Privacy vs Terms
Terms cover what you agree to when using engkol88. Privacy covers what we do with the data that agreement generates. Both reference the same account model.
LEGAL REFERENCE
How engkol88 Handles Your Account Data
This privacy policy sets out what we collect when you open an engkol88 account, why we keep it and how long it stays with us. We've written it...
Plain-language policyIndonesia-awareAccount-data focusedUpdated regularlyYour choices kept
Our Privacy Posture and Jurisdiction Scope
We process your account information under the privacy expectations that apply where local law permits, focusing on supported regions across Indonesia. The data you give us at sign-up — name, contact details, verification proofs and payment references tied to DANA, OVO, GoPay or QRIS — is held only for the purposes stated here: keeping your account secure, settling lobby activity, and meeting
record-keeping duties our licence places on us. We don't sell your details to third parties for advertising, and we won't share them outside processors that help us run the lobby. Where rules differ between regions, the stricter standard applies to your account, and we'll flag any policy update on this page before it takes effect.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
WHY THIS PLATFORM
How We Keep This Policy Honest
We treat this document as living text, not a one-time post. Each clause is reviewed by people who actually run the lobby, not just a legal template generator.
Policy Owner
Our data protection lead signs off every change to this page. They sit inside engkol88, not outside it, so the wording matches what our systems actually do with your account information.
Review Cadence
We re-read this policy every quarter and after any material change to lobby features, payment partners or verification flow. Old versions are archived so you can compare what shifted between updates.
Processor Vetting
Every vendor that touches your data is checked for security posture before we plug them in. That includes our payment routers for DANA, OVO, GoPay and QRIS and our game studio integrations.
Breach Response
If something goes wrong, we tell you. Our incident plan sets clear timelines for notifying affected accounts and the relevant regulator, with plain-language detail on what happened and what we did.
Staff Access
Inside engkol88, account data is gated by role. Only people who need a record to do their job can open it, and every access is logged for later audit by the privacy lead.
Plain Language
We deliberately avoid legal padding. If a clause needs a defined term, we define it on the same line. The aim is that you finish this page understanding it, not skimming past it.
WHY THIS PLATFORM
Consistency Across Our Policy Pages
This privacy page sits alongside our terms, cookie notice and account rules. Below is how the privacy policy lines up with those sibling documents so nothing contradicts.
Privacy vs Cookies
Cookies notice details browser-side trackers; this privacy policy covers server-side records. They share definitions for identifiers so the two read as one system.
Privacy vs KYC
KYC rules describe what proofs we ask for. Privacy explains how those proofs are stored, who sees them and when they're erased after account closure.
Privacy vs Payments
Payment terms list supported rails such as DANA, OVO, GoPay and QRIS. Privacy explains the data those rails generate and how long settlement records sit with us.
Privacy vs Marketing
Marketing preferences are opt-in and revocable. Privacy confirms we won't repurpose your account contact details into promotional lists without that opt-in being live.
Privacy vs Security
Security page describes our technical controls. Privacy describes the legal basis for using those controls. Encryption claims appear in both with matching language.
Privacy vs Closure
Account closure flow tells you how to leave. Privacy tells you what stays in our archives afterwards and the retention windows tied to each category of data.
AT A GLANCE
What This Policy Page Covers at a Glance
Here are the visible elements of this privacy page so you can find the clause you need without scrolling end-to-end. Each block on the page is built around one privacy topic.
01
Data We Collect
A full list of categories — identity, contact, verification, device, and lobby activity — sits in the details block above so you can see exactly what enters your account file.
02
Why We Hold It
Each data category is paired with a purpose: account security, settlement, regulatory record-keeping, or service improvement. No category is held for an undeclared reason.
03
How Long We Keep It
Retention windows are stated in months and years, not vague phrases. After the window closes, records are anonymised or destroyed under our internal deletion schedule.
04
Your Rights Panel
Access, correction, deletion, portability and objection rights are summarised with the channel to use for each. The privacy desk handles these without routing you elsewhere.
05
Update Notices
Any change to this page is dated at the top and summarised in a short changelog so you don't have to re-read the whole text to spot what shifted.
06
Cross-Links
Links to terms, cookies and account closure pages sit at the foot of this policy so the full picture is two clicks away when you want to compare clauses.
Privacy Policy Questions
We collect the identity, contact and verification details needed to run your account, plus the lobby activity tied to it. Payment references for DANA, OVO, GoPay or QRIS are stored only as needed for settlement.
No. We don't sell account data to third parties for advertising. Information is shared only with processors that help us run the lobby, and each one is bound by contract to use it for that purpose only.
Core records are kept for the retention window our licence requires, then anonymised or destroyed. Marketing contacts drop out sooner. Exact windows per category are listed in the details block above this section.
Yes. Email the privacy inbox or use in-lobby chat to request access. We'll verify you're the account owner and return a structured copy within thirty days where local law permits us to do so.
Send a correction or deletion request through the same privacy channels. Some records must stay with us for regulatory reasons, but anything outside that scope can be amended or removed on request.
Yes. Material changes are flagged on this page with a dated changelog before they take effect, and account-holders receive a notice through the contact channel on file so nothing shifts quietly.
Processing happens within infrastructure serving supported regions across Indonesia. Where a processor sits outside the region, we use contractual safeguards so your data keeps the protections this policy describes.