crobat Platform Privacy Notice

This page describes what we collect when you use crobat and how we keep that data protected. We understand that privacy matters to you, so we outline our practices clearly. When you deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or mobile banking, local payment, online payment, e-wallet bank transfer, we handle your payment information according to strict data-protection standards.

We at crobat collect personal information only when necessary—your email, phone number, national ID (for account verification), bank or e-wallet details, and your activity on our platform (wagers placed, games played, wins and losses). We do not sell your data to third parties. We share information only with payment processors, fraud-detection partners, and where required by law.

Our commitment is to keep your account secure and your personal information confidential. This privacy notice explains our data collection, use, retention, and your rights as a crobat member.

What Data We Collect at crobat

Account Registration and Identity Verification

When you open a crobat account, we collect your email address and require a secure password of your choosing. Before your first withdrawal, we ask for identity verification: a copy of your government-issued ID (driving licence, passport, or national ID card) and a selfie to confirm the ID matches your face. We also record your full name, date of birth, and postal address for compliance purposes.

We retain your identity documents on our crobat servers for seven years after you close your account, in case we need to respond to legal requests or audit our compliance records.

Payment and Banking Information

We at crobat collect bank account or e-wallet details only when you initiate a deposit or withdrawal. For e-wallets (DANA, e-wallet, mobile banking, local payment, online payment), we connect securely to your e-wallet provider's API; we do not store your e-wallet password. For bank transfers (e-wallet, mobile banking, local payment, online payment), we record your virtual-account number and bank branch details but not your full banking credentials.

Our payment processors may store transaction records for reconciliation and fraud prevention. We never store full credit card numbers or full bank-account numbers on our crobat systems. Payment processing occurs through encrypted channels (HTTPS and tokenisation).

Identity verification

We collect your ID and selfie before your first crobat withdrawal, then retain them for seven years for compliance.

E-wallet data

We do not store your e-wallet password; we connect via secure API only when you initiate a transaction on crobat.

Bank details

We store your virtual-account number and bank branch for e-wallet, mobile banking, local payment, online payment transfers; we do not store full account numbers on crobat.

Transaction logs

We retain deposit and withdrawal records for five years for reconciliation and dispute resolution on crobat.

Wager and Gaming Activity on crobat

We record every wager you place on crobat, including the market or game name, stake amount, odds, settlement result, and timestamp. This data helps us prevent fraud, investigate disputes, and track your loyalty-program progress. Members who place Match Winner bets during Liga 1 season, play live-dealer blackjack, or wager on Mobile Legends esports—all generate activity logs on crobat.

We retain your wager history for five years. You can download your transaction report from your crobat account dashboard at any time.

Cookies and Tracking on crobat

Our crobat platform uses cookies (small text files stored on your device) to remember your login session, language preference, and account balance display. We also use analytics tools to measure how often the platform crashes, which game sections members access most frequently, and how long users typically spend on sportsbook pages vs. live-dealer tables.

We do not use cookies to track you across external websites. We do not sell your browsing data to advertisers. Our analytics partner may sit outside Indonesia (potentially in the EU or USA), but we have data-processing agreements in place to ensure your data receives equivalent protection on crobat.

Communication and Support Data

When you contact crobat support via live chat or email, we record your message, our response, and the date and time of contact. We retain support tickets for two years to handle recurring issues and training. If you opt into crobat promotional emails, we record your email address and when you subscribed. You can unsubscribe from promotions at any time via a link in our emails.

How We Use and Protect Your Data on crobat

Data Use and Sharing

We use your crobat data for account management, fraud prevention, settlement of wagers, tax and audit compliance, and customer support. We share your data with our payment processors (e-wallet providers and banks) only to complete deposits and withdrawals. We may share aggregated, non-identifying data with researchers studying gaming behaviour or with regulatory bodies investigating complaints.

We do not rent, sell, or lease your personal information to marketers. We do not provide third-party advertisers access to your crobat account details. Our staff access your data only when necessary (e.g., to resolve a support ticket) and are bound by confidentiality agreements.

Data Security on crobat

We at crobat employ industry-standard encryption (HTTPS/TLS 1.2 or higher) for all data in transit. Our servers sit in secure data centres with firewalls, intrusion detection, and 24/7 monitoring. We require staff to use multi-factor authentication to access any production database containing member data. We conduct annual security audits and penetration testing.

Your crobat password is never stored in plain text; we hash it using industry-standard algorithms. We cannot retrieve your password; if you forget it, you request a reset link via email.

Data Retention and Your Rights on crobat

We retain your crobat account data for as long as your account remains active, plus five years after closure (to respond to disputes or regulatory requests). After five years, we delete or anonymise your data, except where law requires us to keep it longer (e.g., identity documents for seven years for AML compliance).

You have the right to request a copy of your personal data on crobat, request correction of inaccurate information, and request deletion (subject to legal hold periods). To exercise these rights, email our support team or submit a request via your crobat account settings. We will respond within thirty days.

Jurisdiction and Cross-Border Data Transfer

Our crobat servers may be located outside Indonesia—potentially in the EU, USA, or Singapore. When your data transfers across borders, we ensure it receives equivalent protection through Standard Contractual Clauses or Binding Corporate Rules. Members in Jakarta, Surabaya, Bandung, Medan, Semarang, and Yogyakarta are subject to the same data protections regardless of server location.

We are subject to jurisdiction-restricted access requirements: if you access crobat from a location where our services are prohibited, we may delete your data upon detection. We undertake to inform you if a government requests your personal data; we will contest legal demands where reasonable.

Contact Us About Privacy

If you have questions about our crobat privacy practices, wish to request access to your data, or want to report a suspected data breach, contact our privacy team via live chat or email. Our support staff will direct your inquiry to the appropriate department. We aim to resolve privacy concerns within thirty days.

Policy Changes on crobat

We may update this privacy notice periodically to reflect changes in our practices, technology, or legal requirements. We will notify you via email of material changes at least thirty days before they take effect. Continued use of crobat after such notification means you accept the updated privacy terms.

Related guides