yyrtPrivacy Policy

This page describes what we collect when you use yyrt and how we keep that data protected. We at yyrt understand that your personal information is sensitive. When you create an account, deposit funds via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer, or withdraw winnings, you share details with us that you trust us to handle responsibly. We take that trust seriously and follow strict protocols to encrypt, secure, and limit access to your data.

Our approach is to collect only what we need to operate our platform, verify your identity, process your payments, and comply with legal obligations. We do not sell your data to marketers. We do not share your email or phone number with third parties for advertising purposes. We do not use your account information to profile you beyond what is necessary to prevent fraud and money laundering.

Below, we explain what data we collect, how we use it, how long we keep it, and what rights you have over your information.

What data we collect on yyrt

When you register for a yyrt account, we ask for your full name, email address, phone number, date of birth, and residential address. We collect this information to verify your identity and comply with anti-money-laundering regulations. We also use your email and phone number to send account notifications, transaction receipts, and support messages.

When you deposit funds via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or a bank virtual account, we record the payment method, amount, date, and time. We verify that your e-wallet or bank account holder name matches your registered yyrt profile. This prevents fraud and ensures that all deposits come from verified sources. Our payment processors (the companies that handle mobile banking, local payment, and other e-wallet integrations) also collect data on their end; their privacy policies govern that data.

When you wager on Liga 1 matches, Piala Indonesia fixtures, live blackjack tables, slot games, or esports events, we record your bets, outcomes, and wallet balance updates. We use this data to calculate your account balance accurately and to detect unusual patterns that might indicate fraud or account compromise. We also collect technical data: your device type, operating system, browser, IP address, and timestamps of your activities. This helps us troubleshoot technical issues and monitor for security threats.

How we use your data

We use your data to operate yyrt and provide our services. Your name and address are used during account verification and when we process withdrawals. Your email and phone are used to send transaction confirmations, security alerts, and support responses. Your payment method information is used solely to process deposits and withdrawals; we do not store your full e-wallet or bank account credentials on our servers.

We use your gaming activity data to calculate your account balance, detect fraud, and comply with anti-money-laundering regulations. If we notice unusual patterns—such as rapid deposits and withdrawals, sudden large bets from a new account, or login attempts from different countries within minutes—we flag your account for review. Our compliance team investigates and may ask you for additional information before clearing your account to withdraw funds.

We use your technical data to improve yyrt's security and performance. We analyse traffic patterns to identify and block distributed denial-of-service (DDoS) attacks. We use device fingerprinting to detect account takeovers. We monitor IP addresses to prevent access from regions where we do not operate (e.g., countries where online gaming is prohibited).

Third parties that access your data

We at yyrt work with third-party processors who handle specific functions. Our payment processors (online payment, e-wallet, mobile banking, local payment, online payment, and our bank partners e-wallet, mobile banking, local payment, online payment) access your e-wallet or bank account holder name to verify deposits and initiate withdrawals. These companies have their own privacy policies; we recommend reviewing them if you want to understand how they handle your data.

We also work with anti-fraud vendors who analyse transactions to detect suspicious activity. These vendors may store anonymised versions of your transaction data to improve their fraud detection models. We work with customer support software providers who store your support messages and email communications. We may also work with legal counsel, compliance consultants, or auditors who access your data if required by law or for regulatory investigations.

We do not share your data with marketing companies, data brokers, or any third party for commercial purposes. The only exceptions are when you explicitly consent (e.g., you opt into a promotional email list) or when we are required by law to disclose your information to authorities.

Payment processors

e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, and local payment, online payment, e-wallet, mobile banking access your account holder name and transaction history to process deposits and withdrawals.

Anti-fraud vendors

Third-party fraud detection services analyse transactions to identify suspicious patterns and may store anonymised data.

Support software providers

Our customer support platform stores your email, phone, and support message history.

Legal and compliance

Lawyers, auditors, and compliance consultants may access your data during investigations or regulatory audits.

How long we keep your data

We keep your account information (name, email, phone, address) for as long as your account is active and for five years after you close it. This allows us to respond to regulatory requests and investigate disputes. We keep your payment records for at least seven years to comply with anti-money-laundering regulations and tax requirements. We keep your gaming activity data for two years; after that, we delete it unless it is needed for a dispute resolution or regulatory investigation.

We keep your technical data (IP addresses, device information, login timestamps) for 90 days. After that, we delete it unless we suspect fraud or a security incident, in which case we retain it for up to one year. We keep support messages and email communications for three years to provide context if you need to reopen a ticket or refer to a past conversation.

Your rights regarding your yyrt data

You have the right to access the data we hold about you. You can request a copy of your account information, transaction history, and all personal data we have collected by contacting our support team. We will provide this within 30 days. You also have the right to correct inaccurate data. If your registered name, email, or address is incorrect, you can update it directly in your yyrt account settings or ask our support team to make the change.

You have the right to request that we delete your data, subject to legal limitations. We cannot delete transaction records if they are required for anti-money-laundering compliance or tax purposes. However, we can delete or anonymise your gaming activity data and technical records upon request. You can also request that we restrict how we use your data; for example, you can opt out of promotional emails or ask us not to use your data for fraud detection beyond what is legally required.

If we process your data in a way that violates this privacy policy or applicable law, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.

Cookies and tracking technologies

We at yyrt use cookies and similar tracking technologies to remember your login session, track your navigation through our platform, and measure how users interact with our interface. Session cookies are deleted when you close your browser. Persistent cookies remain on your device for up to 12 months to remember your preferences (e.g., language, display settings). We do not use cookies to track you across other websites.

We use Google Analytics to understand how users navigate yyrt. Google Analytics collects anonymised data about pages visited, time spent, and click patterns. This helps us improve our platform. You can opt out of Google Analytics by installing the Google Analytics opt-out browser extension. We do not use your data for behavioural advertising or retargeting.

Cross-border data transfers

Our servers may be located outside your jurisdiction (Indonesia). When you use yyrt, your data may be transferred to and stored on servers in other countries. We protect these transfers with encryption and contractual agreements that require third-party processors to follow the same privacy standards we do. If our servers are in the European Union or another region with data protection laws, we comply with those laws as well as Indonesian regulations.

How we secure your data

We at yyrt encrypt all data in transit using TLS (Transport Layer Security) protocol. When you log in, deposit funds via local payment, online payment, e-wallet, mobile banking, local payment, online payment, or withdraw to your bank account, all data exchanged between your device and our servers is encrypted. We also encrypt sensitive data at rest on our servers using AES-256 encryption.

We use multi-factor authentication to protect your account. When you log in from a new device, we send a one-time code to your registered email or phone. We also require multi-factor authentication for large withdrawals. We monitor our systems continuously for intrusions and maintain detailed audit logs of who accesses your data and when.

Contact us about your yyrt privacy

If you have questions about this privacy policy or want to exercise your rights, contact our support team via email or live chat. You can also reach out if you want to request a copy of your data, correct inaccurate information, or ask us to delete or restrict how we use your information. We aim to respond to all privacy requests within 30 days.

Our services are available only where local law permits. Users are responsible for verifying that their access and use of yyrt comply with their own jurisdiction's regulations. If you are in Jakarta, Surabaya, Bandung, Medan, Semarang, or Yogyakarta and have privacy concerns specific to your region's laws, our support team can provide guidance.

Privacy policy updates

We may update this privacy policy from time to time as we improve yyrt, change our processes, or respond to legal requirements. If we make material changes—such as collecting new types of data or changing how we use your information—we will notify you via email at least 30 days before the change takes effect. You can review the current version of this policy at any time on our website. Your continued use of yyrt after an update means you accept the updated policy.