LEGAL REFERENCE

How surga898 Handles Your Account Data

This is the surga898 privacy policy — the page that tells you exactly what we collect when you open an account, what we store while you're in the...

Account dataDevice signalsPayment referencesCookiesYour rights
Browse the Lobby Read FAQ
surga898 How surga898 Handles Your Account Data

Policy Posture and Jurisdiction Notes

Our privacy practices apply where local law permits and follow the data-handling expectations relevant to supported regions in Indonesia. We collect what's needed to run your account: your sign-in details, the device you log in from, and references tied to DANA, OVO, GoPay or QRIS transactions so payment reconciliation works. We don't sell your data. We share processor-level references only with the

payment partner involved in a given transaction, and only for the duration that local rules require. You can request a copy, a correction or a deletion of your record at any point by writing to our policy desk.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

SUPPORT

Reach Our Privacy Desk

Team online

Privacy Inbox

Write to our privacy address for any data request — copy, correction, or deletion. We answer within the working week and confirm what was changed on your account record.

In-App Chat

Open the chat bubble inside your surga898 lobby and ask for the privacy team directly. Your session context is attached, which speeds up identity checks before we action a request.

Policy Updates Feed

Subscribe to the policy updates feed from your account settings. We push a short note whenever the privacy text on this page changes, with the date and the clause affected.

TRUST MARKERS

Editorial Trust Signals for This Policy

Named Owner

Our privacy clauses are owned by a named team inside surga898, not an outside vendor. Edits go through one desk, which keeps the wording on this page consistent with what's actually running in the system.

Dated Revisions

Every clause carries a revision date. When we change a retention window or a processor reference, you can see exactly when it shifted and roll back through the archive on request.

Plain Wording

We write the policy in short Indonesian-English sentences. No nested legalese, no hidden definitions buried four pages in. If a clause needs a term explained, the explanation sits next to it.

Processor List

The payment processors we share references with — for DANA, OVO, GoPay and QRIS reconciliation — are listed by name. You're not guessing who touched a transaction record tied to your account.

Retention Caps

Each data category has a cap: sign-in logs, device fingerprints, payment references and chat transcripts each expire on a stated schedule. Nothing sits in our store indefinitely without a written reason.

Request Audit

Every privacy request you file is logged with a ticket reference. You can ask for the audit trail of your own requests and we'll send the timestamps and the resolution note attached.

Consistency With Our Other Policy Pages

Terms of Service
The privacy policy and our terms share the same definitions block. A word that means one thing here means the same thing there, so you don't re-read two pages to reconcile them.
Cookie Notice
Cookie categories listed on the cookie notice match the device-signal section on this page exactly. Same names, same retention windows, same opt-out switch inside your account.
KYC Notes
Identity checks referenced in KYC pull from the same data categories described here. Nothing extra is collected during verification beyond what this policy already lists.
Payments Page
Where the payments page mentions DANA, OVO, GoPay or QRIS references, this privacy policy is the source of truth for how those references are stored and for how long.
Account Settings
Switches inside your account settings — marketing opt-in, device-history clearing, session log download — map one-to-one to the rights section of this policy.
Complaints Page
If a privacy request becomes a complaint, the complaints page picks up the same ticket number. No re-filing, no second identity check on the same matter.
Closure Flow
The account closure flow honours the deletion clause on this page. What we keep post-closure (for legal retention) is named here and nowhere else, so there's no contradiction.

What This Policy Page Shows You

Clause Anchors

Each clause has a deep-link anchor in the URL bar. Copy the link to a specific clause and send it to support — they open the same paragraph you're reading, no scrolling needed.

Revision Stamp

A revision stamp sits at the head of the page with the last-changed date. If the stamp moves, the changelog below tells you which clause was touched and why.

Plain-Language Sidebar

A plain-language sidebar runs alongside the formal text on desktop. It restates each clause in one sentence so you can skim the policy without parsing the long version.

Mobile Collapse

On phones the clauses collapse into tappable accordions grouped by topic — data we collect, data we share, your rights. Tap one, read it, move on.

Print View

A print view strips the page to clean A4 with the revision date in the footer. Useful if you want a hard copy of the version in force on the day you opened your account.

Changelog Footer

The footer lists every change made in the last twelve months with date, clause and a one-line summary. Older entries sit in the archive, linked from the same footer block.

Privacy Questions We Get Most

Your email or phone, a password hash, the device you registered from, and the e-wallet handle you nominate for DANA, OVO, GoPay or QRIS. Nothing beyond what the sign-up form shows on screen.

Only the processor handling the specific transaction sees the reference for that movement. DANA references don't reach OVO, GoPay references don't reach QRIS. Each rail is siloed, and our internal access is logged.

Sign-in logs and chat transcripts clear within ninety days of closure. Payment references are held for the retention window local rules require, then purged. The closure confirmation email lists the exact dates.

Yes. File a request from the privacy section of your account or write to the privacy inbox. We package your record as a single archive and deliver it within the working week, after an identity check.

We use session cookies to keep you signed in and analytics cookies to measure lobby performance. We don't run third-party advertising cookies on surga898. The cookie notice lists each one by name and purpose.

We post the change to the changelog footer, stamp the new revision date at the top, and send a short note to the policy updates feed. Material changes also surface as a banner inside your lobby.

Open a ticket through in-app chat or the privacy inbox. If the answer doesn't resolve it, ask for escalation — the complaints page picks up the same ticket number and routes it to a senior reviewer.