durianPrivacy Policy
This page describes what we collect when you use durian and how we keep that data protected. We at durian handle your personal information according to applicable data-protection law. Our commitment is transparent: we collect only what we need, we do not sell your data to advertisers, and we let you access or delete your information on request.
Your account on durian requires identity verification (name, address, ID number, proof of address). Your payment methods — DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet — are encrypted and never stored in plain text. We process your data in the European Union and Indonesia-region servers; both locations are subject to our privacy obligations.
If you have questions about how we handle your data, contact our support team. This policy applies to all users of durian.bid regardless of location. Our services are available only where local law permits.
What We Collect on durian
Account Information
When you create an account on durian, we collect your full name, email address, date of birth, phone number, and residential address. We require a valid government ID (passport, national ID card, or driver's license) and proof of address (utility bill, bank statement, or government letter). We use this information to verify your identity, comply with anti-money-laundering law, and prevent fraud.
We store your account credentials (email and hashed password) securely. We never store your password in plain text or send it to you in email. If you forget your password, we send a secure reset link that expires after 24 hours.
Payment and Transaction Data
We collect information about your deposits and withdrawals: the payment method you used (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank name), the amount, date, and time. We do not collect your full card number or bank account number — your payment provider handles that directly. We store transaction records to reconcile your account balance, detect fraud, and comply with financial reporting obligations.
Your account balance, bet history (what you wagered on, when, and the outcome), and withdrawal requests are recorded and encrypted. You can access your full transaction history from your durian account dashboard at any time.
Device and Usage Data
We collect information about your device: your browser type, operating system, IP address, and the pages you visit on durian. We use cookies and similar tracking technology to remember your login status, language preference, and betting history. These help us improve our platform and detect suspicious activity (such as unauthorized login attempts from unusual locations).
We do not track you across other websites. Our cookies are first-party only — they belong to durian.bid and do not follow you elsewhere. You can disable cookies in your browser settings; this may limit some features of durian.
How We Use and Protect Your Data on durian
Use of Your Information
We use your data for four core purposes: to operate your durian account (verify deposits, settle bets, process withdrawals), to comply with law (KYC verification, anti-money-laundering checks, tax reporting), to prevent fraud and abuse, and to improve our service (analyze how users interact with football markets, live casino tables, and slots). We do not use your data for marketing to third parties, and we do not sell your personal information.
Your betting history on durian — your Liga 1 bets, Piala AFF wagers, Champions League slips, live blackjack hands — is visible only to you and our support team (if you request help). We do not share your bets with other users or publish aggregate statistics that identify you.
Third-Party Processors
Our payment processors (the companies behind DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, and your banks) receive your payment information directly. We do not forward your card or bank details to them — you provide those to them, and they confirm the transaction to us. We also use cloud-hosting providers to store your data; these providers are bound by confidentiality agreements and cannot access your personal information.
Our customer-support team may access your account (with your permission) to resolve disputes, verify settlements, or process withdrawals. All staff sign confidentiality agreements. If we need a third party for a specific reason (such as a payment dispute with your bank), we share only the minimum data necessary and require written confidentiality agreements.
Data Security and Retention
We encrypt your data in transit (using SSL/TLS) and at rest (using AES-256 or equivalent). Your password is hashed with a strong algorithm and cannot be reversed. Our servers are protected by firewalls, intrusion-detection systems, and regular security audits. If we discover a breach, we notify you within 48 hours and explain what happened.
We retain your account data as long as your account is active. After you close your account, we delete most personal information within 90 days, except where law requires us to keep records (for example, tax authorities may require transaction records for seven years). You can request early deletion of specific data; we will comply unless legal obligation prevents it.
Your privacy on durian is not negotiable. We encrypt, we audit, and we do not sell.
Your Rights
You have the right to access your personal data on durian at any time — download your account information from your dashboard or request it from support. You have the right to correct inaccurate data (update your email, address, or name). You have the right to delete your account and request deletion of your personal data, subject to legal retention requirements. You have the right to object to our use of your data for marketing (we do not market to you anyway, but you can opt out of communications). Contact our support team to exercise any of these rights; we will respond within 30 days.
If you believe we have mishandled your data, you have the right to lodge a complaint with your national data-protection authority. Our services are available only where local law permits, and our privacy practices comply with applicable data-protection regulations.