colrom Casino & Sportsbook Data Care

This page describes what we collect when you use colrom and how we keep that data protected. When you open an account, deposit via QRIS or e-wallet, place a bet on Liga 1, or join a live roulette table, we record information about those actions. We use that information to verify your identity, process your transactions, detect fraud, and improve our service.

We take data security seriously. Our servers use SSL encryption, and sensitive information (passwords, payment details, identity documents) is encrypted at rest. We do not sell your personal information to third parties. We share data only with payment processors, compliance partners, and law-enforcement agencies where legally required.

Our services are available only where local law permits. Users are responsible for verifying that access and use comply with their own jurisdiction's regulations. This policy applies to all colrom users; if you disagree with any clause, do not use our platform.

What We Collect on colrom

Account Information

We collect your email address, phone number, and a password when you register on colrom. We also collect your full name, date of birth, and residential address. These details are required for account creation and identity verification (KYC).

Identity & Verification Documents

Before you can withdraw from colrom, we ask for a valid ID number and may request a photo of your ID document. We store this information encrypted and use it only to verify your identity and comply with anti-fraud and anti-money-laundering regulations. We do not share ID images with third parties except where legally required by Indonesian authorities or our payment processors.

Payment Information

When you deposit via DANA, e-wallet, mobile banking, local payment, or a bank transfer (online payment, e-wallet, mobile banking, local payment), we record your transaction reference, the amount, and the timestamp. We store the linked payment method (e.g., your online payment account identifier or your e-wallet account number) so we can route withdrawals back to the same source. We do not store your full credit card number or e-wallet password.

Betting & Gaming Activity

We log every bet you place, every slot spin, and every live casino table session. This includes the game type, bet amount, outcome, and timestamp. We use this data to settle disputes, detect unusual patterns that might indicate fraud or account compromise, and calculate your account balance.

Device & Access Logs

We record your IP address, device type (phone, tablet, desktop), and browser information when you access colrom. We also log login times and failed login attempts. This helps us detect unauthorized access and protect your account.

How We Use Your Data on colrom

We use the information we collect for the following purposes:

• Account management: We verify your identity, process deposits and withdrawals, and settle bets.
• Fraud prevention: We detect suspicious activity (multiple rapid logins, unusual withdrawal patterns, duplicate accounts) and block access if necessary.
• Compliance: We comply with Indonesian anti-money-laundering (AML) and know-your-customer (KYC) regulations by verifying user identity and monitoring transaction sizes.
• Service improvement: We analyze usage patterns to improve colrom's interface, game offerings, and payment options.
• Customer support: We use your information to respond to your inquiries via Live Chat or email.
• Legal obligations: We disclose information to law-enforcement agencies, tax authorities, or courts when legally required.

Third Parties & Data Processors

We do not sell your data to advertisers or marketing firms. We do share data with the following categories of third parties:

Payment Processors

When you deposit via mobile banking, local payment, or a bank transfer, we share your transaction reference and linked account identifier with the payment processor (e.g., the bank or e-wallet provider) to complete the transaction. We do not share your password or full card details with these processors.

Compliance Partners

We may share your identity information with third-party compliance firms that perform AML checks and verify that your name does not appear on sanctions lists. These partners operate under strict confidentiality agreements.

Hosting & Infrastructure Providers

Our servers and databases are hosted by cloud-infrastructure providers. These providers have access to your data in encrypted form but are contractually prohibited from using it for their own purposes.

Law Enforcement & Authorities

We disclose information to Indonesian police, tax authorities, or courts when presented with a valid legal request (subpoena, court order, warrant). We do not proactively share information with authorities.

Your Rights on colrom

You have the right to access, update, and delete your personal information. To exercise these rights, contact our support team via Live Chat or email. We will respond to access requests within a reasonable timeframe.

Data Access

You can request a copy of all personal data we hold about you. We will provide this in a machine-readable format.

Data Correction

If your personal information is inaccurate or incomplete, you can request an update. For example, if your address on file is outdated, contact support and we will correct it.

Data Deletion

You can request deletion of your account and associated personal data. We will delete your account within 30 days, subject to legal retention obligations. Note that we may retain some data (transaction records, ID copies) for compliance and tax purposes for up to seven years.

Opt-Out of Marketing

We do not send unsolicited marketing emails. If you receive promotional material from colrom, you can unsubscribe by clicking the link in the email or contacting support.

Our Data Security Practices

We protect your data using industry-standard security measures. All communication between your device and our servers is encrypted using SSL (Secure Sockets Layer) protocol. Sensitive data — passwords, payment details, identity documents — is encrypted at rest using AES-256 encryption.

We enforce strong password policies: your colrom password must be at least 8 characters and contain uppercase, lowercase, and numeric characters. We recommend enabling two-factor authentication (2FA) for additional security. With 2FA enabled, every login requires a code sent to your email or phone, preventing unauthorized access even if your password is compromised.

Our staff members sign data-protection agreements and have access only to the data necessary for their roles. We do not log your password in plain text, and we never ask you to share your password via email or chat.

How Long We Keep Your Data

We retain personal information for as long as your colrom account is active, plus up to two years after account closure. Transaction records, identity documents, and payment history are retained for seven years to comply with Indonesian tax and accounting regulations.

If your account is inactive for more than three years, we may delete account-level data but retain transaction history for tax purposes. If you request account deletion, we begin deletion within 30 days, subject to legal retention windows.

Contact Us About Privacy on colrom

If you have questions about how we handle your data, or if you want to exercise your rights (access, correction, deletion), contact our support team. You can reach us via Live Chat during active hours or email support at any time. We will respond to privacy requests within 14 days.

If you believe we have mishandled your data or violated this policy, you can also file a complaint with the Indonesian Data Protection Authority or relevant local regulator. We encourage you to contact us first so we can address your concerns directly.