rumahduit Platform Privacy Notice
This page describes what we collect when you use rumahduit and how we keep that data protected. We gather information from your account sign-up, your deposits and withdrawals via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfers (mobile banking, local payment, online payment, e-wallet), your gameplay on slots and live-dealer tables, and your interaction with our sports and esports markets. Some data leaves your country when it reaches our servers; we explain where and why.
We do not sell your personal information to advertisers or brokers. We share data only with payment processors, fraud-detection partners, and legal authorities when required by law. Your privacy on rumahduit is not absolute — we must comply with local regulations and prevent money laundering — but we minimize collection and keep access restricted to staff who need it for their role.
Read on to understand what we collect, how long we keep it, your rights under data-protection laws, and how to contact us if you have concerns or want to request deletion of your information.
What information we collect on rumahduit
When you create a rumahduit account, we ask for your email address, a password you choose, your full name, and your date of birth. We collect this during sign-up and store it encrypted on our servers.
When you deposit funds, we receive payment data from your chosen method. If you use DANA, e-wallet, mobile banking, local payment, or online payment, your e-wallet provider sends us confirmation of the transaction; we don't store your e-wallet credentials. If you use e-wallet or a bank transfer (mobile banking, local payment, online payment, e-wallet), your bank sends us your account holder name and transaction reference; we don't store your full bank account number or PIN. Before your first withdrawal, we ask for government-issued ID (national identity card, passport, or driving license) and proof of address — utility bill or bank statement. These documents are scanned and uploaded to our servers, then deleted after verification completes (typically 24 hours).
We log your login history — timestamps, device type (Android APK, iOS Safari, or desktop browser), and IP address — to detect unauthorized access attempts. We record your gameplay on slots (Aviator, Sweet Bonanza, Gates of Olympus, Fortune Tiger, Mahjong Ways) and live-dealer tables (blackjack, roulette, baccarat, Dragon Tiger), including wager amounts and outcomes, to verify fairness and detect fraud. We track your interaction with football markets (Liga 1, Piala AFF, Champions League, Premier League), badminton, MotoGP, and esports (Mobile Legends, Free Fire, PUBG Mobile) to ensure accurate settlement and prevent manipulation.
We do not store payment card numbers
rumahduit does not accept credit cards directly. All deposits route through payment providers (e-wallets, mobile banking, or bank transfers), so we never touch your card data.
How we use your information on rumahduit
We use your data for essential platform functions: authenticating your login, processing your deposits and withdrawals, verifying your identity before payout, and settling your gameplay outcomes. We also use data for compliance — fulfilling anti-money-laundering (AML) requirements, detecting fraud, and responding to legal requests from authorities in Jakarta, Surabaya, Bandung, Medan, and elsewhere.
We may use aggregated, anonymized data for analytics — understanding how many users play Fortune Tiger slots versus live roulette, how many prefer local payment versus online payment deposits — but this data cannot identify you. We do not use your personal information for marketing or third-party advertising.
If you request account closure on rumahduit, we retain your data for seven years to comply with financial regulations and potential audits. After seven years, we securely delete it unless law requires us to keep it longer.
Where we store data and international transfers
Our primary servers sit outside Indonesia. This means your data — name, email, gameplay history — physically leaves your jurisdiction when you use rumahduit. We encrypt all data in transit and at rest, but the storage location itself is beyond Indonesian data-protection law. We chose overseas servers for infrastructure reliability and redundancy; a single country-based data centre could fail during earthquakes or other events like those around Idul Fitri or Idul Adha holidays when many users travel and infrastructure stress increases.
We share data with payment processors (our e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, and bank partners) to confirm transactions, but only the minimum required. We share gameplay data with our fraud-detection partner to identify patterns of suspicious betting or collusion. We never sell or rent your data to third parties for their marketing purposes.
Key points on privacy
- We collect email, name, date of birth, login history, and gameplay data
- We request ID and proof of address before your first withdrawal for verification
- Data is encrypted in transit and at rest; deletion occurs seven years after account closure
- We share data only with payment partners and fraud-detection services, not with advertisers
- Our servers are located outside Indonesia; your data transfers internationally
Cookies and tracking on rumahduit
rumahduit uses cookies — small files stored on your device — to remember your login session and preferences (language, notification settings). These are necessary for the platform to function. We do not use tracking cookies or cookies that follow you across other websites. When you close your browser, session cookies expire; preference cookies persist until you clear them manually or we delete your account.
We use basic analytics to understand traffic flow and gameplay patterns, but analytics tools on rumahduit do not track you across other sites or create a profile for external use.
Your rights regarding data on rumahduit
You have the right to request what personal information we hold about you on rumahduit. Contact our support team with "Data Access Request" in the subject line, and we'll send you a copy within 30 days.
You may request correction if data is inaccurate — for example, if your email address changed. You may request deletion (the "right to be forgotten") for non-essential data, though we retain transaction history and identity documents for regulatory compliance.
You may object to processing if you believe we're using your data unlawfully. You may withdraw consent for non-essential uses at any time. These rights are subject to exceptions: we cannot delete payment history required by anti-money-laundering law, and we cannot fulfil requests that conflict with our legal obligations.
To exercise any of these rights, email our data protection officer or contact support through your rumahduit account. We'll acknowledge your request within 5 business days and respond fully within 30 days.
How we secure your data on rumahduit
All communication between your device and our servers uses SSL/TLS encryption — the same standard used by banks. Login credentials are hashed with modern algorithms; we never store plain-text passwords. We employ role-based access control: support staff see your account history but not your password; payment staff process transactions but cannot view gameplay data.
We conduct regular security audits and penetration tests to identify vulnerabilities. If we discover a breach, we notify affected users within 72 hours and report to authorities as required by law.
Our services are available only where local law permits. Your jurisdiction may have different data-protection rights than others; check your own laws. rumahduit complies with Indonesian regulations where applicable and with reasonable standards elsewhere, but we cannot guarantee full compliance with every jurisdiction's requirements.
Trust, fairness, and transparency on rumahduit
Platform security layers
Every connection between your mobile device or desktop and our rumahduit servers uses SSL/TLS encryption. This creates a secure tunnel where your login credentials, payment details, and gameplay data cannot be intercepted by third parties, even if you're using public WiFi. Our servers employ role-based access control, meaning staff members can only access data necessary for their specific role. Customer support agents can review your account history and transactions; payment processors handle deposits and withdrawals; fraud-detection staff see gameplay patterns — but no single employee can access all categories of your data simultaneously. Account credentials are hashed using industry-standard cryptographic functions (bcrypt or similar); we never store passwords in plain text. Two-factor authentication is optional but recommended; enabling it requires a second proof of identity (usually a code sent to your email or registered phone number) before anyone can log in from an unrecognized device. Session tokens expire automatically after subject to verification of inactivity, protecting you if your phone is lost or stolen. We conduct quarterly security audits and annual penetration tests, hiring external firms to attempt breaches and report vulnerabilities. Payment data is segregated in encrypted databases with restricted access logs, ensuring no employee can view both your account credentials and your banking information without documented business reason. Backups of your data are encrypted and stored in geographically separate data centres to prevent total loss if one facility fails. We maintain incident-response procedures and have notified users within 72 hours of any confirmed breach.
Game fairness and RTP
All slot games on rumahduit — Aviator, Sweet Bonanza, Gates of Olympus, Fortune Tiger, Mahjong Ways — use certified random-number generators (RNG) to determine outcomes. Each spin is mathematically independent; previous results never influence future ones, and no pattern exists that skilled players can exploit. RTP (Return to Player) is a published percentage describing how much of all wagered money is paid back to players over millions of spins. A slot with an means players receive, on average, our welcome offer back for every 100 wagered; the remaining non-specific info covers platform operating costs. This is not a guarantee for any individual session — you might win big, lose everything, or break even depending on variance and luck. Our RNG software is certified by independent third-party auditors who verify that outcomes are truly random and unmanipulated. Live-dealer games on rumahduit (blackjack, roulette, baccarat, Dragon Tiger) differ from RNG slots because outcomes are determined by physical cards or wheels streamed live on camera by real dealers, not software calculations. Both RNG and live-dealer games display their mechanics clearly within the game interface. For sports and esports markets covering Liga 1, Piala AFF, Champions League, Mobile Legends, Free Fire, and PUBG Mobile, outcomes reflect real-world events — match results, tournament brackets, player performances — determined by athletes and referees, not by our algorithms. We demonstrate fairness through transparent payout tables, published odds, and third-party certification.
KYC verification process
KYC (Know Your Customer) verification is a regulatory requirement that protects you and rumahduit. When you create your rumahduit account, we collect your name, date of birth, and email. Before your first withdrawal, we ask for government-issued photo ID — a national identity card, passport, or driving licence — and proof of address such as a utility bill or recent bank statement showing your name and street address. These documents are encrypted during upload and stored securely on our servers. Our verification team, usually based outside your country, reviews your documents within 24 business hours. Once verified, your documents are deleted from our system unless we're required by law to retain them longer. The verification process ensures your identity genuinely matches your account and that your banking details are legitimate. KYC also prevents fraud: if someone attempts to access your account and withdraw funds to a different bank account, our records confirm the mismatch and flag the transaction for review. We never share your KYC documents with third parties except when legally required by law enforcement or tax authorities. If your verification is declined, we provide specific reasons and allow you to resubmit corrected documents or contact support for clarification. Once verified, you don't need to resubmit documents unless regulatory changes occur or we detect suspicious activity requiring updated confirmation.
User feedback and review channels
We encourage rumahduit account holders to share feedback about their experience — gameplay, payment methods, support responsiveness, security concerns. You can leave comments in-app, contact our support team directly via email or chat, or submit formal feedback through your account settings. When reading external reviews about rumahduit, look for specific, detailed complaints rather than vague statements. Credible reviews mention payment methods used (DANA, OVO, GoPay, ShopeePay, LinkAja, QRIS, or bank transfers), games played, actual response times, and specific issues encountered. Vague complaints ("slow," "unfair," "bad support") often reflect a single bad day rather than systemic problems. We monitor feedback across all channels — in-app, email, public reviews, social media — and use patterns to identify genuine issues. If multiple users report the same problem, we prioritize investigation: if several users report QRIS deposits failing, we immediately troubleshoot with our payment partner. Ratings on public platforms vary widely; some reflect a single negative experience, others represent consistent issues over months. We publish our formal response to significant complaints and remain transparent about our limitations. If you discover a bug, security vulnerability, or evidence of unfair game outcome, report it directly to our security team — we take every report seriously and offer bounties for valid vulnerabilities found through responsible disclosure.