super303 Privacy Policy

This page describes what we collect when you use super303 and how we keep that data protected. When you access super303 on Android, iOS, or desktop, you provide personal information as part of account setup and payment processing. We encrypt all data in transit and at rest. We do not share your information with third parties except where required by law or to process your payments through our eight payment partners: DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, and e-wallet.

Our privacy policy governs how we collect, use, store, and protect your data across all devices and regions where super303 operates. We take data security seriously. Your national ID, proof of address, and payment details are encrypted. We monitor your account continuously for fraud. We do not sell your data. You have the right to request what we hold about you, correct inaccurate information, or ask us to delete your data (subject to legal holds).

If you have questions about how we handle your data, contact our support team through your account dashboard or via [email protected]We respond to all privacy enquiries within 48 hours.

What We Collect

We collect your email address, full name, date of birth, phone number, and national ID or passport number when you create an account on super303. This information is mandatory for account verification and withdrawal processing. We also collect proof of address (utility bill or bank statement from the last three months) as part of Know Your Customer (KYC) verification. This KYC data is encrypted and stored securely on our servers.

We collect payment information when you deposit. For e-wallet deposits via DANA, e-wallet, mobile banking, local payment, online payment, or e-wallet, your payment is routed through our payment partner's app or interface—your e-wallet credentials are not stored on our servers. For bank transfers via mobile banking, local payment, online payment, or e-wallet, we generate a virtual account number unique to you and handle the deposit through our banking partner. We store only the transaction reference and amount; we do not store your bank credentials. We also collect your IP address, device type, browser version, and login timestamps for security monitoring.

We collect game activity data—which games you access, your bet amounts, bet outcomes, and timestamps—to manage your account balance and comply with legal record-keeping requirements. We do not sell this data. We use it internally only to verify game outcomes if you dispute a result, to detect fraud, and to meet regulatory obligations where we operate.

How We Use Your Data

We use your email and phone number to send account confirmations, password resets, and security alerts. If someone attempts to log into your account from an unusual location or device, we alert you immediately via your registered phone number. We use your KYC data (national ID and proof of address) solely to verify your identity before you withdraw funds. This verification is mandatory under anti-money-laundering laws across jurisdictions where we operate. We use your date of birth to confirm account eligibility under applicable law.

We use your payment information to process deposits and withdrawals. When you request a withdrawal, our system routes your funds to your original deposit method using the payment information you provided during deposit. We use your game activity logs to calculate your account balance, respond to disputes about game outcomes, and detect fraud. We use your IP address and device information to monitor for account compromise, multiple accounts, and collusion. If we detect fraudulent patterns—for example, multiple accounts from the same device or rapid-fire deposits followed by large withdrawals—we may suspend your account pending investigation.

Third-Party Payment Processors and Data Sharing

We share payment information with our payment partners only to the extent necessary to process your transactions. mobile banking, local payment, online payment, e-wallet, mobile banking, and local payment handle e-wallet deposits directly through their own apps; they do not share your e-wallet credentials with us. online payment, e-wallet, mobile banking, and local payment process bank transfers to virtual accounts we maintain with them. These banks receive your bank account number and the amount transferred, but we do not store your bank credentials on our servers. We do not share any data from your account activity (games played, bets placed, balance) with payment partners. Payment partners use your data only to process transactions and comply with their own anti-money-laundering obligations.

We may be required by law to share your data with government authorities, regulators, or law enforcement if they issue a legal demand. We do not volunteer such information; we respond only to valid legal orders. If we receive a demand that affects your account, we notify you within 30 days unless we are legally prohibited from disclosing the request.

Data Security and Encryption

We encrypt all data in transit using industry-standard protocols (TLS 1.2 or higher). Your login credentials, payment information, and KYC documents are encrypted at rest on our servers. We use secure password hashing—your password is not stored in plain text. We conduct regular security audits and penetration testing to identify and fix vulnerabilities. Our servers are protected by firewalls, intrusion detection systems, and continuous monitoring for unauthorised access attempts.

We recommend enabling two-factor authentication (2FA) from your account settings. With 2FA active, any login from a new device requires both your password and a one-time code sent to your registered phone number via SMS. This prevents unauthorised access even if your password is compromised. You can change your password anytime from your account dashboard. We recommend updating your password every few months for optimal security.

Cookies and Tracking

We use cookies to maintain your login session and remember your preferences (such as language and theme). We use analytics cookies to understand how you navigate super303—which pages you visit, how long you stay, which games you access. This helps us improve our platform. We do not use cookies to track your activity across other websites. You can disable cookies in your browser settings, but this may affect your ability to use super303 properly (for example, you may be logged out unexpectedly).

Your Rights and Data Retention

You have the right to request what personal data we hold about you. Contact [email protected] with your account email and phone number, and we provide a copy of your data within 14 days. You have the right to correct inaccurate data—you can update your email and phone number directly in your account settings, or contact support to correct your name, date of birth, or address. You have the right to request deletion of your data, subject to legal holds. If your account has an active dispute, pending withdrawal, or legal investigation, we retain your data for that duration. Once those obligations expire, we delete your data unless we are required by law to retain it longer.

We retain game activity logs for at least five years to comply with anti-money-laundering and tax reporting requirements. We retain KYC documents (national ID and proof of address) for at least five years after account closure to meet legal obligations. We retain transaction logs (deposits, withdrawals, bets) for at least five years. After the retention period expires, we delete this data securely.

International Data Transfers

Our servers may be located outside Indonesia. When you use super303, your data is transmitted to and stored on servers that may sit in a different jurisdiction. By using super303, you consent to such transfers. We apply the same encryption and security standards to all data, regardless of server location. If you have concerns about international data transfer, you can contact [email protected] to discuss alternatives.

Updates to This Policy

We may update this privacy policy at any time. We notify you of material changes via email to your account address at least 14 days before the change takes effect. Your continued use of super303 after a change means you accept the updated policy. If you disagree with a change, you may request account closure anytime without penalty.

Contact Us About Privacy

If you have questions about this privacy policy or how we handle your data, contact our privacy team at [email protected]We respond to all privacy enquiries within 48 hours. For legal or compliance matters, contact [email protected]For support with account access or data correction, use the support section in your account dashboard or contact our support team in English or Indonesian.

We at super303 take your privacy seriously. Your personal data is encrypted, your payment information is handled securely by trusted partners, and your account activity is monitored to prevent fraud. You control what information you share with us, and you have the right to access, correct, and request deletion of your data. If you have any concerns about data handling at super303, reach out to us—we prioritise transparency and data protection across all regions where we operate.