Reference

How milanwin Protects Your Personal Data

Our Privacy Policy explains exactly what personal data we collect when you open an account at milanwin, how we use it, and what rights you hold over it…

Data encrypted in transit and at restDANA, OVO, GoPay & QRIS transaction data handled securelyYou may request data access or deletion at any timeNo data sold to third-party advertisersRetention periods disclosed clearly
milanwin How milanwin Protects Your Personal Data
PRIVACY CONTACT PATHS

Reach Us About Your Privacy Rights

If you have a question about how we handle your data, want to correct inaccurate information on your account, or wish to request deletion, our Privacy team is reachable through the channels…

Live Chat Reach our Privacy team directly via the Live Chat widget inside your account dashboard — available 24/7. Ideal for quick questions about data access or account-level corrections.
Email Support Send detailed privacy requests, including data deletion or portability requests, to our dedicated privacy email address. We respond within 24 hours and confirm resolution within 14 business days.
In-Account Help Centre Navigate to Settings → Privacy in your account to submit a formal data request form. This path logs your request automatically so you can track its status without a follow-up message.
DATA HANDLING PRACTICES

Six Ways We Keep Your Data Safe

Data protection at milanwin is operational, not just a policy document. From the moment you create an account through every DANA, OVO, GoPay, or QRIS transaction, specific technical and procedural controls apply.

End-to-End Encryption

All data transmitted between your device and our servers uses TLS 1.3 encryption. This covers login credentials, payment method identifiers, and account settings changes — nothing travels in plain text.

Cookie Controls

We use session cookies for login persistence and analytics cookies to understand page performance. You can review and withdraw cookie consent at any time via the Cookie Preferences panel in your account footer.

Account Security Layers

Two-factor authentication is available and encouraged for your account. Login attempts from unrecognised devices trigger an email verification step before access is granted — protecting you even if credentials are compromised.

Data Retention Schedule

Transaction records are retained for the period required by applicable financial regulations, typically five years. Account profile data is deleted within 60 days of a confirmed account closure request, where local law permits.

Third-Party Data Sharing

We share data only with payment processors (for DANA, OVO, GoPay, QRIS settlements), identity verification providers, and fraud detection services. No data is shared with advertisers or data brokers under any circumstance.

Your Right to Access and Correct

You may request a full export of data we hold about you, correct any inaccurate profile fields, or ask us to restrict processing while a dispute is open. Submit requests via Live Chat or the in-account form.

Privacy Policy Questions We Hear Most

The questions below reflect what account holders in Indonesia actually ask about data collection, storage, and their rights under our Privacy Policy. If your question is not covered here, reach our Privacy team via Live Chat inside your account — available around the clock.

We collect your name, email address, date of birth, and device information at registration. Once you transact, we also record payment method identifiers — such as your DANA or OVO reference — for verification and fraud prevention purposes.

We store transaction reference numbers and method identifiers needed to match deposits and process withdrawals. We do not store full wallet credentials or PINs. Payment data is encrypted and accessible only to our finance and fraud teams.

Yes. Submit a data access request via Settings → Privacy in your account, or contact us through Live Chat. We will deliver a full export of your account data within 14 business days of confirming your identity.

Send a deletion request through the in-account Privacy form or via email support. We will remove your profile data within 60 days of account closure confirmation, where local law permits retention of certain financial records.

We share data only with payment processors (DANA, OVO, GoPay, QRIS), identity verification partners, and fraud detection services. We do not sell data to advertisers or data brokers — this is a firm operational rule, not a policy aspiration.

We use session cookies for login continuity and analytics cookies to measure page performance. You can view which cookies are active and withdraw consent for non-essential cookies through the Cookie Preferences panel in your account footer at any time.

Transaction records are retained for approximately five years to meet financial regulation requirements. Account profile data is deleted within 60 days of a confirmed account closure, except where local law requires a longer retention period.