Encryption & Data Protection on gunungwin
Every connection to gunungwin.id is encrypted using TLS (Transport Layer Security) 1.2 or higher, the same standard used by banks and payment processors worldwide. When you log in, deposit funds, or view your account balance, your data travels through an encrypted tunnel—meaning no third party can intercept your credentials or financial information during transit.
Your gunungwin account stores sensitive data—name, date of birth, ID number, bank account details—in isolated, encrypted databases. This information is accessed only by our authorized compliance and customer-support staff during routine account reviews or withdrawal verification. We do not sell, share, or use your personal data for marketing outside of our own platform. During major events like Liga 1 playoffs or Idul Fitri campaigns, we may notify you of relevant promotions via email or in-app, but this is optional and you can disable notifications at any time.
Know Your Customer (KYC) Verification Process
The KYC process on gunungwin protects both you and our platform from fraud. When you sign up, you provide your full name, date of birth, email, and phone number. At this point, your account is "unverified" and carries limitations—you cannot withdraw funds or claim bonuses until verification is complete.
-
1
Submit identity documentStep 1
Upload a clear photo or scan of your national ID (KTP), passport, or driver's license. The image must show your full name, date of birth, and document number. Our system uses automated checks to verify the document is valid and has not expired.
-
2
Confirm your payment methodStep 2
Provide proof that you own the payment method you registered with. If you deposit via DANA or e-wallet, screenshot your wallet home screen showing your account name. If using bank transfer, provide a recent bank statement showing your name and account number.
-
3
Manual compliance reviewStep 3
Our compliance team verifies your documents against our fraud database and international sanctions lists. This review is thorough but non-invasive—we simply confirm your identity is legitimate and not flagged by regulatory bodies.
-
4
Account verification approvedStep 4
Once approved, your account status changes to "Verified." You can now withdraw funds, claim bonuses, and participate fully in gunungwin sportsbook, live-dealer tables, and slot games. Verification typically completes within one business day, though it may take longer during peak periods.
During verification, your submitted documents are stored securely and are never shared publicly. We retain them only as long as needed for compliance and audit purposes. If you wish to update your identity documents—such as renewing your ID—you can upload fresh images through your account settings. Old documents are then securely deleted.
Password & Login Security
Your gunungwin password is your first line of defense. We recommend using a strong password—at least 12 characters, mixing uppercase, lowercase, numbers, and symbols. Never use personal details (birthdate, name, city) that are easy to guess, and never reuse the same password across multiple platforms. If your gunungwin password is compromised elsewhere, hackers could attempt to access your account and withdraw funds.
When you log in to gunungwin, your password is immediately hashed using a cryptographic algorithm—we never store plain-text passwords. This means even our own staff cannot see your password; they can only confirm whether you entered it correctly. If you forget your password, click "Forgot Password" on the login page. You'll receive a secure email link that expires after subject to verification. Use it to reset your password to something new and unique.
Two-Factor Authentication (2FA)
gunungwin offers optional two-factor authentication (2FA) to strengthen your account security. When enabled, logging in requires two pieces of information: your password and a time-based code generated by an authenticator app (such as Google Authenticator or Authy) or sent via SMS to your registered phone number. Even if someone steals your password, they cannot access your account without the second factor.
To enable 2FA on gunungwin, go to Account Settings → Security → Two-Factor Authentication. Choose either app-based (recommended) or SMS-based verification. If you choose app-based, scan the QR code with your authenticator app and save the backup codes in a safe location. If you lose access to your phone, these backup codes let you regain entry to your account. Write them down and store them offline, separate from your password.
- SSL/TLS encryption
- Secures all data transmitted between your device and gunungwin servers, preventing interception of passwords, payment details, or account information.
- Password hashing
- Your password is converted into an irreversible code so that even gunungwin staff cannot view it. Only you know your password.
- Two-factor authentication
- Adds a second verification step (app code or SMS) required at login, preventing account access even if your password is compromised.
Detecting & Reporting Suspicious Activity
gunungwin monitors your account for signs of unauthorized access. If we detect logins from new devices or unusual geographic locations, we may temporarily lock your account and send you an email asking you to confirm the login attempt. This is a security measure, not a restriction—respond to the email to unlock your account immediately.
If you notice unusual activity on your account—logins you do not recognize, withdrawals you did not initiate, or balance changes you cannot explain—contact our support team right away. Email us with your account email and a description of the suspicious activity. Our team will review your account logs, freeze any pending withdrawals, and help you regain control. During business hours, we respond to security inquiries via in-app chat as well.
If your account has been compromised, follow these steps: (1) change your password immediately from a different device, (2) enable two-factor authentication if not already active, (3) review your recent transactions and report any unauthorized withdrawals, and (4) contact our support team with details of the breach. We will investigate and may reverse fraudulent transactions if they occurred within the last 30 days.
On gunungwin, security is not a one-time setup—it's an ongoing partnership between you and our platform to protect your funds and personal data.
Payment Method Security & Withdrawal Verification
When you deposit into your gunungwin account via mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, or direct bank transfer (online payment, e-wallet, mobile banking, local payment), those transactions are routed through industry-standard payment gateways that use their own encryption and fraud detection. gunungwin never stores your full payment card or e-wallet credentials—we only retain a reference token that lets us process withdrawals back to the same method.
Withdrawals on gunungwin trigger an additional security review. When you request a withdrawal, our compliance system checks your account activity, transaction history, and deposit sources to ensure the request is legitimate and not connected to money laundering or fraud. This review typically takes 24–48 hours. If flags arise—such as a sudden large withdrawal immediately after a large deposit—we may ask for additional documentation (proof of funds source, business registration, etc.) before approving the request.
Once a withdrawal is approved, funds are routed back to the original payment method you used to deposit. This protects you from account takeover—even if someone gains access to your gunungwin account, they cannot redirect withdrawals to a different bank account or e-wallet. If you need to withdraw to a different payment method, you must contact our support team and undergo a manual verification process involving new KYC documents.
Privacy & Data Retention
gunungwin collects personal data strictly for account management, regulatory compliance, and fraud prevention. We do not sell your information to third parties, and we do not use your data for targeted advertising beyond our own platform. Your transaction history, betting activity on Liga 1 or Piala AFF markets, and interaction with live-dealer tables are recorded for your own account history and for compliance audits—not for sharing or resale.
Data retention follows legal requirements: we keep account information and transaction records for at least five years (required by Indonesian financial regulations). After you close your account, your personal data is anonymized or deleted unless we are required by law to retain it. If you request data deletion under privacy regulations, we will comply, though some information may be retained to prevent fraud or fulfill legal obligations.
Our privacy policy, accessible from the gunungwin footer, details exactly what data we collect, how we use it, and your rights regarding your information. You can access, update, or request export of your personal data through your account settings or by contacting our privacy team via email.
