Reference

How bandit4d link Protects Your Personal Data

At bandit4d link, your personal data — account details, transaction records across DANA, OVO, GoPay and QRIS, and device activity — is handled under a clear, documented privacy…

Data encrypted at rest and in transitDANA, OVO, GoPay & QRIS transaction privacyAccount data access within 3 business daysIndonesia-specific retention policyDedicated privacy contact channel
bandit4d link How bandit4d link Protects Your Personal Data
PRIVACY CONTACT PATHS

How to Reach Our Privacy Team Directly

If you need to update personal data on your account, request a copy of what we hold, or ask us to delete specific records, our privacy support team is available seven days a week from 08:00 to 23:00 WIB. You can reach us through live chat on the site, via our dedicated privacy email, or through WhatsApp — whichever channel suits you. Responses to data-access requests are sent within three business days, and our team in Semarang handles escalations for account-level privacy concerns.

Team online

Live Chat

Start a live chat session directly on bandit4dlink.xyz between 08:00 and 23:00 WIB, seven days a week. Reference your account ID so we can retrieve your data record immediately and respond without delay.

Privacy Email

Send a written data-access or deletion request to our privacy email address. We acknowledge every email within 24 hours and complete the request within three business days, including weekends for urgent account matters.

WhatsApp Support

Message our WhatsApp privacy line for account data queries. Share your registered mobile number and account username so we can verify your identity and process your request securely without requiring you to call.

DATA HANDLING PRACTICES

Six Ways We Keep Your Account Data Safe

Our data handling practices are built around one principle: you should always know what we store and why.

End-to-End Encryption

All data transmitted between your device and our servers — including login credentials, payment references from DANA or GoPay, and session tokens — is encrypted using TLS 1.3. Stored account records use AES-256 encryption at the database level.

Cookie Policy

We use session cookies to keep you logged in and analytics cookies to measure which lobby sections you visit most. You can manage cookie preferences in your account settings page under Privacy. We do not use cookies to build advertising profiles.

Account Security Controls

Your account page includes a security log showing every login timestamp, device type and IP address used in the last 30 days. If you spot an unfamiliar entry, you can freeze your account from that same page within seconds.

Data Retention Schedule

Active account data is retained for the duration of your account plus 12 months after closure, in line with Indonesian financial record-keeping requirements. Transaction logs from OVO and QRIS payments are anonymised after 90 days unless a dispute is open.

Third-Party Data Sharing

We share data only with payment processors — DANA, OVO, GoPay and QRIS — and only to the extent each transaction requires. No marketing partners, no data brokers. Any future sharing arrangement will be disclosed in this policy before it takes effect.

Your Right to Request Changes

You can request a full copy of your stored data, ask us to correct inaccurate details, or submit a deletion request at any time through live chat or our privacy email. We complete verified requests within three business days and confirm by the same channel you used.

Your Privacy Policy Questions, Clearly Answered

These are the questions account holders ask us most often about how their data is handled at bandit4d link. If your question is not covered here, our privacy team is available via live chat from 08:00 to 23:00 WIB every day to assist you directly.

We collect your name, mobile number, email address, and the payment method you register — such as DANA, OVO, GoPay or QRIS account details. Device type and login timestamps are also logged for account security purposes.

DANA and OVO transaction references are used exclusively to verify your deposit, match it to your account, and process your withdrawal. We do not use payment data for profiling or pass it to any advertiser or data broker.

Yes. Submit a data-access request through live chat or our privacy email with your account username. We will compile and send your full data record within three business days, delivered securely to your registered email address.

Contact our privacy team via live chat or WhatsApp, verify your identity with your registered mobile number, and request deletion. We process verified deletion requests within three business days and confirm once your records have been removed.

We use session cookies for login continuity and anonymous analytics cookies to improve the lobby. You can adjust your cookie preferences in your account settings under the Privacy tab at any time without affecting your core account access.

Reach our privacy team directly via live chat between 08:00 and 23:00 WIB, or email the privacy address listed in your account settings. Escalations are reviewed by our data officer within two business days of receipt.

Yes. QRIS scan data is captured only to confirm your deposit transaction and is anonymised after the payment clears, typically within 90 days. QRIS processor terms also apply alongside this policy, as noted in the details section above.