Reference

How scratch cash Protects Your Personal Data

Your personal data — account details, transaction records via DANA, OVO, GoPay and QRIS, and device identifiers — is collected, stored, and used only to operate your account…

Data encrypted in transit and at restDANA, OVO, GoPay & QRIS transaction records protectedAccount data retained only as long as legally requiredYou can request full data access or deletionPolicy applies to all Indonesia account holders
scratch cash How scratch cash Protects Your Personal Data
PRIVACY CONTACT

Reach Us About Your Data Rights

If you want to review, correct, or remove personal data we hold, our privacy team is available seven days a week.

Live Chat Available daily from 08:00 to 24:00 WIB.
Email Support Send your data-rights request to our support address and include your registered account email.
In-Account Form Log in, navigate to Account Settings, and select the Data & Privacy section.
DATA HANDLING PRACTICES

Six Ways We Keep Your Account Data Safe

Security and transparency around your personal data are not an afterthought at scratch cash — they are built into every layer of the platform.

End-to-End Encryption

All data transmitted between your device and our servers uses TLS 1.3 encryption.

Cookie Controls

We use session cookies to keep you logged in and analytics cookies to understand page performance.

Account Security Steps

Two-factor authentication is available for all accounts. We recommend enabling it under Account Settings > Security.

Data Retention Policy

Active account data is kept for as long as your account remains open.

Third-Party Sharing Limits

We share data only with payment processors (DANA, OVO, GoPay, QRIS networks) and identity-verification providers strictly needed to run your…

Your Right to Access and Delete

You may request a full copy of your personal data or ask us to delete it at any time via…

Your Privacy Questions, Answered Directly

Below are the questions we hear most often from account holders in Indonesia about how their personal data is collected, stored, shared, and removed. If your question is not covered here, our privacy team is reachable via live chat between 08:00 and 24:00 WIB every day.

We collect your name, email address, phone number, date of birth, and the payment method you register — such as DANA, OVO, GoPay or QRIS. Device type and IP address are also logged for account security purposes.

We record transaction references and timestamps for each DANA, OVO, GoPay and QRIS payment to maintain accurate account histories. Full wallet credentials are never stored on our servers — those remain with the respective payment provider.

Yes. Log in and go to Account Settings, then select Data & Privacy to submit an access request. We will compile and deliver a full data report to your registered email address within 30 days.

Submit a deletion request through live chat, email support, or the in-account Data & Privacy form. We action all deletion requests within 30 days where local law permits, and confirm completion by email once done.

Only with the payment processors needed to complete your DANA, OVO, GoPay and QRIS transactions, and with our identity-verification partner. No data is sold or passed to advertisers or marketing data brokers.

Financial transaction records are retained after account closure for the period required by applicable regulations — how long depends on local law. Once that period ends, your data is permanently deleted from our systems.

We use session cookies for login continuity and analytics cookies for performance monitoring. Open the Cookie Settings panel in your account at any time to review which cookies are active and withdraw consent for non-essential ones.