raze Privacy Policy

This page describes what we collect when you use raze and how we keep that data protected. We at raze process personal information in accordance with Indonesian data protection law and international privacy standards. Our commitment is to handle your data transparently, securely, and only for purposes you understand and have consented to.

When you create an account on raze, deposit funds via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank virtual accounts (mobile banking, local payment, online payment, e-wallet), or place bets on football, live casino, slots, or esports markets, we collect specific personal and transactional information. We use this data to manage your account, process payments, comply with anti-money-laundering law, and improve our platform.

We do not sell or share your data with third parties for marketing purposes. Our raze privacy practices are detailed below.

What Data We Collect on raze

We collect several categories of information when you use raze. Your identity information includes your full name, date of birth, national identity card number (KTP), phone number, and email address. This information is collected during account registration and is required to verify your identity and comply with Indonesian anti-money-laundering regulations.

We collect financial and payment information including your payment method details (DANA account, e-wallet account, mobile banking account, local payment account, online payment account, e-wallet code, or bank account number), deposit and withdrawal history, account balance, and transaction timestamps. This information is collected automatically each time you fund your raze account or withdraw winnings.

We also collect device and usage information such as your device type, operating system, browser type, IP address, and the games or markets you access on raze. We track your bets, wins, losses, and settlement outcomes. This behavioral data helps us detect fraud, prevent abuse, and improve our platform's performance during peak seasons (Liga 1 tournaments, Piala Indonesia, Idul Fitri holidays).

We Collect Minimal Data — Only What We Need

We on raze do not request unnecessary personal details. We collect your KTP number only for identity verification before your first withdrawal, and we never request sensitive information like your full banking credentials or biometric data beyond a selfie holding your ID.

How We Use Your Data on raze

We use your identity and financial information to manage your raze account, process deposits and withdrawals, and verify your account before your first withdrawal. We apply anti-money-laundering (AML) and know-your-customer (KYC) checks to comply with Indonesian financial regulation.

We analyze your usage patterns to detect fraud, prevent abuse of our promotions, and identify suspicious betting activity. If we detect unusual patterns (such as multiple accounts from the same location or rapid large-scale bets), we may freeze your account pending investigation.

We use your device and behavioral data to improve raze's performance, fix technical issues, and optimize the user experience. We track which markets (Liga 1, Piala Indonesia, Champions League, esports) are most accessed and which payment methods (mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment) users prefer. This helps us allocate server resources and scale our payment infrastructure during peak periods.

Identity verification: We use your KTP and selfie to confirm you are the legitimate account owner and prevent unauthorized access.
Payment processing: We use your payment method details to fund your account and withdraw winnings. Your data is shared only with your payment provider.
Regulatory compliance: We use your identity and transaction data to comply with AML/KYC law and to report suspicious activity if required.
Fraud prevention: We analyze patterns to detect fraudulent accounts, stolen payment methods, or abuse of promotional offers.

We share your data only with third parties who help operate raze or where required by law. Our payment processors (e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking provider, local payment, online payment, e-wallet, mobile banking) receive your payment information to process deposits and withdrawals. These payment providers have their own privacy policies and data protection measures.

We may share your identity information with Indonesian financial authorities (Bank Indonesia, OJK) if required by law or if we detect suspicious activity. We do not share your data with third-party marketing companies or data brokers.

Our service providers (hosting providers, email services, analytics providers) may have access to aggregated or anonymized data to help us operate raze. These providers are contractually obligated to keep your data confidential and use it only for the purposes we specify.

Where We Store Your Data

We store your data on secure servers located in multiple jurisdictions. Our primary data center is in Indonesia, but our raze platform uses redundant backups stored in other regions for disaster recovery. This means your personal data may be stored outside Indonesia.

We use industry-standard encryption (TLS/SSL) for data in transit and AES-256 encryption for data at rest. Access to your data is restricted to authorized raze employees who have signed non-disclosure agreements. We conduct regular security audits and penetration testing to identify and fix vulnerabilities.

How Long We Keep Your Data

We retain your account information for as long as your raze account remains active. If you close your account, we retain your identity and transaction data for seven years to comply with Indonesian financial regulations and to resolve any future disputes.

We retain your payment transaction data (deposits and withdrawals) for seven years for audit and regulatory purposes. Your behavioral data (bets, wins, losses) is retained for five years and then aggregated for statistical purposes.

Your Rights Regarding Your Data on raze

We respect your rights under Indonesian data protection law. You have the right to access your personal data at any time via your raze account dashboard. You can request a copy of all data we hold about you by contacting our support team.

You have the right to request correction of inaccurate data (for example, if your name or date of birth is recorded incorrectly). You can submit a correction request via your account, and we will review and update your information within five business days.

You have limited rights to request deletion of your data. We cannot delete your identity or transaction data while your account remains active, as this information is required to manage your account and comply with financial law. However, once you close your account and the seven-year regulatory retention period expires, you can request deletion of data we no longer need to retain.

Cookies and Tracking on raze

Our raze platform uses cookies and similar technologies to track your login sessions, remember your preferences, and analyze usage patterns. When you visit raze via web browser, we set a session cookie to keep you logged in. This cookie expires when you close your browser or log out.

We also use analytics cookies to track which pages you visit, how long you spend on each page, and which games or markets you access. This helps us understand how users navigate raze and identify technical issues. We use Google Analytics on our public website (not on the gaming platform itself). Google Analytics sets cookies on your device; you can opt out of Google Analytics tracking by installing the Google Analytics Opt-Out Browser Add-on.

Our raze platform does not use third-party advertising cookies. We do not retarget you with ads across other websites.

Contacting Us About Privacy on raze

If you have questions about our privacy practices or wish to exercise your rights regarding your data, contact us via your raze account dashboard (Account → Support). Our support team operates in English and will respond to privacy requests within five business days.

If you believe we have violated your privacy rights or handled your data improperly, you have the right to lodge a complaint with Indonesian data protection authorities.

Summary: Our raze Data Protection Commitment

We at raze collect personal information (identity, payment details, device data) necessary to operate our platform, process payments through DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, and e-wallet, and comply with Indonesian financial law. We protect this data using industry-standard encryption, limit access to authorized personnel, and retain it only for as long as necessary.

We do not sell your data to marketing companies or third parties outside our payment processors and regulatory partners. We respect your rights to access, correct, and (after account closure and the retention period expires) delete your data. Our privacy practices are transparent and subject to Indonesian data protection law.

If you have privacy concerns or wish to request access to your data, contact us via your raze account support dashboard. This privacy policy is effective immediately and may be updated at any time. We will notify you of material changes via email.

Deep Dive: Payment Data Security and Privacy on raze

Payment Privacy and Data Handling

DANA deposit and withdrawal

When you deposit on raze via DANA, we collect your DANA account identifier, the transaction amount, and the timestamp. We do not store your DANA PIN, password, or full account credentials—DANA's payment gateway handles authentication directly. Once you authorize the transaction in your DANA app, DANA sends us a confirmation token and a reference number. We store this reference number in your raze account for transaction history and dispute resolution. Your DANA account information is encrypted in our database using AES-256 encryption. During transmission between raze and DANA's gateway, data travels over TLS/SSL (HTTPS) connections. We share your DANA identifier with DANA's payment processors only to initiate withdrawals; we never share it with any other third party. DANA itself has its own privacy policy governing how they store and use your account data. During withdrawal, we send your DANA identifier to DANA's withdrawal API, and DANA processes the transfer to your DANA wallet. We retain withdrawal records for seven years for regulatory and audit purposes. If you dispute a DANA transaction (for example, claiming you did not authorize it), we provide your transaction reference and device logs to help resolve the dispute. Your DANA transaction history on raze is visible only in your account—other users cannot see your payment methods or transaction amounts. We recommend enabling biometric unlock in your DANA app to reduce the risk of unauthorized access to your raze account.

OVO and GoPay usage

When you first link OVO or GoPay to your raze account, we receive an authorization token from the payment gateway but never store your OVO or GoPay password. This token allows raze to initiate deposits and withdrawals on your behalf. You can revoke this authorization at any time by unlinking OVO or GoPay in your raze account settings; doing so immediately stops raze from accessing your OVO or GoPay account. During each deposit, we collect your OVO or GoPay transaction reference, amount, and timestamp. During each withdrawal, we send a request to OVO or GoPay to transfer funds back to your account. Both OVO and GoPay have their own data protection and encryption measures. We store your OVO and GoPay transaction history in your raze account for your reference and for regulatory compliance. Users in Jakarta, Surabaya, Bandung, and other Indonesian cities can rest assured that OVO and GoPay data is protected under Indonesian e-payment regulations. We retain OVO and GoPay transaction records for seven years. If you experience a failed OVO or GoPay transaction (for example, authorization was declined), we log the failure reason (insufficient balance, incorrect account, network timeout) in your account. This log helps our support team diagnose and resolve issues. Your OVO or GoPay account is separate from your raze account; if raze is breached (which we work to prevent), your OVO or GoPay data remains protected within OVO's or GoPay's own systems because we do not store your credentials. We recommend reviewing raze's list of authorized apps in your OVO or GoPay settings periodically to ensure you recognize all connected services.

BCA, Mandiri, BRI, BNI virtual account

When you deposit on raze via bank virtual account (BCA, Mandiri, BRI, or BNI), we generate a unique VA code for you and display it in your account. This VA code is a temporary account number used only to receive your deposit. Your personal bank account number is never exposed to raze. When you transfer funds to the VA code via your bank app, your bank records the transaction. Our raze backend receives a confirmation from the bank's clearing system within subject to verification. We store only the VA reference code and the deposit confirmation, not your personal bank account number. For withdrawals, we retrieve the bank account number associated with your verified identity (you provided this during account verification) and request the bank to transfer funds. We never store your full bank account number; instead, we store a tokenized reference that our backend uses only to initiate withdrawals. Bank data is encrypted in our database and in transit. Your bank's transaction history shows deposits to the raze VA code and withdrawals from your raze account. Your bank does not know any details about your raze bets or balance—they see only the transfer amounts. We retain virtual account transaction records for seven years for regulatory compliance and dispute resolution. If you report a missing or incorrect withdrawal to raze, we can trace the transaction through our backend and your bank's clearing records. Bank users in Medan, Semarang, and Yogyakarta benefit from bank VA's audit trail, which is particularly useful for large transactions or business account holders who need detailed records. We recommend keeping your bank account verified and up to date in your raze account to avoid withdrawal delays.

Fees, limits and verification

We collect your KYC data (KTP or passport and selfie) only when you request your first withdrawal from raze. This verification process is required by Indonesian financial law to prevent money laundering and terrorist financing. Your KTP or passport number is stored in our database encrypted with AES-256 and access-restricted to authorized compliance personnel only. Your selfie is stored separately from your identity number for additional security. Once your identity is verified, your verification status is flagged in your raze account, and we do not request verification again unless your account is flagged for suspicious activity. Verification data is retained for seven years in compliance with Indonesian AML regulations, and we never share your KTP or selfie with third parties except as required by law. We do not charge a verification fee; the process is free for all raze users. Deposit and withdrawal limits vary by verification tier. Unverified accounts (before your first withdrawal) have lower account preferences—typically a few million Rupiah per transaction. Once verified, your limits increase significantly, often to tens of millions Rupiah per transaction. We do not publish exact limits in marketing materials, but your account dashboard displays your current tier and limits. Limits are reset daily on raze, so you can make multiple deposits or withdrawals within your daily allowance. If you reach your daily limit, you can deposit or withdraw again the next calendar day. We never charge raze deposit or withdrawal fees; any fee imposed by your payment provider (DANA, OVO, bank) appears in their transaction history. We maintain logs of all your deposits and withdrawals for seven years for regulatory audit purposes.

Resolving a stalled transaction

If your deposit does not arrive on raze within the expected window, we recommend checking your account's transaction history first. Each pending transaction shows its status: "Awaiting Bank Confirmation", "Processing", "Completed", or "Failed". If the status has been "Awaiting Bank Confirmation" for more than subject to verification on a bank VA deposit, the transaction may be delayed in the bank's clearing queue. We recommend opening your bank app to confirm the debit was posted. If the debit exists in your bank but not in your raze account, the issue is a clearing delay on our backend; contact raze support with your VA reference number. If the debit does not exist in your bank, your transaction may have been rejected or cancelled. Our support team can trace the exact failure reason by reviewing our backend logs and your bank's clearing records. Funds typically return to your source account within 1–3 business days if rejected. For withdrawal issues, we maintain detailed logs of all withdrawal requests, including the timestamp, amount, destination account, and processing status. If your withdrawal is delayed, contact raze support with your withdrawal transaction ID (visible in your transaction history). Our support team can trace the withdrawal through our backend and your receiving bank's system. We document the exact step where a withdrawal is delayed (pending in raze, sent to payment provider, pending in bank clearing). We never charge support fees for investigation. During peak periods (holidays like Idul Fitri, Idul Adha, or major events like Liga 1 finals), support response times may extend 24–48 hours, but all transactions are processed reliably once confirmed in our system.