ayukPrivacy Policy

This page describes what we collect when you use ayuk and how we keep that data protected. We take your privacy seriously and operate transparently about our data practices across every touchpoint—from account registration through withdrawal requests.

We at ayuk recognise that online entertainment platforms handle sensitive personal information. Our approach centres on collecting only what we need, storing it securely, and respecting your rights under applicable data-protection laws. This policy explains our commitments to you.

What We Collect and Why

We collect personal data at several points in your interaction with ayuk. When you create an account, we ask for your name, date of birth, email address, and phone number. We also collect identity documents during our account verification process—this is required to comply with anti-money-laundering regulations and to confirm your age and identity before you can deposit funds or withdraw winnings.

Our payment systems collect financial data: banking details (for BCA, e-wallet, mobile banking, local payment transfers), digital-wallet identifiers (online payment, e-wallet, mobile banking, local payment, online payment), and e-wallet payment records. We store transaction history, including deposit and withdrawal amounts, timestamps, and payment method used. We do not store your full card numbers; payment processors handle sensitive card data separately.

KYC data: We retain identity documents and verification records as required by law, typically for a retention period tied to your account's active status and any pending disputes.

We also log your behaviour on ayuk—IP addresses, browser type, pages visited, games played, and session duration. We use this data to improve our platform, detect fraud, and personalise your experience. Cookies and similar tracking technologies help us understand user preferences and site performance.

How We Use Your Data

Our primary use of your data is to deliver the ayuk service: processing your deposits via mobile banking, local payment, online payment, e-wallet, mobile banking, and local payment; enabling you to access football markets (Liga 1, Piala Indonesia, Piala AFF, Champions League), live-dealer tables, and slot games; and handling withdrawal requests. We verify your identity to prevent fraud and comply with regulations.

We use your email and phone to send account notifications, important policy updates, and responses to your support inquiries. We analyse aggregate gameplay data to improve game variety and platform stability, but we do not sell your personal information to third parties for marketing purposes.

Third Parties and Data Processors

Our payment processors—including banking partners online payment, e-wallet, mobile banking, and local payment, as well as digital-wallet integrators for online payment, e-wallet, mobile banking, local payment, and online payment—receive transaction data necessary to complete deposits and withdrawals. We have written agreements with all processors ensuring they maintain confidentiality and use your data only to fulfill their service obligations.

We may store servers in geographies outside Indonesia; your data may be processed in those locations. We contractually require overseas processors to maintain equivalent security and privacy standards. Our hosting infrastructure is protected with encryption and access controls.

Your Rights and Contact

You have the right to request a copy of the personal data we hold about you, to correct inaccuracies, and in some jurisdictions, to request erasure or restrict processing. To exercise these rights, contact our support team via the help centre in your ayuk account or email our data controller directly.

We also allow you to download your account data (game history, transaction records) from your account settings. If you have concerns about how we handle your information, you may lodge a complaint with your local data-protection authority.

Cookies and Tracking

We use session cookies to keep you logged in and functional cookies to remember your language and preferences. We use analytics cookies to track site traffic and user behaviour, helping us identify bugs and improve performance. We do not use cookies to identify you across unrelated third-party sites.

You can control cookie settings in your browser; however, disabling essential cookies may prevent ayuk from functioning correctly. Our cookie banner appears on first visit; you can withdraw consent at any time via your account settings.

Policy Updates

We may update this policy to reflect changes in our practices or legal requirements. We will notify you of material changes via email. Your continued use of ayuk after such notification means you accept the updated policy. We recommend you review this page periodically to stay informed about how we protect your data.

Summary: What You Should Know

We at ayuk collect your personal, identity, and financial data to deliver our service and comply with law. We protect that data with encryption, access controls, and secure storage. We do not sell your data. We share payment information only with processors necessary to complete transactions. You have rights to access, correct, and in some cases delete your data—contact us to exercise those rights.

Our service is available only where local law permits. If you have questions about this policy or how we handle your information, reach out to our support team through ayuk's help centre or via email. We are committed to transparency and will respond to privacy inquiries in a timely manner.

ayuk compliance team

Data protection and legal affairs

We update this policy to reflect best practices and regulatory changes affecting our users in Jakarta, Surabaya, Bandung, and Medan.

Info

What Data We Collect on ayuk

Account Registration and Identity Data

We collect personal data at several points in your interaction with ayuk. When you create an account, we ask for your name, date of birth, email address, and phone number. We also collect identity documents during our account verification process—typically a government-issued ID (KTP, passport, or driver's license) and proof of address such as a utility bill. This information serves two functions: verifying your legal identity and ensuring compliance with anti-money-laundering regulations. We do not share your identity documents with third parties except where legally required (for example, to financial intelligence units in response to lawful requests). Your documents are encrypted and retained only for the duration of your account's active status plus a statutory retention window mandated by Indonesian data-protection and anti-fraud law.

Transaction and Payment Data

When you deposit funds via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or direct bank transfer (mobile banking, local payment, online payment, e-wallet), we record the transaction date, amount, payment method, and settlement status. This data is essential for reconciliation, fraud detection, and dispute resolution. We retain transaction records for a minimum of seven years, as required by Indonesian financial-reporting standards. We do not store your full payment credentials (e.g., your complete mobile banking or local payment account number); instead, we retain a tokenised reference that allows us to process future transactions without re-entering sensitive details. Your payment provider (online payment, e-wallet, etc.) maintains separate records of your account; ayuk does not have access to your balance outside of deposit/withdrawal flows.

Betting and Account Activity Data

Your interaction with Liga 1 Indonesia markets, Piala Indonesia tournaments, Piala AFF fixtures, and Champions League betting generates activity logs. We record your bets, game participation, account balance snapshots, and login times. This data allows us to personalise your experience, detect unusual patterns that might indicate account compromise, and provide accurate statements of your account history. We analyse this data in aggregate form to understand market demand for specific football tournaments or game categories; however, we do not sell or share individual user betting patterns with third parties.

Technical and Device Data

Our mobile PWA platform and website automatically collect technical information: your IP address, browser type, device type, and operating system. This data helps us diagnose compatibility issues on slower networks, optimise the interface for different screen sizes, and detect potential security threats. We do not use this information to track your physical location; we collect IP addresses only to route your traffic securely and to block known sources of fraudulent access attempts.

DANA Deposit Flow and Data Protection

When you initiate a deposit via e-wallet on ayuk, our payment gateway establishes a secure connection to mobile banking's API using industry-standard encryption (TLS 1.2 or higher). You authenticate with your local payment PIN or biometric identifier—ayuk never sees this credential. Once you confirm the transaction amount, online payment transfers the funds directly to our merchant account, and our settlement system credits your ayuk wallet within seconds. We retain only a reference code linking your e-wallet identifier to the transaction; we do not store your full mobile banking account number or personal details local payment holds. If a deposit fails to credit within the standard window (typically within one business day), our support team can trace the transaction through online payment's system and either recover the funds or initiate a refund. This audit trail is encrypted and accessible only to authorised staff members with specific roles.

OVOe-walletand Bank Transfer Data Handling

mobile banking and local payment follow the same encryption and tokenisation practices as online payment. When you select e-wallet, you authenticate directly through mobile banking's gateway; ayuk receives confirmation of the transaction but not your local payment credentials. online payment operates identically. For users preferring bank transfers via e-wallet, mobile banking, local payment, or online payment, we generate a unique account reference linked to your ayuk profile. Your bank statement shows only the recipient name and reference code; it does not expose other users' information. e-wallet scanning through your bank's app similarly routes you through your bank's secure channel; we receive only confirmation that the payment succeeded. In all cases, we retain the transaction metadata (date, amount, method) but never the underlying banking credentials. This approach ensures that even if our systems experience a breach, attackers cannot access your payment accounts.

KYC Document Submission and Storage Security

Our account verification process on ayuk requires you to upload a government-issued identity document and proof of address. These documents are scanned, encrypted, and stored in a segregated database separate from your transaction records. Only our compliance team—typically two to three authorised personnel—have access to view these documents. We do not retain image files longer than necessary; once verification is approved, documents are marked as "verified" and access is further restricted. If your account remains inactive for a specified period (typically two years), we securely delete identity document images while retaining a notation that verification occurred. This approach balances regulatory requirements (which mandate we keep verification records) with privacy best practices (which require we limit how long we hold sensitive biometric data). During the KYC review process, which typically takes one to two business days, our team checks your documents against fraud databases and cross-references your information with official records maintained by Indonesian authorities. If a discrepancy is identified, we contact you via email and request clarification or resubmission; we do not reject applications without allowing you an opportunity to correct information.

Mobile PWA Experience and Local Data Caching

Our Progressive Web App (PWA) on ayuk caches certain data locally on your device to ensure functionality on slower network connections. This local cache includes your account interface, game libraries, recent transaction history, and Liga 1 football market snapshots. This cached data is stored in your browser's encrypted storage and is accessible only to you and to the ayuk domain. When your internet connection drops—common in regions experiencing network instability during peak hours—the PWA continues to function, allowing you to view your balance and recent bets while offline. Once connectivity resumes, any cached changes are synced with our servers. We do not transmit cached data to third-party analytics or advertising networks. The PWA also does not request access to your device's location, camera, microphone, or contacts; it requests only the permissions necessary to display the interface and process payments. If you clear your browser cache or uninstall the PWA, all locally stored data is permanently deleted from your device.

Low-Bandwidth Data Compatibility and Privacy

On ayuk, users accessing our platform over weak or intermittent connections (common during major football tournaments like the Piala AFF when traffic spikes) benefit from our adaptive-loading system. This system reduces the resolution of non-essential images and prioritises text-based content—match odds, account balance, transaction history. No personal data is stripped or simplified for transmission; security measures remain constant. We do not implement a "low-security" mode for weak networks. Instead, we reduce bandwidth consumption through image compression and selective asset loading while maintaining full encryption for all data in transit. Users on 3G networks can still place bets on Champions League fixtures or withdraw funds via DANA or bank transfer without any compromise to the security of their credentials or transaction details.

Support Response SLA and Data Requests

Our support team at ayuk operates during published hours and maintains service-level targets for response times. Common queries—about deposit methods, KYC timelines, withdrawal status—typically receive acknowledgment within business hours. More complex issues, such as account security concerns or disputed transactions, receive priority routing and a response within two business days. If you request access to your personal data (as is your right under data-protection law), our compliance team compiles your data export within thirty days. This export includes your account registration details, transaction history, KYC verification records (as permitted by law), and technical activity logs. You can request deletion of non-essential data, though we will retain transaction records and verification documents for the statutory retention periods required by Indonesian financial law. Requests for data access or deletion are processed through our support portal; we require you to verify your identity (typically by email confirmation) before releasing any personal information.

Withdrawal Processing and Data Privacy During Delays

When a withdrawal request appears delayed, our troubleshooting process involves reviewing your account data, transaction history, and payment method status. If your withdrawal is flagged for additional review (for example, due to a large amount or unusual activity pattern), we conduct this review internally without sharing your personal information with external parties unless legally required. We maintain a detailed log of every review decision and the reasoning behind it; you can request this log through our support team, subject to verification of your identity. Most routine withdrawal requests complete within one business day, while flagged requests receive a status update within two business days. If a withdrawal is genuinely overdue, our team escalates the request through our payment processor (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or mobile banking, depending on your chosen method) to identify where processing has stalled. Throughout this process, your payment method and account details remain encrypted and are never shared with other users or unrelated third parties.

Game RTP, Variance, and Outcome Transparency

Our casino games and game-show entertainment carry published Return-to-Player (RTP) percentages and variance ratings, both of which are available in our game rules library. RTP represents the long-run percentage of wagered funds returned to players; variance describes the statistical spread of outcomes (whether wins and losses cluster in large swings or occur more uniformly over time). We do not adjust these figures per user based on their betting history, account balance, or location. Every user on ayuk experiences identical RTP and variance settings for the same game title. This transparency allows you to understand the mathematical characteristics of each game before participating. We do not use your personal data to personalise game odds or payout percentages against you; doing so would violate both privacy principles and our operational ethics. Outcome determination on our platform is generated through certified random-number generators (RNGs), the results of which are not influenced by your account data, deposit method, or betting history.

Data Security and Encryption Standards

All data transmitted between your device and ayuk's servers is encrypted using TLS 1.2 or higher. Data stored on our systems is encrypted at rest using AES-256 encryption. We segment your personal data (identity documents, transaction records, betting history) into separate encrypted databases with distinct access controls; a compromise of one database does not automatically expose all your information. We conduct quarterly security audits and penetration testing to identify vulnerabilities. If a security incident occurs, we notify affected users within thirty days as required by applicable data-protection law. We maintain incident logs and post-incident analyses to prevent recurrence. We do not sell or share your personal data with advertisers, data brokers, or marketing networks. We share data with payment processors (DANA, e-wallet, mobile banking, etc.) and banks (local payment, online payment, e-wallet, mobile banking) only to the extent necessary to process your deposit and withdrawal requests. All such processors are contractually bound to protect your data and are not permitted to use it for any purpose beyond processing the transaction.

Data Jurisdiction and Legal Compliance

Our services are available only where local law permits. We do not offer our services in jurisdictions where online wagering is prohibited. Users are responsible for verifying that access to and use of ayuk comply with their own jurisdiction's law. We retain user data in encrypted storage within Indonesia and do not routinely transfer your information to servers located outside Indonesia. If a lawful request from Indonesian authorities requires disclosure of your data, we comply only after verifying the legal basis for the request. We do not comply with requests from foreign governments or private parties without explicit legal authority and notification to you (where legally permitted to do so). This policy ensures that your data remains subject to Indonesian data-protection law rather than being transferred to jurisdictions with weaker privacy standards. Our Privacy Policy and Terms of Service are interpreted according to Indonesian law.

Contacting Us About Privacy

If you have questions about our privacy practices, wish to request access to your data, or believe your privacy has been violated, please contact our compliance team through our support portal or email us at the address listed in our Terms and Conditions. We will acknowledge your inquiry within five business days and provide a substantive response within thirty days. We maintain a record of all privacy-related requests and our responses for audit and transparency purposes. Our Privacy Policy may be updated periodically to reflect changes in our operations or applicable law; we will notify you of material changes via email before they take effect.