bos288Privacy Policy

This page describes what we collect when you use bos288 and how we keep that data protected. We take privacy seriously because your account information — your name, ID number, contact details, and payment methods — is sensitive and deserves strict safeguards.

When you register on bos288, we collect personal data to verify your identity (KYC), process deposits and withdrawals, and comply with financial regulations. We store this data securely on encrypted servers and never sell it to third parties. We may share limited information with payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet providers, mobile banking, local payment, online payment, e-wallet) to confirm your transactions, but only the minimum required to complete the request.

This policy explains our data practices in plain language. If you have questions after reading, you can contact us through Account Settings or the FAQ section.

What Data We Collect on bos288

Registration and Identity Verification

We collect your full name, date of birth, phone number, email address, and ID number (KTP, passport, or national ID) during registration. This is mandatory for Know Your Customer (KYC) verification, which is a legal requirement to prevent fraud and money laundering. We validate your ID against official records and confirm your phone number via SMS. Once verified, you can deposit and play on bos288.

Your ID number is encrypted and stored separately from other account data. We never share it with third parties except where required by law (e.g., financial regulators or law enforcement).

Payment and Transaction Data

When you deposit or withdraw, we record the amount, payment method, date, and time. For QRIS, e-wallet (e-wallet, mobile banking, local payment, online payment, e-wallet), or bank transfer (mobile banking, local payment, online payment, e-wallet Virtual Accounts), we receive a transaction reference number from your payment provider. We do not store your full bank account number or e-wallet credentials — we store only the final four digits and the reference ID so you can recognize the transaction in your account history.

You can view your complete transaction history in Account Settings anytime. We keep these records for as long as you maintain an account, plus a minimum retention period mandated by Indonesian financial law.

Account Activity and Gaming Behavior

We track which games you play, when you play them, your betting patterns, and your account balance. This data helps us detect fraud (e.g., unusual login locations, rapid transactions) and comply with gambling regulations. We also record your login history, device type, IP address, and browser information.

We do not sell this data. We use it internally to improve game performance, detect security threats, and understand user behavior patterns (e.g., peak hours, most popular games) so we can optimize bos288.

Personal data
Name, ID, phone, email, date of birth. Encrypted and retained as long as your account is active.
Payment data
Transaction amounts, dates, payment method references. Last four digits only; never full bank details.
Device and location data
IP address, browser type, device model, login locations. Used for security and fraud detection.
Cookies and analytics
Session cookies to keep you logged in; analytics cookies to track site usage.

Our Data Handling Practices and Your Rights

How We Use Your Data

We use your data for the following purposes:

  • Account management: Creating your account, verifying your identity, and processing deposits and withdrawals.
  • Legal compliance: Meeting anti-money-laundering (AML) and Know Your Customer (KYC) requirements set by Indonesian financial regulators.
  • Fraud prevention: Detecting unauthorized access, unusual transactions, and account takeover attempts.
  • Communication: Sending you deposit confirmations, withdrawal notifications, and account alerts via email or SMS.
  • Service improvement: Analyzing usage patterns to optimize game performance, platform stability, and user experience.

Data Sharing with Third Parties

We share limited data with third parties only when necessary to provide bos288's services:

  • Payment processors: We share transaction details with DANA, e-wallet, mobile banking, local payment, online payment, e-wallet providers, mobile banking, local payment, online payment, and e-wallet to confirm deposits and process withdrawals. These processors adhere to their own privacy policies and security standards.
  • Analytics providers: We use analytics services to understand site traffic and user behavior. No personally identifiable information is shared with these providers — only aggregated, anonymous data.
  • Legal and regulatory authorities: We may disclose personal data to government agencies, law enforcement, or financial regulators if required by law or court order.

We do not sell your data to advertisers, marketing companies, or any other commercial entities.

Data Storage and Security

We store your data on encrypted servers located in regions that comply with international data protection standards. Our servers may sit outside your jurisdiction; by using bos288, you consent to this international data transfer. We use industry-standard encryption (SSL/TLS) to protect data in transit and at rest.

Our team has access to your data only when necessary (e.g., customer support agents reviewing your account to resolve a withdrawal issue). All staff members sign strict confidentiality agreements. We conduct regular security audits and penetration tests to identify and fix vulnerabilities.

Your Rights and Data Control

You have the right to:

  • Access your data: Request a copy of all personal data we hold about you. Open Account Settings or contact support for details.
  • Correct inaccurate data: If your name, phone, or email is wrong, update it in Account Settings.
  • Delete your account: Request account closure through Account Settings. We'll delete your data after a statutory retention period (typically 30 days for inactive accounts).
  • Withdraw consent: You can opt out of non-essential communications (e.g., promotional emails) in your Notification Settings, though we'll always send critical account alerts.

Cookies and Tracking

bos288 uses cookies to maintain your login session, remember your preferences, and analyze site usage. Session cookies expire when you close your browser. Persistent cookies remain for up to 12 months to recognize you on return visits.

You can disable cookies in your browser settings, but some bos288 features may not work properly. We do not use cookies to track you outside of bos288.app or to build a profile for advertising purposes.

Data privacy summary

  • We collect personal data only for account management, legal compliance, and fraud prevention.
  • We encrypt all data and store it on secure servers.
  • We share data with payment processors and regulators only where necessary.
  • We do not sell your data to third parties.
  • You can access, correct, or request deletion of your data through Account Settings.

Special Considerations for Mobile Users

If you use the bos288 Android app, we may request permission to access your location, device ID, and other phone features. These permissions are optional, and bos288 functions without them. If you grant location permission, we use it only to verify that you're in a supported jurisdiction. We do not share your location with third parties.

On iOS, you access bos288 through your browser (Safari). Your data handling is the same as on Android, but iOS does not require app-level permissions.

Changes to This Policy

We may update this policy occasionally to reflect legal changes, new security practices, or operational improvements. We'll notify you of material changes via email at least 30 days before they take effect. Your continued use of bos288 after the notification period counts as acceptance of the updated policy.

Contact Us About Privacy

If you have questions about how we handle your data, need to access your information, or want to request deletion, contact our support team through Account Settings or the FAQ section. We'll respond to privacy requests within 10 business days.

Our services are available only where local law permits. Users are responsible for verifying that access and use comply with their own jurisdiction's law. Data protection laws vary by region (Jakarta, Surabaya, Bandung, Medan, and other areas may have different regulations), so if you're unsure about your local privacy rights, consult a legal professional in your jurisdiction.