lucky df Casino & Sportsbook Data Care

This page describes what we collect when you use lucky df and how we keep that data protected. We operate across multiple payment channels—DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, and major Indonesian banks—so your account information passes through several processing steps. We are transparent about each one.

Our commitment is straightforward: we collect only the information we need to run your account, settle your transactions, and comply with applicable law. We do not sell your personal data. We do not share it beyond the processors our platform requires. We keep your credentials encrypted and your session activity logged.

What We Collect on lucky df

Registration and account setup

When you open an account on lucky df, we collect your full name, email address, phone number, date of birth, and residential city. We also record your choice of currency (IDR) and preferred language. This information is required to create your login credentials and establish your account tier.

Identity verification

We verify your identity by requesting a government-issued ID (e.g., KTP). We store a copy of that document in our secure vault. We also ask for a selfie to confirm your identity matches the ID. These steps comply with anti-money-laundering rules and help us prevent account fraud. The verification process may take one to three business days.

Payment information

When you deposit or withdraw, we collect the name of your payment method (e.g. DANA or e-wallet), the transaction amount, and the timestamp. We do not store your card number, PIN, or OTP. Your bank or e-wallet provider handles the actual payment credential. We receive only a confirmation token from them once the transaction clears.

Activity logs

We log every login, every bet placed, every withdrawal request, and every live-dealer table session you join. We record the IP address, device type (mobile or desktop), and session duration. We also track which games you play—for example, whether you join a roulette studio or place a Liga 1 wager. This data helps us detect suspicious behaviour and improve your experience.

Communication records

If you contact our support team via email, chat, or phone, we keep a record of that conversation. We use these records to resolve your issue and to train our support staff. We retain them for at least two years after the conversation ends.

Verification windows: We may place a temporary hold on your account during verification. This is normal and does not affect your ability to view your account balance or transaction history.

Our lucky df Data Policy

How we use your data

We use your data for five core purposes. First, to manage your account and process your deposits and withdrawals. Second, to detect fraud and prevent money laundering. Third, to comply with legal and regulatory obligations in jurisdictions where we operate. Fourth, to improve our platform—for example, by analysing which games are most popular during Idul Fitri or Idul Adha. Fifth, to communicate with you about account security, payment issues, or scheduled maintenance.

Third-party processors

Our payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) may sit outside your jurisdiction. When you initiate a deposit or withdrawal, your account name and transaction amount are transmitted to them. They apply their own encryption and privacy policies. We do not control their security; we only certify that they meet industry standards before we integrate with them.

Data retention

We retain your account data—name, address, verification documents—for as long as your account remains active, plus seven years after closure (this is a legal requirement). We retain transaction logs and chat records for at least two years. We delete IP logs and session data after one year. If you request account deletion, we anonymise your personal identifiers within 30 days but keep transaction records for compliance.

Your rights

You have the right to request a copy of all personal data we hold about you. You can ask us to correct any inaccurate information. You can request that we delete your account (we will anonymise it instead of removing it entirely, to preserve compliance records). To exercise these rights, contact our support team in writing and include your account username.

Cookies and tracking

We use session cookies to keep you logged in to lucky df. We also use analytics cookies (from Google Analytics) to understand which features you use most often. We do not use tracking pixels to follow you outside our platform. You can disable cookies in your browser settings, but this will log you out and may break some features.

Security practices

We encrypt all data in transit (HTTPS) and at rest (AES-256). We use two-factor authentication for sensitive operations such as account deletion or large withdrawals. We conduct annual security audits. We maintain a password-reset flow that verifies your email and phone number before allowing a new password. Our servers are located in data centres with redundancy and backup systems. We do not guarantee absolute protection—no system is unhackable—but we follow industry standard security practices.

Contact: If you have questions about this policy or wish to exercise your data rights, email our support team at the address listed in our footer.

This policy applies to all users of lucky df, regardless of location. Our services are available only where local law permits. Users are responsible for verifying that access and use comply with their own jurisdiction's law. We may update this policy at any time; we will notify you by email of material changes. Your continued use of lucky df after a policy update means you accept the new terms.