mahaspin Platform Privacy Notice
This page describes what we collect when you use mahaspin and how we keep that data protected. Online payment adoption in Indonesia exceeds many active users, making secure data handling a foundational responsibility for any platform accepting DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, and direct bank transfers via mobile banking, local payment, online payment, and e-wallet. Our privacy practices centre on this reality: your identity, payment details, and transaction history are sensitive; we encrypt them, limit access, and handle them only as necessary to provide services and comply with financial regulations.
We at mahaspin operate under a clear principle: we collect minimal data, use it only for the purposes you consent to, and disclose it only to processors who help us deliver our sportsbook, casino, and account-management services. This policy outlines what data we gather during registration and account use, how we protect it, who we share it with, and your rights regarding personal information on mahaspin.
If you have questions about this privacy notice after reading, our support team responds to data-handling inquiries within two business days. Contact details appear at the end of this page.
What We Collect and How We Use It
Registration and Account Data
When you create a mahaspin account, we request your full name, email address, phone number, date of birth, and residential address. These details are mandatory for account setup and KYC verification. We also collect your government-issued ID number and a selfie photo during the verification process. We use this information to confirm your identity, prevent fraud, comply with financial regulations, and enable account recovery if you lose access. Your email and phone are encrypted; we do not display them publicly on mahaspin or share them with other account holders.
Payment and Transaction Data
Every time you deposit or withdraw via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer, we record the transaction date, amount, payment method, and your destination account. This history appears in your mahaspin account dashboard for your review. We retain transaction records to satisfy financial audit requirements and to enable dispute resolution if a payment fails or is disputed. Your payment details—such as your mobile banking or bank account number—are encrypted in our database. We do not retain full payment credentials (such as passwords or PIN numbers); we receive only confirmation tokens from payment providers, allowing us to verify completion without storing sensitive banking information.
Betting and Gaming Activity
mahaspin logs your wagers on Liga 1, Piala Indonesia, Piala AFF, Champions League fixtures, and casino games. We record bet placement time, bet size, outcome, and balance impact. This data allows us to generate your account history, calculate your balance, and detect suspicious patterns (such as unusual stake sizes or rapid sequential bets that may indicate account compromise). We use this information to operate the platform and improve our service; we do not sell this data or share it with marketing partners. If you request account deletion, we retain anonymized transaction records for financial compliance but disassociate them from your personal name and ID.
Device and Access Data
We collect your IP address, browser type, device model, and operating system when you access mahaspin. This information helps us detect unauthorized access—for example, if your account logs in from an unusual geographic location, we flag it for security review. We also use this data to troubleshoot technical issues and to optimize our platform for different devices and networks. We do not track your browsing activity outside mahaspin, and we do not combine this information with data from third-party analytics services.
We encrypt all data transmitted between your device and our servers.
Your mahaspin connection uses SSL/TLS encryption. Even if someone intercepts your network traffic, they cannot read your identity, balance, or payment information.
Third-Party Processors
We share your information only with services necessary to operate mahaspin. Payment processors (e-wallet, mobile banking, and others) receive your name and phone number during deposits; they do not receive your mahaspin balance or betting history. Our email service provider receives your email to send verification codes and account notifications. Our hosting provider (data centre outside Indonesia, primarily Singapore or Australia) stores our database; your encrypted data is replicated across multiple servers for resilience. These processors are contractually bound to protect your data and use it only to fulfill their function. We do not permit them to use your information for their own marketing.
Cookies and Local Storage
mahaspin uses cookies to remember your login session and language preference. We set these as "session cookies"—they expire when you close your browser. We do not use third-party cookies for tracking or advertising. If you disable cookies, you can still access mahaspin, but you will need to log in on every visit. We may also store limited data locally on your device (such as your username for faster login); this local data remains under your control and is not shared with us unless you explicitly interact with mahaspin.
Your Rights and Our Commitments
Data Access and Deletion
You have the right to request a copy of all personal data we hold about you. Submit this request via our support contact form (footer of this page) with the subject line "Data Access Request". We will provide a summary of your data within ten business days. You also have the right to request deletion of your account and associated personal information, except for transaction records we are legally required to retain for financial audit purposes. If you request deletion, we will anonymize your name, email, and ID; your transaction history will become date-only with no identifying details.
Data Retention
We retain your personal data (name, ID, address, phone) only as long as your account is active. After account closure, we keep this information for two years to satisfy Indonesian financial regulations and to prevent fraud (such as re-registration with stolen identity). Transaction records are retained for seven years for audit and compliance purposes. Encrypted payment credentials are deleted immediately after the transaction settles and your balance is credited.
International Data Transfer
Our primary servers are located outside Indonesia—typically in Singapore or Australia. This means your encrypted data may be transferred to and stored on international servers. We apply the same encryption and access controls regardless of server location. These locations are chosen for reliability, not to circumvent local regulations. Users in Jakarta, Surabaya, Bandung, and Medan access the same encrypted platform and enjoy identical data protection.
Updates to This Policy
We may revise this privacy notice to reflect operational changes or legal updates. We will notify you of material changes via email to your registered mahaspin address. Your continued use of mahaspin after a policy update constitutes your acceptance of the revised terms. This policy was last updated in this version; the date appears at the footer of the page.
- Contact our support team for data-handling inquiries: support contact form in the footer.
- Request account deletion or data export via the same channel.
- Report suspected data breaches immediately to our security team (contact details below).
We at mahaspin remain committed to protecting your privacy. Your personal information funds your account, secures your withdrawals, and enables account recovery; we treat it with the security and confidentiality it deserves. If you have concerns about how we handle your data, reach out directly—transparency and responsiveness are core to our service.