mansionPrivacy Policy
This page describes what we collect when you use mansion and how we keep that data protected. We collect personal information only to provide our service—account registration, payment processing, compliance verification, and customer support. We do not sell your data to third parties outside the payment and regulatory workflow.
Our privacy practices reflect our commitment to transparency. We use encryption (SSL 256-bit) across all connections. Your payment data is tokenized and passed directly to processors; mansion never stores raw card numbers or wallet credentials. Account activity is logged immutably so you can review every transaction, bet, and withdrawal.
This policy applies to all mansion users regardless of location. If you are in a jurisdiction where our services are not legally available, you should not use this platform. By using mansion, you agree to the data handling practices outlined below.
What we collect
We collect the following information when you register and use mansion:
- Account data: Email address, phone number, username, hashed password, date of birth
- KYC documents: Government-issued ID (KTP, passport, national ID), proof of address (utility bill, bank statement, rental agreement), selfie with ID for verification
- Payment information: Bank account details (token reference only), e-wallet references (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet), transaction history
- Gameplay data: Bet history, win/loss records, session timestamps, account balance snapshots, device type and IP address
- Communication: Support tickets, in-app messages, email correspondence
- Device identifiers: Mobile app device ID, browser cookies, session tokens
Data we do not collect
- We do not track your browsing history outside mansion
- We do not record video or audio from your device
- We do not sell raw personal data to advertisers or data brokers
- We do not share your account information with other gaming platforms
How we use your data
We use collected data for the following purposes:
- Service provision: Account creation, login, balance management, gameplay tracking, payout processing
- Compliance: KYC verification, anti-money-laundering (AML) checks, sanctions screening, regulatory reporting
- Security: Fraud detection, unusual activity alerts, account recovery, password reset verification
- Support: Responding to customer inquiries, dispute resolution, account troubleshooting
- Analytics: Understanding platform usage patterns (aggregate, non-identifying data only) to improve service quality
- Legal: Responding to law enforcement requests, defending against claims, enforcing our terms
We do not use your data for marketing purposes without your explicit consent. We do not send unsolicited promotional emails. If you opt in to notifications, you can disable them anytime in your account settings.
Third-party processors and data location
Our servers may sit outside your jurisdiction. Data is transmitted to payment processors (for e-wallet and bank transactions), hosting providers (for platform infrastructure), and compliance vendors (for KYC verification). We use contractual safeguards (data processing agreements) to ensure these third parties meet our security standards.
- Payment processors
- mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, and regional banks (online payment, e-wallet, mobile banking, local payment) handle payment tokenization and settlement. We share only transaction reference IDs, not raw card or wallet data.
- KYC vendors
- Third-party compliance firms verify your ID documents and cross-reference sanctions lists. We transmit your document images and personal details; these vendors are contractually bound to delete data after verification completes.
- Hosting providers
- Our platform infrastructure sits on secure, encrypted servers. We do not disclose specific hosting locations to protect against targeted attacks.
Your rights and data deletion
Under many jurisdictions' data protection laws, you have the right to access, correct, or delete your personal data. However, we retain certain data for compliance and legal reasons. Specifically:
- We retain transaction records indefinitely to comply with financial regulations and anti-fraud requirements
- We retain KYC documents for at least 5 years after account closure per regulatory mandates
- We retain gameplay records to settle disputes and audit fair play claims
- You may request deletion of non-critical data (profile picture, communication history) by contacting support
To exercise your data rights, contact us at [email protected] with your account name and request type. We will respond within 30 days or advise you of delays and reasons.
Cookies and tracking on mansion
We use cookies for session management, security (CSRF tokens), and user preference storage (language, theme). These are strictly necessary for our platform to function. We do not use tracking cookies for behavioral advertising.
The mansion mobile app does not use cookies; instead, it uses local storage tokens. You can clear app data anytime in your device settings, which will log you out of mansion.
Data breach notification
If we discover unauthorized access to your personal data, we will notify you via email within 72 hours (or as required by local law). Our notification will describe what data was accessed and the remedial steps we are taking. We maintain cyber insurance and incident response procedures.
Policy updates and contact
We may update this privacy policy. Changes will be posted on this page with an updated date. Significant changes will be communicated via email. Continued use of mansion after policy changes constitutes acceptance of the updated terms.
If you have questions about our privacy practices, contact us:
- Email: [email protected]
- In-app chat: Available during regional business hours
- Mailing address: Available in your account settings under "Contact Us"
Our privacy team will respond to inquiries within 7 business days. If you believe we have mishandled your data, you also have the right to lodge a complaint with your local data protection authority.
Our data protections
- SSL encryption on all connections
- Payment data tokenized, never stored raw
- Immutable transaction logs for audit trail
- Two-factor authentication available
Limitations of our control
- Third-party processors (banks, payment rails) handle sensitive data
- We retain compliance data longer than user preference
- Law enforcement requests may require data disclosure
Conclusion
We at mansion believe transparency about data handling builds trust. This privacy policy reflects our actual practices—we do not obscure how we collect, store, or share your information. Your data is protected by encryption, access controls, and contractual safeguards with third parties.
Our services are available only where local law permits. Users are responsible for verifying their jurisdiction's regulations regarding online entertainment platforms. If you have concerns about data handling or believe we have violated this policy, contact our support team immediately. We are committed to resolving privacy issues within 30 days.