milyhyaPrivacy Policy

This page describes what we collect when you use milyhya and how we keep that data protected. We handle your personal information carefully—your email, phone number, banking details, and betting history are encrypted and stored securely. We never sell your data to third parties for marketing; we use it only to operate our platform, verify your identity, settle your account, and comply with anti-money-laundering regulations.

Our milyhya privacy policy applies whether you access our platform via Android app, iOS browser, or desktop. We collect minimal data—only what is necessary to create your account, process your deposits and withdrawals, and confirm your KYC verification. Your data remains yours; you can request a copy or deletion at any time by contacting our support team.

We update this policy regularly to reflect changes in data protection law and our operational practices. Continued use of milyhya constitutes your acceptance of the current privacy policy.

What Data We Collect on milyhya

When you create a milyhya account, we collect your email address, phone number, and a password you set. We ask for your full name, date of birth, and home address during KYC verification. You upload a valid Indonesian ID (KTP, passport, or driver's license); we scan and store the document image encrypted on our servers.

During deposits and withdrawals, we collect your chosen payment method (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet) and the transaction amount. We do not store your full banking credentials—payment processing happens on your bank's or payment provider's secure servers. We only receive confirmation that the transaction succeeded.

Our milyhya platform logs your activity—login times, wagers placed, games played, amounts wagered, and outcomes. We collect your device information (Android version, iOS version, browser type, IP address) to troubleshoot technical issues and detect fraud. We set cookies and local storage on your phone and browser to remember your login session and preferences (sound on/off, language setting, notification frequency).

• Account data: Email, phone, full name, date of birth, address, ID number, device ID.
• Payment data: Deposit and withdrawal history, payment method used, transaction amounts and dates.
• Activity data: Login timestamps, games played, wagers placed, game outcomes, session duration.
• Technical data: Device type, OS version, browser, IP address, crash logs, performance metrics.
• Communication data: Messages you send to our support team, push notification preferences, email preferences.

How We Use Your Data on milyhya

We use your account data to verify your identity (KYC), create and secure your milyhya account, and process your deposits and withdrawals. We use your payment history to reconcile accounts, detect duplicate registrations, and comply with anti-money-laundering (AML) regulations. Indonesian and international law require us to keep transaction records for at least five years.

We use your activity data to calculate your account balance, settle your wagers, track bonus eligibility, and generate your betting history. We analyze aggregated (anonymised) activity data to improve our platform—understanding which games are popular during Liga 1 season or holiday periods like Idul Fitri or Idul Adhawhere network latency occurs, and which payment methods are most reliable in Jakarta, Surabaya, Bandung, or Medan.

We use your technical data to debug app crashes, monitor server performance, and protect against fraud and unauthorised access. If we detect suspicious login attempts (e.g. login from a new country), we send you a push alert and require 2FA verification. We use your communication data to respond to your support requests and improve our customer service.

Our Data Protection and Third-Party Processors

We encrypt all data in transit (between your phone and our servers) using TLS 1.2 or higher. Data at rest on our servers is encrypted with AES-256. We store backups of your account data on secure cloud servers; these backups are also encrypted and are not accessible to third parties without authorisation.

Our milyhya servers may be located outside Indonesia. We partner with cloud providers (Amazon Web Services, Google Cloud, Microsoft Azure) to host our infrastructure. These providers are bound by data protection agreements and comply with international security standards. Your data remains encrypted even when stored on their servers—they do not have access to the encryption keys.

We may use third-party analytics providers (Google Analytics, Mixpanel) to understand how players interact with milyhya. These providers receive aggregated, anonymised data—they do not see your personal details or account balance. We may use email service providers to send you account notifications; these providers are contractually prohibited from using your email for any purpose other than delivering our messages.

Your Rights and Data Access on milyhya

You have the right to request a copy of all data we hold about you. Log into your milyhya account and go to Account → Privacy → Download My Data. Your data is compiled within 5 business days and available for download in CSV format. You can also email our support team to request your data in a different format.

You have the right to correct inaccurate data. If your name, address, or other account details are wrong, update them in Account → Profile → Edit Details. If you cannot make the correction yourself, contact our support team and we will update it within 24 hours.

You have the right to delete your account and associated personal data. When you request account deletion, we anonymise your gaming history (wagers, outcomes, balances are retained only for regulatory compliance but are disconnected from your identity). Your personal data (name, ID, email, phone, address) is deleted within 30 days. Account deletion is permanent and cannot be reversed.

KYC (Know Your Customer)

Identity verification process. We collect your full name, ID number, date of birth, and address to confirm you are who you claim to be.

AML (Anti-Money Laundering)

Regulatory compliance. We monitor your account for suspicious activity and retain transaction records per Indonesian law.

TLS encryption

Transport Layer Security. Your data is encrypted while travelling between your phone and our servers.

Cookie

A small file stored on your phone or browser that remembers your login session and preferences.

Cookies and Local Storage on milyhya

Our milyhya app and website use cookies and local storage to enhance your experience. We set a session cookie when you log in; this allows you to remain logged in as you move between pages or play different games. We set preference cookies to remember your language, sound settings, and notification frequency so you do not have to reset them each time.

We use analytics cookies to understand how players use milyhya—which games are most popular, how long players stay in a session, where they drop off. These analytics cookies are anonymised and do not identify you personally. You can disable cookies in your device or browser settings, but this may limit milyhya's functionality.

Contact Us About Your Privacy

If you have questions about our privacy practices, how we use your data, or how to exercise your rights, contact our Data Protection Officer via email or live chat through your milyhya account. We respond to privacy inquiries within 5 business days. If you believe we have violated your privacy rights, you may file a complaint with the Indonesian Personal Data Protection Authority (OJK or relevant agency in your jurisdiction).