roma Platform Privacy Notice

This page describes what we collect when you use roma and how we keep that data protected. We process your personal information to provide gaming services, verify your identity, process payments, and handle support requests. We operate across slot games (Aviator, Sweet Bonanza, Gates of Olympus, Fortune Tiger, Mahjong Ways), live-dealer tables, sportsbook feeds covering Liga 1, Piala AFF, Champions League, and esports markets including Mobile Legends and Free Fire. All user data related to these services is governed by this privacy notice.

We collect only the information necessary to operate roma safely and comply with local regulations. Your data is encrypted, stored securely, and shared only with processors required to provide the service. We do not sell your personal information. We do not share your gaming history with third parties for marketing purposes. This notice explains what data we collect, who has access to it, how long we retain it, and what rights you have under data-protection laws.

Our commitment is transparent data handling. Every step of our data collection, storage, and use is documented below in clear language so you understand how roma protects your privacy.

Data Collection and Use on roma

What we collect during registration

When you register a roma account, we collect your email address, password hash, full name, date of birth, and residential address. We use this information to create your account, verify your identity, and enable password recovery. Your email is used for account notifications, withdrawal confirmations, and support correspondence. We do not share your email with third parties except payment processors and regulatory authorities when required by law.

We also collect your phone number if you provide it during registration or account recovery. This is optional but helps us reach you quickly if account security issues arise or if we need to verify your identity before processing a withdrawal.

Identity verification and KYC documents

Before you can withdraw funds, we require Know Your Customer (KYC) verification. You upload a national ID, passport, or driver's license. We store these documents encrypted on secure servers. Our verification team accesses these images only to confirm your identity. Once verification is complete, we retain your documents for regulatory compliance and account recovery purposes. You can request deletion of these documents by contacting our support team, though we may retain them if required by local gaming regulations.

We do not use your identity documents for any purpose beyond account verification. We do not share them with third parties except when required by law enforcement or gaming regulators in your jurisdiction.

Gaming activity and account history

We log all gaming activity on roma: every slot tournament entry, every live-dealer hand, every sportsbook bet, every esports market position. We record the game type, timestamp, stake amount, outcome, and settlement result. This information is necessary for account reconciliation, dispute resolution, and regulatory reporting. We retain this data for seven years to comply with gaming regulations in jurisdictions including Jakarta, Surabaya, Bandung, Medan, and Semarang.

Your gaming history is private. We do not share it with third parties for marketing, analytics, or any purpose outside account management and regulatory compliance. Your game data is not sold or used to create behavioral profiles for external advertisers.

Payment information and transaction records

When you deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet, we record the deposit amount, timestamp, and payment method identifier. We do not store your full payment credentials (credit card numbers, e-wallet passwords, bank account numbers). Payment processors handle sensitive credential data directly—we see only confirmation that a deposit succeeded or failed.

We retain transaction records indefinitely for accounting and regulatory purposes. These records are encrypted and accessed only by our finance team and payment-compliance staff. If you dispute a transaction, we provide your transaction record to the relevant payment processor or bank; we do not share it with other third parties.

Support communications

When you contact our support team via live chat, email, or in-app messaging, we retain copies of all conversations. We use these records to resolve your issue, handle disputes, and train support staff. Support chats are retained for one year; email inquiries are retained for three years. You can request deletion of support records by contacting our team directly, though we may retain them if they relate to unresolved disputes or compliance matters.

"We collect data only to operate roma securely and fairly. Every piece of information you provide is encrypted, restricted-access, and never sold or shared with external advertisers."

Data Protection and Your Rights on roma

How we protect your data

We encrypt all personal data in transit and at rest. Our servers use TLS 1.2+ for data transmission, and stored data is encrypted with AES-256 or equivalent. We limit access to personal information to roma employees with a legitimate business need—your payment information is accessible only to accounting staff, your KYC documents only to the verification team, your support chats only to support personnel. We do not share database passwords across teams, and we audit access logs regularly for unauthorized retrieval attempts.

Our data centers are located outside Indonesia. This means your data may be stored on servers in other jurisdictions. By using roma, you consent to cross-border data storage. We ensure that data stored internationally meets the same encryption and security standards as data stored locally. We do not transfer data to jurisdictions with weaker data-protection laws than your own without your explicit consent.

Cookies and tracking technologies

Roma uses cookies to maintain your login session, remember your language preference, and prevent fraud. These are session cookies (deleted when you log out) and persistent cookies (retained for up to one year to improve your experience). We do not use cookies for external advertising or behavioral tracking. Third-party analytics services (such as Google Analytics) may set cookies on our site—you can opt out by configuring your browser cookie settings or using browser extensions that block tracking.

We do not use pixel tags, fingerprinting, or other covert tracking technologies. Your roma browsing activity is logged only on our own servers to identify technical issues and improve game load times.

Your data access and deletion rights

You have the right to request a copy of all personal data we hold about you. Contact our support team with "Data Access Request" in the subject line. We provide a complete export of your account details, gaming history, and personal information within 30 days. You can request that we delete non-compliance-critical data (such as saved support notes) by contacting support. We will delete such data within 30 days, though we retain gaming transaction records and KYC documents as required by gaming regulations.

If you believe we have processed your data incorrectly or violated your privacy rights, you can lodge a complaint with your local data-protection authority. We cooperate with such inquiries and respond to regulatory requests within legally specified timeframes.

Third-party processors and service providers

We use third-party services to operate roma: payment processors, hosting providers, live-dealer studios, email delivery services, and customer support platforms. These processors access only the data necessary to perform their function. We maintain data-processing agreements with all third parties requiring them to protect your data to the same standard we do. Payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet networks) operate under their own privacy policies; we recommend reviewing their notices if you have specific concerns about payment data.

We do not permit third-party processors to use your data for their own marketing or secondary purposes. All processor contracts include strict confidentiality and data-limitation clauses.

Updates to this privacy notice

We may update this privacy notice if our practices change or if local regulations require it. We notify users of material changes via email at least 30 days before they take effect. Your continued use of roma after notification constitutes acceptance of the updated notice. If you do not agree with changes, you can close your account and request deletion of non-regulatory-critical data.

Contact our privacy team

If you have questions about our privacy practices, how we handle your data, or how to exercise your data rights, contact our privacy team via email or in-app support. We respond to privacy inquiries within five business days. You can request data access, request deletion of optional data, report a suspected data breach, or file a privacy complaint through the same channels.

Summary: We at roma collect personal information only to operate our gaming platform, verify identity, process payments via mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, or local payment, and provide support. We encrypt all data, restrict access to authorized staff only, and retain information only as long as required by regulations. We do not sell your data, do not use cookies for external advertising, and do not share your gaming history with third parties. You have the right to access, correct, or delete your data. Contact our support team with any privacy concerns or to exercise your data rights.