pages

Legal
Terms of Use
5-min read
Legal
Legal Notice
3-min read
Support
Frequently Asked Questions
6-min read