xmaster Privacy Policy

This page describes what we collect when you use xmaster and how we keep that data protected. We take your privacy seriously and comply with standard data-protection practices. We collect only the information necessary to operate our platform, process your payments, and comply with anti-money-laundering regulations.

Our servers may sit outside your jurisdiction, but we encrypt all sensitive data (payment details, identity documents, account credentials) and restrict access to authorized staff only. We do not sell your personal information to third parties. We share data only with payment processors, compliance partners, and law enforcement when legally required.

If you have questions about how we handle your data or wish to exercise your privacy rights, contact our support team via live chat or email. We respond to data-access requests within 30 days.

What Data We Collect

When you register on xmaster, we collect your full legal name, date of birth, email address, and phone number. We require a government-issued ID (KTP, passport, or driver's license) and may request proof of address (utility bill, bank statement, or rental agreement). We use this information to verify your identity, comply with anti-money-laundering regulations, and prevent fraud.

When you deposit or withdraw funds, we collect transaction details including the payment method, amount, timestamp, and your bank or e-wallet account number. We do not store your full payment card number or e-wallet PIN; payment processors handle this data directly using encrypted connections.

When you use xmaster, we collect information about your activity: which games you play, how long you play, your bet amounts, and your account balance. We also collect your IP address, device type, browser version, and approximate geographic location (based on IP). We use this data to detect fraud, prevent multi-accounting, and improve our platform.

We do not collect your browsing history outside xmaster, your contacts, your calendar, or any other personal data beyond what is necessary to operate the platform and comply with regulations.

How We Use Your Data

We use your personal data to: verify your identity and prevent fraud; process your deposits and withdrawals; comply with anti-money-laundering and know-your-customer (KYC) regulations; respond to your support requests; and improve our platform based on usage patterns.

We also use your data to send you account notifications (deposit confirmations, withdrawal status, bonus offers, policy updates). You can opt out of promotional emails via your account settings, but we will continue to send transactional emails (e.g., withdrawal confirmations) as long as your account is active.

We do not use your data for marketing purposes beyond xmaster. We do not sell your email address or phone number to third parties. We do not use your data to build profiles for targeted advertising outside our platform.

If we suspect fraud or violation of our terms, we may use your data to investigate, including sharing information with law enforcement or payment processors as required by law.

KYC (Know Your Customer)
Regulatory requirement to verify customer identity and prevent money laundering. We collect ID and proof of address for this purpose.
AML (Anti-Money Laundering)
We monitor transactions for suspicious patterns and report to authorities if required by law.
Data retention
We retain account data for seven years to comply with regulatory requirements. Video records of live-dealer tables are retained for 90 days.

Third-Party Data Processors

We share your data with third-party processors to operate xmaster. These include: payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) who handle your deposits and withdrawals; identity-verification services that confirm your government ID; and compliance partners who help us detect fraud and money laundering.

We also use cloud-hosting providers to store our servers and databases. These providers may be located outside your jurisdiction (e.g., in Singapore or the United States). All data is encrypted in transit and at rest, and we contractually require these providers to maintain strict confidentiality.

We do not share your data with marketing companies, data brokers, or any third party not directly involved in operating xmaster or complying with regulations. If we are acquired or merge with another company, we will notify you and give you the option to close your account before your data is transferred.

We may disclose your data to law enforcement, tax authorities, or regulatory bodies if legally required. We will not notify you of such disclosures unless we are legally permitted to do so.

We encrypt your sensitive data and restrict access to authorized staff only — your privacy is protected by industry-standard security practices.

xmaster data security team

Your Privacy Rights

You have the right to access, correct, or delete your personal data. To exercise these rights, contact our support team via live chat or email. We will respond within 30 days.

You have the right to request a copy of all data we hold about you in a portable format (e.g., CSV or JSON). You have the right to object to our use of your data for marketing purposes (you can opt out of promotional emails via your account settings). You have the right to lodge a complaint with your local data-protection authority if you believe we have violated your privacy.

If you request deletion of your account, we will delete your personal data within 30 days, except where we are legally required to retain it (e.g., for anti-money-laundering compliance, we retain account data for seven years). We will also delete your account balance and any pending withdrawals.

We do not use automated decision-making or profiling to make decisions about your account (e.g., we do not automatically deny withdrawals based on algorithmic scoring). All account decisions are made by human staff and are subject to appeal.

Cookies and Tracking

We use cookies to remember your login session, store your language preference, and track your activity on xmaster for fraud detection and platform improvement. Cookies are small text files stored on your device; they do not contain sensitive information like passwords or payment details.

We use two types of cookies: session cookies (deleted when you close your browser) and persistent cookies (stored for up to one year). You can disable cookies in your browser settings, but this may prevent xmaster from functioning properly.

We do not use third-party tracking pixels or analytics services that track you across other websites. We do not share cookie data with advertisers or data brokers.

If you access xmaster from Jakarta, Surabaya, Bandung, Medan, or Semarang, your approximate location is inferred from your IP address for fraud detection only. We do not use GPS or precise location tracking.

Data Security

We protect your data using industry-standard encryption (TLS 1.2 or higher) for all data in transit. Your payment information is encrypted end-to-end and never stored in plain text. Your identity documents are encrypted and stored on secure servers with restricted access.

We conduct regular security audits and penetration testing to identify vulnerabilities. We require all staff to sign confidentiality agreements and undergo security training. We do not share passwords or access credentials via email or chat.

Despite our security measures, no system is completely secure. If we discover a data breach, we will notify affected users within 72 hours and provide guidance on protecting their accounts.

You are responsible for keeping your xmaster password confidential. Do not share your login credentials with anyone, including xmaster staff. If you suspect unauthorized access to your account, change your password immediately and contact support.

Changes to This Policy

We may update this privacy policy at any time. We will notify you of material changes via email at least 30 days before they take effect. Continued use of xmaster after the effective date constitutes acceptance of the updated policy.

For the most current version of this policy, visit xmaster.bet/privacy-policy/. If you have questions or concerns about our privacy practices, contact our support team via live chat or email. We are available 24 hours and aim to respond within one business day.

  • We encrypt all sensitive data

    Payment details, identity documents, and account credentials are encrypted using industry-standard protocols.

  • We do not sell your data

    Your personal information is never sold to third parties or used for marketing outside xmaster.

  • You can request your data

    Contact support to access, correct, or delete your personal information within 30 days.

  • We comply with regulations

    We retain data as required by anti-money-laundering and tax regulations, typically seven years.

Contact Us About Privacy

If you have questions about this privacy policy, wish to exercise your privacy rights, or have concerns about how we handle your data, contact our support team. We are available via live chat on xmaster.bet or via email. We respond to standard inquiries within one business day.

During major holidays such as Idul Fitri, Idul Adha, Imlek, or Nyepi, response times may be longer. We will acknowledge your request within 48 hours and provide a full response within 30 days. This privacy policy is effective immediately and was last updated on the date shown at the bottom of this page.