istana17Privacy Policy

This page describes what we collect when you use istana17 and how we keep that data protected. We at istana17 are committed to respecting your privacy and operating transparently about how your information flows through our platform. When you register, log in, make deposits via DANA, e-wallet, mobile banking, local payment, online payment, or bank transfer, or place bets on Liga 1 football, live-dealer tables, or esports markets, we collect certain personal details. We explain that process here, along with your rights and how we safeguard your data.

Our privacy practices reflect both user convenience and legal compliance. We do not sell or share your personal information with advertisers or marketing partners. We do share minimal information with payment processors and regulatory authorities where required by law. Our servers may sit outside your jurisdiction, but our data-handling practices follow recognized security standards across all locations.

This policy applies to all istana17 services—our Android APK, iOS browser experience, desktop web access, and all sportsbook, live-casino, slot, and esports offerings. If you have questions about our practices, contact us via the support channels listed in our Terms of Service.

What Data We Collect

We at istana17 collect personal information in several categories. Account registration data includes your email address, username, password (hashed), full name, date of birth, and phone number. We ask for this when you create an istana17 account; it's mandatory to proceed. Identity and address verification data includes government-issued ID, proof of address (utility bill or bank statement), and uploaded photos of these documents. We collect this before your first withdrawal to comply with financial regulations.

Payment information involves details about your deposits and withdrawals—which payment method you used (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet), transaction amounts, dates, and status. We do not store your full payment credentials (e.g., credit card numbers or bank account details); those are handled directly by your payment partner's secure gateway. Gaming and betting data includes your bets, game outcomes, account balance history, and activity logs. This is necessary to calculate payouts, resolve disputes, and detect fraud.

Device and browser data includes your IP address, device type (Android APK, iOS, or desktop), browser version, and approximate location (derived from IP, not GPS). We use this to identify abuse, prevent unauthorized logins, and optimize our platform's performance across different devices and networks. Behavioral data includes which games you play, how long you play, which pages you visit, and when you're active on istana17. We use this to improve our product and personalize your experience.

Account Data
Email, username, name, phone, date of birth. Required for account creation and security.
Verification Data
Government ID, proof of address, supporting photos. Required before withdrawal.
Payment Data
Payment method, transaction amounts, dates. We do not store credentials; payment partners handle those.
Gaming Data
Bets placed, game results, balance history, activity logs. Used for payouts and fraud detection.
Device Data
IP address, device type, browser version, location. Used for security and performance optimization.

How We Use Your Data

We at istana17 use your personal data for specific, defined purposes. Account administration is the primary use—we need your email, password, and contact details to create your account, process logins, and communicate with you about account status. Payment processing requires us to share your name, email, and transaction details with your chosen payment partner (mobile banking, local payment, etc.). We provide only the information necessary for them to complete the transaction; we don't hand off your full profile.

Verification and compliance involves reviewing your ID and address documents to verify you're a real person and to comply with financial regulations in jurisdictions where istana17 operates. Once verified, your identity documents are encrypted and stored securely; we don't use them for any other purpose. Fraud detection and account security relies on device data, IP addresses, and behavioral patterns. If we detect suspicious activity—unusual login location, rapid betting followed by withdrawal, or patterns matching known fraud—we investigate and may temporarily freeze your account pending review.

Personalization and product improvement uses your gaming history and preferences to recommend games you might enjoy, to optimize our platform's layout and speed for your device type, and to identify which features are most popular across all users. We analyze aggregate (anonymized) data; we don't use individual profiles for marketing outside istana17. Legal and regulatory compliance may require us to disclose data to Indonesian financial authorities, law-enforcement agencies, or other regulators if they request it via proper legal channels.

Third-Party Data Processors

We at istana17 work with external partners, and we share data with them only to the extent necessary. Payment processors (online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, and your banks mobile banking, local payment, online payment, e-wallet) receive your name, email, and transaction details. They process payments under their own privacy policies and security standards. We don't control their data handling; you should review their policies separately. Live-dealer studios may be operated by third-party partners; they have access to your betting data and account balance during live-table sessions. They operate under contractual agreements requiring them to protect your data.

Cloud infrastructure providers host our servers and databases. Our data may be stored on servers in multiple countries; while we take measures to secure it, data transferred across borders may be subject to different legal protections. Analytics and monitoring services may process anonymized or aggregate data to help us understand how our platform performs. These services generally cannot identify you individually. We do not share your personal data with advertising networks or marketing firms. We never sell your data.

Data retention: We retain your account data, transaction history, and verification documents for seven years to comply with financial auditing requirements. After that period, or after account closure, we securely delete personal information according to applicable regulations.

Data Security and Encryption

We at istana17 protect your data through multiple security layers. All communication between your device (Android APK, iOS browser, or desktop) and our servers uses SSL/TLS encryptionThis means that data transmitted—including login credentials and payment details—is encrypted in transit and cannot be intercepted. Your password is never stored in plain text; we hash it using recognized cryptographic algorithms so that even if our database were compromised, attackers couldn't read passwords.

Our servers are protected by firewalls, and access to databases is restricted to authorized personnel. We conduct regular security audits and penetration testing to identify vulnerabilities. We support optional two-factor authentication (2FA) on your istana17 account; if enabled, logging in requires both your password and a code from an authenticator app or SMS. We encourage 2FA for accounts holding substantial balances.

Despite these protections, no security is perfect. We cannot guarantee absolute protection against all threats. If you suspect unauthorized access to your istana17 account, change your password immediately and contact our support team. We will investigate the incident and help you regain secure access.

Your Rights and Choices

We at istana17 recognize your rights over your personal data. You have the right to access your informationyou can request a copy of all personal data we hold about you by contacting [email protected]. You have the right to correct inaccurate dataif your account profile contains wrong information, you can update it directly in your account settings or request our assistance. You have the right to delete your account and associated datasubject to our legal and financial obligations. Contact our support team to request deletion; we'll process it according to applicable timelines and may retain data required by law.

You have the right to object to certain uses of your datafor example, if you don't want to receive behavioral recommendations, you can disable personalization in your account settings. You have the right to data portability in some jurisdictions—we can provide your data in a standard format so you can transfer it to another service if you choose. Note that these rights may be limited by our legal obligations or by the terms you agreed to when registering.

Cookies and Tracking Technologies

We at istana17 use cookies and similar technologies to maintain your session, remember your preferences, and analyze how users interact with our platform. Session cookies are temporary; they're deleted when you close your browser or log out. Persistent cookies may remain on your device for longer periods, allowing us to recognize you on future visits. You can disable cookies in your browser settings, but doing so may impair functionality on istana17.

We use analytics tools to track page views, game popularity, and device types. This aggregate data helps us improve our platform. We do not use tracking pixels or retargeting services to follow you outside istana17. Our mobile app (Android APK) may collect device identifiers and usage patterns; you can review these permissions when you install the app. Our iOS browser experience does not require special app permissions.

We at istana17 operate in multiple jurisdictions. Our services are available only where local law permits online gaming and sportsbook betting. Users are responsible for verifying that access and use comply with their own jurisdiction's laws. Our privacy practices follow recognized international standards, but we acknowledge that our servers may be located outside your country, and data transferred across borders may be subject to different legal protections than your home jurisdiction offers.

When we collect data, we do so on the legal basis that you've consented by registering and using istana17. Our terms of service, which you agree to upon registration, authorize us to collect and process data as described in this privacy policy. We also process data where required by law (e.g., verifying your identity to comply with financial regulations) and where necessary to perform our contract with you (e.g., processing payments and calculating payouts).

Contact Information and Policy Changes

If you have questions about our privacy practices, or if you want to exercise your rights (access, correction, deletion, portability), contact us via our support system or email [email protected]. Our support team will direct your inquiry to our privacy officer or data-handling team, who will respond according to applicable timelines.

We may update this privacy policy from time to time to reflect changes in our practices, technology, or legal requirements. We'll notify you of material changes via email or in-app alert. Your continued use of istana17 after a policy update constitutes acceptance of the revised policy. We encourage you to review this policy periodically to stay informed.

Summary

We at istana17 collect personal data necessary for account administration, payment processing, verification, and fraud detection. We protect your data through encryption, secure storage, and restricted access. We do not sell your information; we share it with payment partners and regulators only as required. We respect your rights to access, correct, and delete your data, subject to legal requirements.

Our privacy practices are designed to balance user convenience with legal compliance and security. Whether you're in Jakarta, Surabaya, Bandung, or Medan, and regardless of whether you're betting on Liga 1 football, playing live-dealer blackjack, or exploring esports markets, your data is handled according to the principles outlined here. If you have concerns or need clarification, our support team is available to help.

  • We encrypt all data in transit via SSL/TLS.
  • We do not sell or share personal data with advertisers.
  • We retain data for seven years for regulatory compliance, then securely delete it.
  • You can request access, correction, or deletion of your data at any time.
  • Services are available only where local law permits.