LEGAL REFERENCE

Your Data Stays Yours at tiki4d

Q: What do I do if I suspect a data breach?

Email support@tiki4d.app immediately with details. We investigate within 24 hours. If a breach is confirmed, we notify all affected users within 72 hours with steps to secure your account and any remediation we're providing.

We built this privacy policy to show exactly how we handle your account, your payment details, and your activity on our platform. From the moment you open an...

Account SecurityPayment ProtectionData TransparencyYour Control

Browse the Lobby Read FAQ

Privacy Framework and Data Handling

tiki4d operates this privacy policy for users in supported regions, including Indonesia. We collect personal data only to process your account, confirm your identity, and facilitate deposits via QRIS, DANA, OVO and GoPay. Your information is encrypted end-to-end and stored on secure servers. We do not sell, rent or share your data with third parties except where required by law or to

complete your transactions. You can request access to or deletion of your personal data at any time through our support team.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

24/7 SUPPORT

Questions About Your Privacy?

PLATFORM TRUST SIGNALS

Privacy Standards Behind Your Account

Encryption Standard

All data in transit and at rest uses TLS 1.2+ encryption. Your QRIS, DANA, OVO and GoPay payment tokens never touch unencrypted storage.

Third-Party Audits

Our data handling practices are reviewed quarterly by independent security firms. Audit summaries are available upon request from support.

GDPR Alignment

Although Indonesia has its own data protection framework, we align our practices with GDPR principles to ensure consistent global standards.

Indonesia Compliance

We comply with Law No. 27 of 2022 on Data Protection and work with local authorities in supported regions to maintain legal standing.

Zero-Knowledge Approach

Your account PIN and withdrawal passwords are hashed one-way; even our staff cannot retrieve them. Recovery happens only through your registered email.

Incident Response

If any data breach occurs, we notify affected users within 72 hours and provide guidance on account security steps and credit monitoring.

Privacy Policy Alignment Across tiki4d

All Pages

Every tiki4d domain (app, promo, support) enforces the same encryption, QRIS/DANA/OVO/GoPay payment security and data minimization rules.

Account Data

Your name, email, phone and ID verification details appear consistently across your account regardless of which tiki4d entry point you use.

Login Sessions

Session tokens expire after 30 minutes of inactivity. Multi-device login uses the same security posture across desktop, mobile web and app.

Payment History

Deposit and withdrawal records (including QRIS reference numbers, DANA wallet IDs) are permanently viewable in your account transaction log.

Cookie Consent

On first visit, you consent to functional and analytics cookies. Marketing cookies require explicit opt-in; you can toggle either anytime in Settings.

Regional Variation

In supported Indonesia regions, local data residency may apply. We keep data on servers within the country when legally required.

Policy Updates

Changes to this privacy policy are announced in-app 30 days before taking effect. You must accept the updated policy to continue playing.

Core Elements of Our Privacy Design

Account Verification

We ask for your legal name, ID number and phone only once at sign-up. You verify via email link; no SMS OTP means no phone number logging.

Payment Tokenization

QRIS, DANA, OVO and GoPay deposits are processed through tokenized wallets. Your actual bank details never arrive on our servers.

Activity Logging

We log login times, game sessions and withdrawals for compliance. This log is available to you in your account dashboard under History.

Account Recovery

Lost your password? We verify your email and send a secure recovery link. No recovery questions; we never store alternate security answers.

Data Retention

Account data persists for the lifetime of your account plus 7 years for tax and compliance records. Personal data not needed after 7 years is deleted.

Geographic Limits

Your account is tied to a single country on registration. If you move to a supported region, contact support to update your jurisdiction.

Privacy Policy Questions

No. We never sell, rent or lease your personal information to third parties for marketing. We share data only with payment processors (QRIS, DANA, OVO, GoPay) to complete transactions, or with authorities when required by law.

We keep your account active as long as you log in at least once per year. If inactive for 3+ years, we may archive your account. Tax and compliance records remain for 7 years. You can request deletion anytime via support.

Go to the login page, click 'Forgot Password,' and enter your email. We send a secure recovery link valid for 24 hours. No SMS or secret questions involved. Recovery happens entirely through your registered email.

No. We tokenize all e-wallet and digital payment details. Only a secure token stays on our servers. Your actual wallet IDs, phone numbers and bank links remain with your payment provider, never with us.

Yes. Log in to your account, go to Settings > Data Access, and download a full copy of your personal information. You'll see login history, game records, account details and all stored identifiers in JSON format.

Email [email protected] immediately with details. We investigate within 24 hours. If a breach is confirmed, we notify all affected users within 72 hours with steps to secure your account and any remediation we're providing.

We use functional cookies (session, login, game state) automatically. Analytics cookies (Google, Mixpanel) require your consent on first visit. Marketing cookies can be toggled on or off in Settings. You can clear all non-essential cookies anytime.