LEGAL REFERENCE

Your data stays yours on tayo4d

We keep your privacy and account security at the centre of everything we build. This policy shows exactly how we collect, use and protect your information—from the moment...

Data encryptedAccount protectedYour controlTransparent processIndonesia compliant
See the Lobby Read FAQ
tayo4d Your data stays yours on tayo4d

How we handle your information

tayo4d operates under the laws and regulations of supported regions in Indonesia. We collect personal data—name, email, phone, payment details—only to set up your account, process transactions and keep our platform secure. All payment data linked to DANA, OVO, GoPay and QRIS is encrypted end-to-end. We never sell your information to third parties. Your data is stored on secure servers and deleted

according to our retention schedule once your account closes or data is no longer needed.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

SUPPORT

Questions about your privacy?

Email our privacy team Send us a message with your question or concern and we'll respond within 48 hours with a clear explanation of how your data is handled.
Chat with support Open a live chat from your account dashboard to ask about data access, deletion or any policy question in real time during business hours.
Data access requests You can request a copy of all personal data we hold on you. We'll compile and send it securely within 14 days of your verified request.
EDITORIAL CLARITY

Trust signals behind your privacy

Encryption standard

All account and payment data travels on TLS 1.2 or higher encryption. Your DANA, OVO, GoPay and QRIS transactions are...

No data broker model

We don't share your personal information with marketing firms, data brokers or third-party advertisers. You remain in control of how...

Annual audit

Our systems are reviewed by independent security auditors every year to confirm compliance with data protection standards and encryption protocols.

Vendor accountability

Any third-party service provider—payment gateway, hosting, analytics—signs a strict data processing agreement that mirrors our own privacy commitments.

Incident response

If a breach occurs, we notify affected users within 72 hours with details of what happened, what data was at...

Indonesia compliance

Our policy aligns with local data protection requirements for supported Indonesian regions, including storage rules and user rights frameworks.

Consistency across our policy pages

Terms of Service
Covers account rules, conduct and dispute resolution; complements this privacy policy by defining what data we collect and why.
Responsible Play Policy
Explains account controls and Account closure tools; references privacy commitment to protect your preference data in encrypted format.
Cookie Policy
Details how we use cookies and tracking pixels; tied directly to the analytics and retention sections of this privacy document.
Payment Security Policy
Outlines DANA, OVO, GoPay and QRIS transaction safeguards; references encryption standards also described in this privacy policy.
Account Closure Policy
Specifies how we delete data when you close your account; aligns with the data retention and deletion timeline mentioned here.
Third-Party Vendor Policy
Lists our service providers and their roles; complements this policy's section on how and when we share your information.
Indonesia Regional Addendum
Provides country-specific rules for supported Indonesian regions; amends sections of this policy to reflect local law requirements.
SERVICE CONTEXT

What defines our privacy approach

Minimal data collection We ask for only what we need: name, email, phone...
One-tap consent When you open your account, you see exactly what data...
Payment vault isolation DANA, OVO, GoPay and QRIS details are stored in a...
Automatic data cleanup Inactive accounts have their data deleted after 24 months. Closed...
Transparent audit trail From your account dashboard, you can see a log of...
Indonesia-first infrastructure Your data is primarily stored on servers in supported Indonesian...

Privacy questions answered

We collect your name, email, phone number, date of birth for age verification, and payment method (DANA, OVO, GoPay or QRIS account details). We also log your IP address and device type for security. Nothing beyond what's required to operate your account and process transactions.

We delete personal data within 30 days of account closure. Payment transaction records are archived separately for accounting compliance, then purged after seven years in line with Indonesian financial regulations for supported regions.

No. We never sell your personal information. Third-party access is limited to service providers—payment gateways, hosting companies—who sign strict non-disclosure agreements and cannot use your data for their own marketing.

Yes. All payment information is encrypted with TLS 1.2 and stored in a vault separate from your general account data. We never store full card or wallet numbers in plaintext, only tokenized references.

Absolutely. Send a data access request from your account settings or email our privacy team. We'll compile and securely send your complete personal file within 14 days of verifying your identity.

We monitor for intrusions 24/7. If a breach occurs, we notify you within 72 hours with details of what happened, what data was exposed and what steps you should take to protect yourself.

We store your data primarily on servers in supported Indonesian regions, follow local retention schedules and honour user rights like access and deletion. Our policy aligns with requirements for Indonesian-registered users and regional regulations.