How We Handle Your Account Data
This is the yes77 login privacy policy. We wrote it so you know exactly what we collect when you open an account, what we do with it, and...
Privacy Posture & Your Rights
We collect only what your account needs: your registered name, contact details, login records, deposit and withdrawal references, and the device signals that keep your session secure. Where local law permits, we retain transaction logs for the periods Indonesian financial rules require, then we purge. You can request a copy of your data, ask us to correct it, or close your account
at any time. We do not sell your information to third parties. Payment partners receive only the fields needed to settle a DANA, OVO, GoPay or QRIS transfer — nothing more. Marketing consent is separate and you can switch it off without losing lobby access.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
How We Keep This Policy Honest
Our policy is reviewed by people, not just published and forgotten. Here's how we keep it aligned with what the platform actually does.
Quarterly Review
We re-read this page every quarter against the live product. If a lobby feature changes how data flows, the wording here changes in the same release cycle, not months later.
Named Owner
A single privacy lead signs off every revision. That keeps the policy consistent instead of drifting each time a new section gets added by a different writer on the team.
Encryption Standard
Account credentials and payment references sit behind current encryption practice. We rotate keys on a schedule and log every administrative access for later audit.
Vendor Vetting
Third parties touching your data — payment processors, fraud screens, chat tooling — are reviewed before onboarding and re-checked yearly against our Indonesia handling rules.
Breach Protocol
If something goes wrong we tell you. Our notification path is written down, rehearsed, and faster than the minimum window regulators expect for Indonesia-based account holders.
Plain Wording
We refuse to hide behind legalese. Every clause on this page is written so you can read it once and know what we're doing with your information.
Consistency Across Our Policy Pages
Our privacy page lines up with the rest of our legal set. Here's how the pieces relate so you can find what you need without circling.
| Privacy vs Terms | Terms cover the rules of using your account. Privacy covers what we know about you. Read both — they reference each other but answer different questions. |
|---|---|
| Privacy vs Cookies | This page is the umbrella. Our cookies notice drills into the specific tracking technologies and is updated whenever we add or remove a tag. |
| Privacy vs KYC | KYC explains the documents we ask for at verification. Privacy explains how those documents are stored, who sees them, and when they're deleted. |
| Privacy vs Payments | The payments page lists DANA, OVO, GoPay and QRIS flows. This page covers the data those flows generate and how long we keep the references. |
| Privacy vs Marketing | Marketing consent is separate from account consent. You can turn off promotional contact and keep your lobby access untouched — they don't share a switch. |
| Privacy vs Security | Security explains the controls protecting your account. Privacy explains the data those controls are protecting. Same goal, different angles, both kept current. |
| Privacy vs Complaints | If a privacy request isn't handled to your satisfaction, the complaints page tells you how to escalate, including external Indonesia avenues where local law permits. |
What This Policy Page Actually Shows
The layout of this page is built to make the policy easy to scan, not to bury it. Here's what you'll see as you read down.