How cuan288 Handles Your Account Data
This is the cuan288 privacy policy, written for the account you open with us in Indonesia. We explain what we collect when you sign in, what we keep...
Policy Posture and Data Scope
Our policy applies wherever you access cuan288 from supported regions and where local law permits. We collect the data needed to run your account: identifier, contact handle, device fingerprint, session logs and the wallet reference tied to your DANA, OVO, GoPay or QRIS top-up. We retain transaction records for the period Indonesian financial regulations require, and we encrypt them in transit and
at rest. You may request a copy of the file we hold on you, ask us to correct a field, or close the account and have personal data purged outside what we must keep for audit. Third-party processors are limited to payment rails, KYC checks and fraud screening, each bound by written contract.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
Privacy Contact Paths
Reach our privacy desk through any of the channels below. Each one routes to the same case queue, so pick whichever fits your day.
How We Review This Policy
Our policy isn't a static page. A small editorial group reviews the wording each quarter against Indonesian regulator guidance and the way our lobby actually works.
Quarterly review
The policy is re-read every three months by our compliance lead, who flags any clause that no longer matches how DANA, OVO, GoPay or QRIS data flows through the cuan288 stack.
Legal sign-off
Indonesian counsel signs each version before it goes live, checking that retention windows and consent language line up with current local statute and sector guidance from the financial regulator.
Engineering audit
Our backend team maps the policy claims back to actual database fields and access logs, so what we promise here matches what the system genuinely does on your account.
Vendor checks
Every processor handling your details — payment rails, KYC, fraud — is reassessed yearly. Contracts are refreshed and access scopes trimmed to the minimum each role needs.
Incident drills
We run breach simulations twice a year so the team knows the notification timeline by heart. You'd hear from us promptly if a real event ever touched your record.
Reader feedback
Questions you send to the privacy mailbox feed straight into the next revision. If a clause confuses readers repeatedly, we rewrite it in the following quarterly pass.
Consistency Across Our Policy Pages
Our terms, cookie notice and this privacy policy share the same definitions and retention windows. Here's how the pieces line up.
| Definitions | The terms account, session and wallet reference carry identical meaning across every legal page on cuan288, so you never have to re-learn vocabulary between documents. |
|---|---|
| Retention windows | Transaction logs sit at the same five-year horizon in both this policy and the terms, matching what Indonesian financial record-keeping rules expect from a licensed operator. |
| Contact route | The privacy mailbox listed here is the same address surfaced on the cookie notice and the account closure page, so requests don't get split across queues. |
| Consent language | Opt-in wording for marketing is phrased identically wherever it appears, and toggling it off in your account silences every channel at once. |
| Third parties | The processor list referenced in this policy mirrors the sub-processor schedule attached to the terms, with the same names, roles and jurisdictions disclosed. |
| Update cadence | All legal pages carry a version number and a last-refreshed stamp, updated together each quarter so you can see at a glance which revision you're reading. |
| Jurisdiction | Indonesian law governs every legal page on cuan288, and the supported-regions clause is worded the same way across the privacy, terms and cookie documents. |
What This Policy Page Shows You
A quick map of the elements you'll see on this page so you can jump to the part you actually need.
Version stamp
The badge row at the top of the hero shows the current policy version and the quarter it was last refreshed, so you can tell instantly whether you're reading the live revision.
Scope panel
The posture section spells out which regions the policy covers and which Indonesian rules shape our retention windows, with context chips for the wallet rails involved.
Contact block
Three routes to our privacy desk sit mid-page: mailbox, in-lobby chat and the account settings tab, each landing in the same case queue we monitor daily.
Review trail
The editorial trust grid documents who re-reads this policy, how often, and what they check, so the document doesn't drift away from how the lobby actually behaves.
Cross-page table
A consistency grid shows how this page lines up with our terms and cookie notice on definitions, retention and contact, saving you a side-by-side reading.
FAQ stack
The closing questions cover the requests we receive most often — access, correction, closure and marketing toggles — with short answers you can act on the same day.