biru138 Privacy Policy

This page describes what we collect when you use biru138 and how we keep that data protected. We at biru138 are committed to handling your personal information securely and transparently. When you create an account, deposit funds, place bets, or withdraw winnings, we process specific data — your identity, payment details, and betting activity — to verify your account, process transactions, and comply with financial regulations.

Our privacy practices centre on encryption, access controls, and data minimization. We collect only the information we need to operate your account. We do not sell your personal data to third parties. Your data is stored on secure servers and accessed only by authorised biru138 team members and licensed payment processors.

If you have questions about how biru138 handles your data, contact our support team. You can also request a copy of your personal information or ask us to delete your account at any time, subject to legal retention requirements.

What we collect and how we use it on biru138

We collect the following types of data when you use biru138:

Account information: Email address, phone number, password (hashed and encrypted), security questions, and two-factor authentication settings.
Identity verification: Full name, date of birth, government ID number and scan, proof of address (utility bill or bank statement), and IP address during registration.
Payment details: Bank account number, e-wallet account (DANA, e-wallet, mobile banking, local payment, online payment), e-wallet identifier, or other payment method. We do not store credit card numbers in full; only the last four digits are kept for reference.
Betting and transaction records: Every bet you place, game you play, deposit you make, withdrawal you initiate, and payout you receive is logged with timestamp and amounts.
Device and usage data: Device model and OS version (Android or iOS), IP address, browser type, and pages visited within biru138.

We use this data to verify your identity (KYC — Know Your Customer), process deposits and withdrawals, settle bets, detect fraud, comply with anti-money-laundering (AML) regulations, and provide customer support. Your data helps us keep your account secure and your transactions legitimate.

Data storage and security on biru138

We store your data on encrypted servers located in data centres in supported jurisdictions. Our servers may sit outside your physical location — for example, data may be stored in Singapore, Malaysia, or other regional hubs. All data in transit between your device and our servers is encrypted using SSL (Secure Sockets Layer) protocol. This means your password, payment details, and identity information are never transmitted in plain text.

We use two-factor authentication (2FA) to protect account login. You can enable 2FA in your account settings; with it active, logging in requires both your password and a one-time code sent to your phone. We also offer biometric login on Android (fingerprint or face recognition) so you access your account without typing your password repeatedly.

Password reset requests are authenticated via email. If you forget your password, you request a reset, receive a link via email, and create a new password. We never store plaintext passwords; we store only cryptographic hashes. Your previous password cannot be recovered — only replaced with a new one.

SSL encryption: Secure connection protocol between your device and our servers; protects login credentials and payment information in transit.
Two-factor authentication (2FA): Login requires both password and a one-time code; adds a second layer of security even if password is compromised.
Data hashing: Passwords are converted to irreversible hash values; biru138 staff cannot see your original password.
Session token: Temporary credential that proves you are logged in; expires after 30 days of inactivity automatically.

Third-party data processors and partners

We share your data with trusted third parties only when necessary to provide biru138 services. These include:

Payment processors: mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, and local payment receive your payment details to confirm deposits and process withdrawals. We do not share your identity with payment partners unless required by regulation.
KYC verification vendors: We may use licensed third-party services to verify your identity documents and proof of address.
Anti-fraud and compliance services: We share betting patterns and account activity with fraud-detection services to prevent money laundering and account abuse.
Legal authorities: If required by court order or law-enforcement request, we provide user data to authorities in supported jurisdictions.

All third-party processors are bound by confidentiality agreements. They use your data only for the purpose stated and do not resell or redistribute it.

Your rights on biru138

You have the right to access, update, or delete your personal data. To review your data, log into your biru138 account; your profile page displays email, phone, registered address, and linked payment methods. To update any field, edit it directly in settings. To delete your account and all associated data, contact our support team. Account deletion is permanent after 30 days; during this window, you can restore it.

If you believe biru138 has misused your data, you may file a complaint with our support team or a data-protection authority in your jurisdiction. We will investigate and respond within 10 business days.

Cookies and tracking on biru138

We use cookies to keep you logged in, remember your preferences (language, bet slip settings), and analyse how you use biru138. Session cookies expire when you log out or close your browser. Persistent cookies (lasting up to one year) help us recognise you on future visits. You can disable cookies in your browser settings, though this may limit biru138 functionality.

We do not use cookies to track you outside biru138. We do not sell cookie data to advertisers. Analytics cookies track page views and user flow only to improve our platform design.

Contact and data requests

For questions about biru138 privacy practices, data access requests, or account deletion, contact our support team via email or in-app chat. Include your account email and a description of your request. We will respond within 10 business days. If you access biru138 from Jakarta, Surabaya, Bandung, or Medan, support is available in English and local languages.

For payment-related privacy concerns specific to online payment e-wallet mobile bankingor other partners, refer to their privacy policies directly. We are not responsible for third-party data handling.

Your data is encrypted, access-controlled, and used only to operate your biru138 account securely.

biru138 Data Protection Team

Policy updates and effective date

We review this privacy policy periodically and update it when practices change. Material changes (e.g. new data collection or third-party sharing) will be notified to you by email or in-app notification at least 30 days before taking effect. Your continued use of biru138 after changes are posted means you accept the updated policy.

This policy is effective as of the date listed at the end of this page. We recommend reviewing it whenever you access biru138, especially if you have not visited for several months. If you disagree with any terms, you may close your biru138 account at any time.

Summary of biru138 data protection

We at biru138 collect only the data necessary to verify your identity, process your deposits and withdrawals, and comply with financial regulations. All data is encrypted in transit and at rest. Your password is never stored in plaintext and cannot be recovered by biru138 staff. Account access is protected by two-factor authentication and biometric login on mobile. Third-party processors (payment partners, KYC vendors) are bound by strict confidentiality.

You can access, update, or delete your data at any time through your account settings or by contacting support. We do not sell your data to advertisers or marketers. Your privacy is central to how biru138 operates. If you have concerns, our support team is ready to help during business hours.

Our services are available only where applicable law permits. Users are responsible for verifying that their access and use of biru138 comply with their own jurisdiction's data-protection and gaming laws. For further questions, refer to our Terms & Conditions or Legal Notice