tuna Platform Privacy Notice

This page describes what we collect when you use tuna and how we keep that data protected. We at tuna process personal information to verify your account, process payments, settle draws, and support your requests. Our privacy commitments align with Indonesian data protection standards and international best practice.

We are transparent about what data we hold, who can access it, and how long we retain it. Our tuna servers store account credentials, transaction history, and game activity in secure datacentres. Third-party payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment) handle payment details separately; we do not store full card numbers or wallet passwords on tuna servers.

Our approach balances user privacy with the compliance obligations we face. When you open an account on tuna, you agree to our data handling described here. Services are available only where local law permits; users are responsible for verifying compliance in their jurisdiction.

What Data We Collect on tuna

We collect personal data in three categories: identity information, transaction records, and activity logs. During account creation on tuna, we request your full name, date of birth, national ID number (KTP), email address, and phone number. We use this data to verify your identity, comply with Know Your Customer (KYC) rules, and contact you about account issues or promotional updates.

When you fund your tuna account or request a withdrawal, we record the amount, payment method (DANA, e-wallet, mobile banking, local payment, or bank transfer via online payment, e-wallet, mobile banking, local payment), timestamp, and your current balance. We do not store the sensitive details of your e-wallet or bank account itself—payment processors handle that separately. Our tuna system retains transaction history for seven years to meet regulatory audit requirements.

As you use tuna, our platform logs your gameplay: which markets you browse (Liga 1, Piala AFF, Champions League, esports, live-dealer tables), which games you play (Aviator, Sweet Bonanza, Dragon Tiger, Mobile Legends), how long you remain active, and your win-loss outcomes. We use this activity log to detect fraud, enforce account limits, and tailor our tuna interface to your preferences. Activity logs on tuna remain on our servers for three years; older data is deleted automatically.

Identity data: Name, KTP, date of birth, email, phone. Retained for account lifetime plus three years after closure.
Transaction data: Deposits, withdrawals, draw settlements, payment method used. Retained for seven years (regulatory requirement).
Activity logs: Markets browsed, games played, session times, win-loss records. Retained for three years, then deleted.
Device data: IP address, browser type, operating system. Retained for one year to track fraud patterns.

We also collect device and network data. When you access tuna from Jakarta, Surabaya, Bandung, or Medan, we log your IP address, browser type (Chrome, Safari, Firefox), and operating system. This device fingerprint helps our tuna team detect account takeovers, unusual login locations, or bot activity. We retain device logs for one year; older entries are purged to balance security and privacy.

How We Use Your Data and Who Can Access It

We at tuna use your data for core operational purposes: account creation, payment processing, draw settlement, customer support, and fraud prevention. We do not sell or rent your personal information to marketing agencies, advertisers, or data brokers. Our tuna team may share your name and account status with payment processors only when necessary to complete a withdrawal or dispute a transaction.

Our compliance team may review your account data if we suspect fraud, money laundering, or terms-of-service violations on tuna. In rare cases, if we detect suspicious activity (e.g., multiple rapid withdrawals to different bank accounts during Idul Fitri), we may temporarily freeze your account and request additional documentation. This freeze remains in place until our tuna compliance officer approves or denies your account. We will not share frozen-account details with external parties unless required by court order.

Third-party service providers access limited tuna data to perform necessary functions. Our payment gateway (which processes DANA, e-wallet, mobile banking, local payment, and online payment transactions) sees your transaction amount, timestamp, and account reference number—but not your full payment credentials. Our email service provider receives your email address to send account confirmations and withdrawal notifications. Our hosting provider (Amazon Web Services or Google Cloud) stores our entire database but operates under strict data-protection agreements.

Note: We at tuna do not store cookies that track you across other websites. Our tuna session cookie (which keeps you logged in) expires after 24 hours of inactivity. You may disable cookies in your browser settings; tuna will still function, but you will need to log in again each session.

Our data centres may sit outside Indonesia. We at tuna use servers in Singapore, Australia, or the United States to ensure redundancy and speed. Your personal information may therefore be processed abroad, though we maintain the same security and access controls regardless of physical location. By using tuna, you consent to this overseas data processing.

We at tuna do not share your personal data with other users, third-party game developers, or affiliate networks. Your draw history on tuna (which matches you played in Liga 1, which Dragons Tiger sessions you joined) is visible only to you and our internal support team. If you contact our customer service regarding a withdrawal or a game dispute, our tuna support agent may view your full account history to assist you—but that agent is bound by confidentiality.

Your Rights and Data Deletion

You have the right to request a copy of all data we hold on tuna. Email us at [email protected] with "Data Request" in the subject line. We will compile your account information, transaction history, and activity logs into a portable file and deliver it within 14 days. There is no charge for this service.

You may also request that we delete your tuna account and associated data. Send a deletion request to [email protected] with "Account Deletion" in the subject line. We will close your account immediately and delete activity logs and device data within 30 days. However, we at tuna must retain your identity data and transaction records for seven years to comply with anti-money-laundering regulations—even after account closure. We will not use retained data for any purpose other than regulatory audit.

If you believe we have mishandled your data or violated your privacy rights, you may lodge a complaint with the Indonesian authorities responsible for data protection. We at tuna will cooperate fully with any official inquiry. You also have the right to contact us directly; our privacy team will respond within seven business days.

1

Request your tuna dataTransparency

Email [email protected] with "Data Request" to receive all records we hold about you on tuna.
2

Correct inaccurate informationAccuracy

If your name or contact details are wrong on tuna, notify us and we will update them within two business days.
3

Request account deletion on tunaErasure

Send "Account Deletion" request to [email protected]. We will close your account and purge activity logs within 30 days.
4

File a privacy complaintRedress

If you believe we have violated your privacy, you may escalate to the Indonesian data-protection authority or contact us directly.

Security and Data Protection on tuna

We at tuna employ industry-standard encryption (TLS 1.3) to protect data in transit between your device and our servers. All tuna databases use AES-256 encryption at rest. Our servers sit behind firewalls, and only authorised personnel can access production data. We conduct annual security audits by independent firms and patch vulnerabilities within 48 hours of discovery.

However, we cannot guarantee absolute security. If we at tuna discover a data breach (e.g., unauthorised access to usernames or encrypted passwords), we will notify affected tuna users within 72 hours and provide guidance on account recovery. We will also report the breach to relevant authorities as required by law.

We at tuna have no control over third-party payment processors. When you fund tuna via e-wallet, mobile banking, local payment, or bank transfer (online payment, e-wallet, mobile banking, local payment), those providers' security policies apply to your payment credentials. Review their privacy notices separately if you have concerns.

This privacy policy was last updated in the current month. We reserve the right to modify our tuna data practices if required by law or to improve security. Material changes will be announced via email and on this page. Continued use of tuna after such updates constitutes your acceptance of the revised policy.

For privacy inquiries, contact us at [email protected]. Our tuna privacy team will respond within seven business days.