Reference

How ziatohel Handles Your Personal Data

Your personal data — account details, payment records from DANA, OVO, GoPay or QRIS, and browsing activity — is collected only for purposes we describe clearly here.

No third-party data salesDANA, OVO, GoPay & QRIS records protectedAccount data encrypted at restRetention limits applied per data typeDelete or update requests accepted
ziatohel How ziatohel Handles Your Personal Data
PRIVACY CONTACT PATHS

Reach Us About Your Privacy Rights

If you want to request a copy of your data, ask us to delete it, or correct information held on your account, our privacy team is reachable through three channels. We aim to respond to all privacy-related requests within 72 hours on business days. Requests sent outside business hours are queued and actioned the next available day.

Team online

Live Chat

Available 07:00–23:00 WIB daily. Start a chat from your account dashboard, state your privacy request clearly, and we will route it to our data team within the same session.

Email Support

Send your data request to our privacy inbox. Include your registered account email and the specific data type you are asking about. We aim for a first response within 24 business hours.

Account Settings

Log in, go to Account Settings, then select Privacy Controls. From there you can download a copy of your stored data or submit a deletion request directly — no email required.

DATA HANDLING STANDARDS

Six Ways We Protect What You Share

From cookies to payment records, every data category we hold is managed under a defined retention schedule and access policy.

Cookie Controls

We use strictly necessary cookies to keep your session active and optional analytics cookies to improve page load speed. You can adjust your cookie preferences at any time through the cookie banner or your browser settings.

Payment Data Retention

Transaction records from DANA, OVO, GoPay and QRIS are retained for the period required by applicable financial regulations. After that window closes, transaction logs are anonymised and payment identifiers are removed.

Account Security

Your account password is stored as a salted hash — we never hold it in plain text. Two-step verification is available in Account Settings under the Security tab and we recommend enabling it the day you open your account.

Third-Party Processors

Payment processors handling DANA, OVO, GoPay and QRIS transactions receive only the data fields they need to complete the transfer. We do not pass your full profile, browsing history or session data to payment partners.

Data Access Requests

You can request a structured export of all personal data we hold about you. Exports are prepared within five business days and delivered securely to your registered email address in a machine-readable format.

Policy Update Notices

When we update this privacy policy, we post a notice on the login screen and send an email to your registered address at least seven days before the new terms take effect. Your continued account use after that period confirms acceptance.

Your Privacy Questions, Answered Directly

These are the questions we receive most often about how ziatohel handles personal data. Each answer reflects our current practice — if you need clarification beyond what is here, live chat is available from 07:00 to 23:00 WIB.

We collect your name, email address, phone number, date of birth and the device identifier used at registration. If you deposit via DANA, OVO, GoPay or QRIS, we also log the transaction reference and amount for your account record.

We store transaction references and timestamps linked to your account, but we do not store your DANA wallet PIN, OVO credentials or full card numbers. Payment authentication happens on the respective payment provider's secure environment.

Account closure triggers a 90-day review period during which data is retained for dispute resolution. After 90 days, personal identifiers are deleted; anonymised transaction summaries may be retained longer where local law requires.

Yes. Submit a deletion request via Account Settings under Privacy Controls or email our privacy inbox. We process requests within five business days; some data categories may be retained if local law mandates it.

We do not sell or share your personal profile with advertising networks or data brokers. Analytics data we use internally is aggregated and does not identify individual accounts or link to your QRIS or GoPay records.

Log in and go to Account Settings, then select Personal Details. You can update your phone number and email address directly. Changes to your name or date of birth require submitting a support ticket with a copy of your identity document.

We notify you by email to your registered address and display a notice on the login screen at least seven days before changes take effect. You can review the updated policy before it applies and contact live chat with any concerns.