bos889 Platform Privacy Notice

This page describes what we collect when you use bos889 and how we keep that data protected. We handle your personal information carefully because account security underpins everything we do—from live-casino table streams to sportsbook betting and withdrawal processing.

Our privacy practices reflect industry standards for payment processors and online operators. We collect only the minimum information needed to verify your identity, process deposits and withdrawals, and comply with anti-money-laundering regulations. We do not sell, rent, or share your data with unrelated third parties.

This notice applies to anyone using bos889 via our mobile app, website, or API. If you have questions after reading, contact our compliance team using the details at the end of this page.

What We Collect and Why

Account Information

We collect your email address, phone number, full legal name, date of birth, and identity number (KTP for Indonesian nationals) when you open an account on bos889. We use email to send account notifications, reset links, and withdrawal confirmations. Phone numbers are used for two-factor authentication (2FA) codes and, if needed, support callbacks.

Your identity information is required under Indonesian anti-money-laundering law. We verify it against official government databases where available. Once verified, your data remains in our encrypted database indefinitely for account recovery, dispute resolution, and regulatory audit purposes.

Payment Information

When you deposit via DANA, e-wallet, mobile banking, local payment, online payment, or e-wallet, we do not store your wallet credentials or pin codes. Instead, the payment provider handles authentication; we receive only a transaction confirmation and token. For bank transfers using mobile banking, local payment, online payment, or e-wallet virtual accounts, we generate a unique account number for you but do not retain your actual bank account details—the bank itself handles that information.

We log every deposit and withdrawal transaction in our ledger, including timestamp, amount, payment method, and status. This history is retained for five years to comply with financial audit and anti-fraud regulations, then deleted unless we are legally required to retain it longer.

Device and Usage Data

Our app collects your device type (iOS or Android), app version, IP address, and general geographic location (country/region level) to optimize performance and detect unauthorized access attempts. We do not track your precise GPS location or browse history outside bos889.

We log your session activity—when you log in, which games or sportsbook you access, how long you remain inactive—to improve user experience and identify potential security issues. This data is retained for 90 days, then aggregated into anonymized statistics or deleted.

Cookies: Our website uses session cookies to maintain your login and remember your interface preferences. Cookies expire when you close your browser or after 30 days of inactivity, whichever comes first. We do not use third-party tracking cookies.

Compliance and Fraud Prevention Data

We monitor account activity for patterns consistent with money laundering, fraud, or underage access. If your withdrawals or deposits trigger automated flags—e.g., sudden large transfers, rapid account cycling—our compliance team reviews your account. This review may include requesting additional documentation, such as proof of funds source or explanation of unusual activity.

We flag accounts suspected of violation and may suspend them pending review. We retain compliance notes and decision records indefinitely for legal defense and regulatory audit.

How We Protect Your Data

We store all data on encrypted servers in secure data centres. Access is restricted to bos889 staff with a need-to-know basis; engineers access only anonymized data; support staff can see account details only when helping you resolve an issue. Every employee with data access signs a confidentiality agreement.

Passwords are hashed and salted before storage, meaning even our engineers cannot view them. Sessions expire after subject to verification of inactivity, forcing re-authentication. We recommend enabling two-factor authentication (2FA) for additional security; with 2FA enabled, anyone attempting to access your account from a new device must provide a one-time code from your phone.

Our platform undergoes annual security audits by independent firms. Audit results are available on request from our compliance team. If we detect or experience a data breach, we notify affected members within 48 hours and provide guidance on securing your account.

Your Rights and Our Obligations

Data Access and Correction

You can request a copy of all data we hold about you by emailing our compliance team. We will provide it within 14 business days. If you find inaccurate information—e.g., misspelled name, wrong date of birth—contact support, and we will correct it within 2 business days.

Data deletion is limited by law. We must retain transaction history, identity verification records, and compliance notes for legal and regulatory reasons. Upon your request to close your account, we delete session data and non-essential preferences but retain the core account record in dormant status so you can re-open it without reverifying.

Jurisdiction and Third Parties

Our servers may sit outside your jurisdiction. We work with payment processors, identity-verification services, and compliance vendors who may access your data to fulfill their contractual duties. These vendors sign data-processing agreements; we remain responsible for their compliance.

We do not sell member data. We may share anonymized, aggregated data with researchers or published in annual reports (e.g., "average deposit from Jakarta members" or "most-played Liga 1 match"). Individual data is never disclosed without your consent except when legally compelled by court order or anti-fraud authority.

If you access bos889 from Surabaya, Bandung, Medan, or Semarang during tournaments like Piala Indonesia or Piala AFF, your region is logged to optimize server routing and support availability. This regional data does not identify you personally and is aggregated monthly for network planning.

Contact us: For privacy concerns or data requests, email our compliance team. Include your account email address and a detailed description of your request. We respond within 14 days.

Our bos889 Policy Summary and Updates

This privacy notice reflects our current practices. We update it periodically to reflect regulatory changes, new features, or operational improvements. Material changes are announced via email and in-app notification. Your continued use of bos889 after a policy update constitutes acceptance of the new terms.

We recognize that payment adoption trends shift over time. When new payment methods become available in Indonesia—e.g., during Idul Fitri or Idul Adha holiday seasons when mobile wallet usage peaks—we may add them to our platform. Each new payment partner signs a data-processing agreement meeting the same privacy standards as our existing processors.

Our commitment is simple: we keep your data encrypted, we verify your identity to prevent fraud, we do not share it with unrelated parties, and we comply with anti-money-laundering law. If you have questions or concerns, contact us immediately. Your trust in bos889 depends on our transparency and diligence.