Definitions
Terms like account, wallet and session are defined identically across privacy, terms and cookie pages so one reading covers all three.
LEGAL REFERENCE
How susubet Handles Your Account Data
This is the susubet privacy policy page. We've written it so you can see exactly what data we collect when you open an account, why we hold it...
Data we collectWhy we hold itRetention windowsYour rightsLast updated
Privacy Posture and Jurisdiction Wording
Our privacy posture follows the rules of supported regions and we apply Indonesia-facing safeguards where local law permits. When you register, we collect identifiers (name, email, phone), device signals, and transaction references tied to your wallet top-ups. We do not sell your data to third parties. Processors who help us run KYC checks, fraud screening and payment reconciliation see only the fields
needed for that task. You can request access, correction or deletion of your record by contacting our privacy desk, and we will respond within statutory windows applicable to your region. Payment-rail context below is shown only because those rails carry your transaction metadata into our records.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
PLATFORM TRUST SIGNALS
Editorial Trust Signals for This Policy
This policy is reviewed by named roles inside susubet — not generated and forgotten. Here's who touches it before publication.
Compliance Review
Our compliance officer signs off every revision against Indonesia-applicable data rules and supported-region requirements before the page is pushed live on susubet.app.
Legal Counsel
Outside counsel checks jurisdiction wording, processor disclosures and cross-border transfer language so the clauses you read here match the contracts behind them.
Security Lead
Our security lead validates the technical safeguards section — encryption in transit, hashed credentials and segmented payment metadata — so the description matches production.
Versioned Updates
Every change carries a date stamp and short changelog note. You can ask support for prior versions if you need to see what your original consent covered.
Processor Register
We keep an internal register of sub-processors handling KYC, fraud and payments. Material additions trigger a notice on this page before the new processor receives data.
User-Rights Desk
A dedicated inbox routes access, portability and deletion requests to a human reviewer, not an auto-responder, so your privacy ticket gets a real decision.
WHY THIS PLATFORM
Consistency Across Our Policy Pages
This privacy notice sits alongside our terms and cookie pages. Here's how the wording lines up so you don't get conflicting answers.
Retention Windows
Data retention periods listed here match the record-keeping clauses in our terms — no document overrides another on how long we hold your information.
Processor List
The sub-processor categories described here are the same ones referenced in our cookie notice when third-party tags are involved in your session.
Jurisdiction
Supported-region language is identical across pages. Where local law permits is the phrase we use consistently when describing access and data flows.
Contact Routes
Privacy contact paths shown above are the same ones surfaced in the footer and the terms page, so escalation never sends you in circles.
Update Cadence
All policy pages are reviewed on the same quarterly cycle, with material changes pushed simultaneously so versions never drift between documents.
Consent Scope
What you agree to at sign-up is mirrored here in plain language, so the consent checkbox and this notice describe the same processing activities.
SERVICE CONTEXT
What This Policy Page Shows You
These are the on-page elements that define how the privacy notice is laid out — so you can scan for the part you need.
Plain-Language Summary
Each clause opens with a short editorial line that summarises...
Last-Updated Stamp
A date marker sits at the top of every revision...
Rights Checklist
A short checklist surfaces your access, correction, portability and deletion...
Processor Categories
We list processor categories — KYC, fraud, payments, analytics —...
Retention Table
A compact retention reference shows how long each data class...
Contact Block
A dedicated contact block at the foot of the policy...
Privacy Policy Questions
We collect identifiers you provide at sign-up — name, email, phone — plus device signals and transaction references from your wallet top-ups. KYC documents are collected only when verification is required for your region.
Active account data is kept while your account is open. After closure, regulated records like transaction history are retained for the period required by Indonesia-applicable record-keeping rules, then deleted or anonymised on schedule.
Yes. Send a deletion request to our privacy inbox. We will erase fields that are not subject to mandatory retention, anonymise the rest, and confirm completion in writing within the statutory window for your region.
We share only with processors who help run KYC checks, fraud screening, payments and analytics. They see the minimum fields needed for the task and are bound by contract. We do not sell your personal data.
Transaction references from these rails are stored against your wallet ledger for reconciliation and fraud control. We do not store full instrument credentials — those stay with the payment provider that authorised the transfer.
The last-updated stamp at the top of the page moves whenever we revise the notice. Material changes also trigger an in-account message so you can review the new wording before your next session.
Use the privacy inbox listed in the contact block, or ask live chat to route you to the privacy queue. A human reviewer on our compliance desk handles the ticket and replies with a reference number.