papadewa Platform Privacy Notice

This page describes what we collect when you use papadewa and how we keep that data protected, including the payment and verification steps that touch your details.

We set out our approach so you can see what information we request for account setup, deposits via DANA, e-wallet, mobile banking, local payment, online payment or e-wallet, virtual-account transfers to mobile banking, local payment, online payment and e-wallet, and the checks we run during KYC and withdrawal review.

Our priority is to explain the types of data we handle, the parties we work with, and how we manage access in places where local law permits service use (for example when members connect from JakartaSurabaya or Bandung).

Details — papadewa data practices

We collect personal information required to create and verify an account, to process payments, and to review withdrawal requests.

• We collect identity data: full name, date of birth, government ID images and document numbers for KYC verification.
• We collect contact data: email, phone number and address for account notices and security checks.
• We collect payment data: e-wallet identifiers for DANA, e-wallet, mobile banking, local payment and online payment, e-wallet receipts, and virtual-account references for mobile banking, local payment, online payment and e-wallet transfers.
• We collect usage data: login timestamps, IP addresses, device type and mobile network details to diagnose issues and monitor suspicious activity.

We use the data we hold to complete verification, to accept deposits and to evaluate withdrawal requests in accordance with our account and security procedures.

We transmit payment-related information to third-party processors to settle transactions and to verification vendors who confirm identity documents and residency for KYC.

We retain records for as long as necessary to provide services where allowed by law and to comply with regulatory obligations related to payment reconciliation and fraud review.

Policy — papadewa privacy policy

We at papadewa control how personal data is used and who may access it; we do not sell personal data to third parties for marketing.

Our servers may sit outside your jurisdiction and we put contractual safeguards in place when transferring data across borders to processors who support payment rails and verification flows.

We deploy technical measures including TLS encryption in transit and routine access reviews to limit exposure of personal data.

1. Account verification and KYC

   We request government ID and proof of payment when you use DANA/e-wallet/mobile banking/local payment/online payment or bank transfers; typical review windows vary by volume.

2. Payment handling

   We correlate transaction references and e-wallet receipts to confirm top-ups and virtual-account deposits to mobile banking, local payment, online payment and e-wallet before allowing withdrawal review.

Our retention periods take into account reconciliation needs for holiday spikes in activity such as Idul Fitri and Idul Adha, and for events like Liga 1 or Piala Indonesia when transactional volumes increase.

We log anonymised analytics to improve service reliability for mobile installs (Android APK, browser access on iOS) and to troubleshoot network or mobile banking top-up issues.

We provide a contact route for privacy questions via /support/contact and we process formal requests through that channel.

Our commitment is to keep your data secure, to limit access to authorised personnel and processors, and to be transparent about how payment and verification data flows through our systems.

We review this privacy policy regularly and we update it when necessary to reflect changes to how we process payments, verification or account security.

Our approach is designed to protect personal data while enabling essential flows for deposits, verification and withdrawals where local law permits service access.