LEGAL REFERENCE

How We Handle Your Account Data

This is the pandawin privacy policy — a plain read of what we collect when you open an account, how we store it, and the controls you keep...

Account DataCookiesRetentionYour RightsUpdates
pandawin How We Handle Your Account Data

Policy Posture and Jurisdiction Wording

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

24/7 SUPPORT

Policy Contact Paths

Team online

Privacy Inbox

Email our privacy desk for data access, correction or erasure requests. Include the email tied to your pandawin account so we can verify before we action anything on the file.

Live Chat

Open the chat bubble in the lobby footer and ask for the privacy team. The agent will route you, log a ticket reference, and confirm next steps inside the same session.

Postal Address

For formal notices, our registered correspondence address is published in the account settings panel. Send tracked mail and we'll acknowledge receipt by email within five working days.

PLATFORM TRUST SIGNALS

Editorial Trust Signals for This Policy

Legal Review

A qualified counsel reviews this document each quarter and signs off the revision log. We publish the date at the foot so you can see when the wording was last touched.

Plain Language

We rewrite legal clauses into readable English without losing the obligation. If a sentence needs a defined term, we define it inline rather than burying it in an appendix.

Versioning

Every change to this policy gets a numbered version and a short note describing what moved. Older versions stay accessible on request so you can compare wording over time.

Data Minimisation

We collect what the account flow needs and nothing extra. Optional fields are marked optional, and we explain in-line why each required field is needed at the point of entry.

Indonesia Focus

The policy is written for Indonesia account holders first, with wording that matches local data practice and the payment rails — DANA, OVO, GoPay, QRIS — you actually use.

Audit Trail

Internal access to your account data is logged. If a privacy request triggers a review, we can show who touched the record and when, which keeps our handling honest.

Consistency With Our Other Policy Pages

Terms of Service
The terms document covers conduct and account rules; this privacy page covers data only. Both share the same definitions section so wording never contradicts between the two.
Cookie Notice
Our cookie notice expands the cookie paragraph here into a full table of categories, vendors and storage windows. Reference it when you want the granular view.
AML Statement
The AML statement explains identity checks at a process level. This policy explains the data side of those checks — what we keep, for how long, and why.
KYC Notes
KYC documentation handling is summarised here and detailed in the verification page. Both pages quote the same retention window so you get one answer either way.
Complaints Path
The complaints policy lists escalation steps; this page lists the privacy-specific contact paths. They run in parallel and you can use whichever matches your issue.
Marketing Preferences
Marketing opt-ins sit in your account settings and are reflected in this policy's consent section. Toggle them there and the change is recorded against your file.
Security Page
Our security page covers the technical controls; this policy covers the legal basis. Together they describe both the how and the why of our data handling.
SERVICE CONTEXT

What Defines This Policy Page Layout

Revision Date A timestamp at the head and foot tells you when...
Section Anchors Each policy section has a deep-link anchor in the URL...
Defined Terms Capitalised terms — Account, Processor, Data Subject — are defined...
Request Forms Inline forms let you file a data access or erasure...
Print View A print-friendly toggle strips the lobby chrome so you can...
Language Toggle The policy is published in English for Indonesia readers, with...

Privacy Policy Questions

We collect the identifiers you submit at sign-up — name, email, phone, date of birth — plus device signals that keep the lobby loading. Payment routing references are stored, but card and wallet credentials sit with the processor.

Retention matches the period our licence requires for the account region, typically several years after closure for transaction records. Marketing data is purged sooner if you withdraw consent through the account settings panel.

Yes. Email the privacy inbox from the address on file, or use the inline request form on this page. We verify your identity and return the export within the statutory window for your region.

Open the account settings panel for self-serve edits to contact details and marketing preferences. For erasure or fields you cannot edit yourself, submit a request to the privacy inbox and we'll action it after verification.

We share only what's necessary with payment processors, identity-check partners and our hosting provider. Each partner is bound by a data agreement, and we name the categories of recipients in the full disclosure section above.

Wallet credentials never reach our servers — the processor handles them under their own privacy terms. We store the transaction reference and amount so your account history reconciles, nothing more from the payment side.

We publish the revision date at the foot of the page and notify account holders by email when a material change lands. Older versions remain available on request so you can compare wording.