Reference

Our Legal Framework Protects Your Account and Data

When you open an account with cahaya128, we handle your information with the same rigour we apply to your withdrawals.

Data encryption end-to-endAccount verification at loginDANA, OVO, GoPay, QRIS secured
cahaya128 Our Legal Framework Protects Your Account and Data
REACH US DIRECTLY

Contact Our Support Team About Legal and Privacy

Live Chat Open the chat widget in the bottom right of your account lobby. Our team responds during Indonesia business hours, Monday to Friday, 09:00 to 18:00 WIB. Submit your legal or privacy request and we'll escalate it to our data team same day.
Email Support Send your request to our privacy inbox at [email protected]. Include your account email and a brief description of your question or data request. We aim to respond within 48 hours and will confirm receipt of any formal data access or deletion request.
Account Settings Log into your cahaya128 account, open the menu at the top right, select Settings, then Legal & Privacy. Review your consent preferences, download your account activity log, and update your notification settings—all without contacting support.
HOW WE PROTECT YOU

Security, Cookies, and Account Control

Login and Device Security

Every time you log in, we verify your location and device fingerprint. If an unusual login is detected, we send a confirmation code to your registered email. Your session times out after 30 minutes of inactivity to prevent unauthorized access if you step away from your mobile or desktop browser.

Payment Data Encryption

When you deposit via DANA, OVO, GoPay or QRIS, your payment details are encrypted with TLS 1.2 and never stored on our servers. We only retain a transaction reference linked to your account. Your bank or wallet provider handles the actual payment flow—we never see your PIN or card number.

Cookie and Tracking Consent

We use session cookies to keep you logged in and functional cookies to remember your lobby preferences. Marketing cookies track your page visits so we can show you relevant updates via email—you can opt out in your account Settings under Notifications without losing access to the platform.

Data Retention and Purge

We keep your account data for as long as your account is active. If you close your account, transaction records stay on file for 7 years to comply with dispute and audit requirements, but your personal details are marked inactive and excluded from marketing. You can request full data deletion where local law permits by emailing [email protected].

Withdrawal Verification

Before we process any payout to your DANA, OVO, GoPay or bank account, we verify your identity through a one-time code sent to your registered email or SMS. We also cross-check the withdrawal destination against your stored payment method to prevent misdirection. This adds 2–5 minutes to payout time but blocks fraud.

Request Your Data or Rights

Contact our support team to request a full export of your account data, correct inaccurate information, or ask for account deletion. We respond to formal requests within 14 days and will never charge a fee for access. Submit your request via live chat, email, or the Legal & Privacy section in your account settings.

Frequently Asked Questions About Legal and Privacy

When you close your account via Settings, your profile becomes inactive immediately. Your balance is paid out to your registered DANA, OVO, GoPay or bank account within one business day. Transaction records and account history remain on file for 7 years for regulatory compliance, but your personal details are flagged as inactive and excluded from marketing communications.

Yes. Log in to cahaya128, go to Settings > Legal & Privacy, and select Download Account Data. You'll receive a CSV file with all deposits, withdrawals, game activity and login timestamps linked to your account. The file is generated within 24 hours and sent to your registered email address.

Your DANA, OVO, GoPay or bank details are encrypted using TLS 1.2 protocol and stored in a separate vault accessed only by our payment-processing system. We never retain your PIN, card number or wallet password. Payment verification happens directly between your bank or wallet provider and our licensed payment gateway—we only see the transaction reference.

Only our dedicated support team and fraud analysts can access your account after you report a security issue. We'll ask you to verify your identity via email confirmation code or SMS. All access is logged, timestamped and reviewed monthly. Your account is locked for 24 hours after a failed login attempt to prevent brute-force attacks.

Contact us immediately via live chat or email [email protected]. We'll investigate your claim within 14 days and take corrective action if a breach is confirmed. Depending on local law, you may have the right to compensation or deletion of the affected data. We maintain cyber-liability insurance and report data incidents to relevant authorities where required.

Transaction records and deposit/withdrawal history are retained for 7 years after account closure to satisfy audit, tax and dispute-resolution requirements. Your personal details (name, address, email) are marked as inactive and removed from our active systems after 30 days. You can request earlier deletion where local law permits by contacting support.

Yes, you can update your email, phone number and residential address via Settings > Account Information. Changes to your registered name or date of birth require email verification and may trigger a re-identification check for compliance. Withdrawal destination updates take effect after a 24-hour hold period to prevent fraud. Contact support if you need to change these details urgently.