Reference

How cahaya128 Protects Your Personal Data

Your personal data belongs to you, and we treat it that way — every account detail, payment record, and session log is stored under strict access controls and…

No third-party data salesEncrypted account storageDANA, OVO, GoPay & QRIS transaction privacyData deletion on requestIndonesia-focused data handling
cahaya128 How cahaya128 Protects Your Personal Data
PRIVACY CONTACT CHANNELS

Reach Us About Your Privacy Rights

If you want to access, correct, or request deletion of the personal data we hold on your account, our Privacy Support team is available seven days a week from 08:00 to 24:00…

Live Chat Open the chat widget on any page of cahaya128.best and select 'Privacy Request' from the topic menu. A dedicated agent handles data queries separately from general account support, ensuring your request is logged and tracked from the first message.
Email Support Send your full name, registered email address, and a clear description of your request to our privacy inbox. We confirm receipt with a ticket number within one hour during operating hours — 08:00 to 24:00 WIB, every day of the week.
Account Settings Panel Log in to your cahaya128 account, navigate to Settings, then select 'Data & Privacy'. From there you can download your data history, update consent preferences, and submit a deletion request directly — no need to contact support first.
HOW WE HANDLE YOUR DATA

Six Pillars of Our Data Handling Practice

We built our privacy framework around the practical questions you are most likely to ask: what is stored, for how long, who can see it, and how you get it removed.

Data Collection Minimisation

We collect only what is necessary to operate your account and process transactions. Fields like your full name, email, and DANA or OVO account reference are required; optional marketing preferences are never bundled into mandatory registration fields.

Cookie Transparency

Cookies on cahaya128.best fall into three categories: strictly necessary session cookies, performance analytics cookies, and optional preference cookies. You can manage all non-essential cookies via the consent banner on your first visit or through your browser settings at any time.

Payment Data Isolation

Transaction records from GoPay, QRIS, DANA and OVO are stored in a separate, access-restricted database segment. Payment processor tokens — not raw account numbers — are what we retain, and those tokens are purged automatically after the 90-day fraud-review window closes.

Account Security Controls

Your password is hashed using bcrypt and never stored in plain text. Login attempts trigger rate-limiting after five failures, and any new device login sends an email notification so you are aware of access events the moment they happen.

Data Retention Schedule

Active account data is retained for the duration of your account plus 12 months. Closed-account records are held for a legally required period where local law mandates it, then permanently deleted. You can request early deletion of non-mandatory data at any time through the Account Settings panel.

Third-Party Processor Obligations

Any third-party service we use — such as payment gateways for DANA or GoPay — is bound by a data processing agreement that prohibits sub-licensing your data. We audit these agreements on a scheduled basis and remove processors that fail to meet our standards.

Frequently Asked Privacy Policy Questions

Below are the questions our account-holders ask most often about how cahaya128 manages personal data. Each answer is specific to how our systems work — not a generic legal template. If your question is not covered here, reach out via Live Chat or the Account Settings panel and we will respond within 24 hours on any day of the week.

We collect your full name, email address, date of birth, and the mobile number or e-wallet reference you use for DANA, OVO, GoPay, or QRIS deposits. Device identifiers and session timestamps are also logged for security purposes. We do not collect data beyond what is needed to operate your account.

Yes. Log in to your account, go to Settings, and select 'Data & Privacy', then choose 'Download My Data'. The export includes your registration details, transaction history, and session logs in a readable format. We process download requests within 7 business days of submission.

Payment records from DANA, OVO, GoPay, and QRIS are kept for 90 days for fraud review purposes, then the payment tokens are purged. Full transaction logs are retained for 12 months after account closure, or longer where local law requires a specific retention period.

We do not sell or rent your personal data to advertisers or data brokers. Data is shared only with payment processors such as DANA or GoPay gateways under strict contractual terms, and with regulatory bodies where local law requires disclosure. No sharing occurs beyond those two categories.

Submit a deletion request through the 'Data & Privacy' section of your Account Settings, or contact our Privacy Support team via Live Chat between 08:00 and 24:00 WIB. We acknowledge requests within 24 hours and complete deletion of non-mandatory data within 7 business days.

Our site uses strictly necessary cookies to keep your session active, plus optional analytics and preference cookies. You can turn off non-essential cookies through the consent banner on your first visit, or via your browser settings at any point — your choice does not affect core account functionality.

After account closure, your data is moved to a restricted archive for 12 months, then permanently deleted — unless local law mandates a longer period. You may request early deletion of non-mandatory fields immediately upon closure through the Account Settings panel or by contacting support.