cmd398 Platform Privacy Notice

This page describes what we collect when you use cmd398 and how we keep that data protected. When you register an account, fund your wallet with OVO or e-wallet, or join a live blackjack table, we gather certain information. We undertake to store it securely, use it only for account management and fraud prevention, and respect your rights under applicable law.

We at cmd398 operate an online gaming platform available where local law permits. Our service spans live-dealer tables—blackjack, roulette, baccarat, Dragon Tiger, Sic Bo—football betting during Liga 1 and Piala AFF seasons, and slots. To deliver these services, we need to verify your identity, process your payments, and protect your account from misuse. This notice explains exactly how we do that and what control you retain over your information.

What We Collect on cmd398

We collect your email address, full legal name, date of birth, identity document (Indonesian KTP, passport, or driving licence), and proof of residence (utility bill or rental agreement) when you register. We also collect payment information—the payment method you choose (DANA, e-wallet, mobile banking, local payment, online payment, or bank transfer via e-wallet, mobile banking, local payment, or online payment)—and transaction history. If you access cmd398 from Jakarta, Surabaya, Bandung, or any other city, we log your IP address and device type.

We collect information about your betting and table activity: which games you join, wager amounts, and settlement outcomes. We do not collect video from your wee-walletm or microphone. We do collect cookies and device identifiers to recognize you on return visits and to detect suspicious login attempts.

Key takeaways

  • We collect identity documents, payment details, and account activity.
  • We use encryption and KYC verification to protect your account.
  • We do not sell your data to marketers.
  • You can request a copy of your data or request deletion under applicable law.

How We Use Your Data

We use your identity information to verify your age and eligibility under local regulation. We use your payment details to process deposits, withdrawals, and account settlement. We use your activity history to detect fraud, match deposits to payouts, and comply with anti-money-laundering checks. We store transaction records for at least seven years to satisfy regulatory audit requirements.

Our servers may sit outside your jurisdiction—some in Southeast Asia, some in Europe. We employ SSL encryption on all data in transit. At rest, payment information is encrypted with AES-256. We do not store your full payment-card details; we tokenize them and work only with payment processors certified for PCI compliance.

Third Parties and Your Rights

We engage payment processors (Midtrans, doku.com, and others) to handle mobile banking, local payment, and bank-transfer settlements. These processors may store your name and masked payment details. We engage KYC vendors to verify your identity document. We log server events to external analytics services (Cloudflare, AWS CloudWatch) to track platform uptime and performance. We do not sell email addresses or betting history to external marketers.

You have the right to request a copy of the data we hold about you. You may request correction of inaccurate information. You may request deletion of personal data, except where we are required by law to retain transaction records. You may opt out of non-essential cookies in your browser settings. To exercise these rights, contact our support team by email at the address listed at the end of this notice.

Cookies and Account Security

We use session cookies to keep you logged in and functional cookies to remember your language preference and table stakes. We do not use tracking cookies to follow you across the internet. We set cookie expiry to 30 days for typical users; session tokens expire after 4 hours of inactivity. You can delete all cookies from cmd398 by signing out and clearing your browser storage.

We require a strong password (minimum 12 characters, mixed case and numerals) and offer optional two-factor authentication via email or authenticator app. If you lose access to your account, we can reset your password upon identity verification. We monitor for unusual login patterns and will email you if we detect a login attempt from a new device or city.

Our commitment is simple: we protect your data, settle your wagers fairly, process your payments promptly, and respond to disputes within five business days.

cmd398 Privacy Commitment

We keep this policy updated as our practices evolve. If we make material changes—such as engaging a new payment processor or extending data retention—we will email you and post a notice on cmd398 at least 30 days before the change takes effect. Your continued use of the platform after that notice constitutes acceptance. For questions about this notice, contact us at [email protected] or use the help centre within the app. We respond to privacy inquiries within five business days.