kuda Privacy Policy

This page describes what data we collect when you use kuda and how we keep that data protected. We collect personal information during account creation, identity verification, payment processing, and gameplay. Our kuda platform encrypts sensitive data, restricts employee access, and stores documents separately from account balances.

We are transparent about how we use your data. We do not sell personal information to third parties. We share data only with payment processors, compliance partners, and law enforcement when required by legal process. Our servers may sit outside your jurisdiction, but we apply consistent security standards across all locations.

Read this policy to understand what information we collect, how long we keep it, your rights regarding your data, and how to contact us with privacy questions. If you disagree with our practices, do not open a kuda account.

What data we collect on kuda

We collect data in three categories: account information, identity documents, and activity logs. Account information includes your email, password hash, full name, date of birth, phone number, and postal address. We collect this when you create your kuda account and update it as needed.

Identity documents—government ID, proof of address, and selfie—are collected during account verification before your first withdrawal. These documents are encrypted and stored separately from your account profile. We keep them for as long as your account is active, plus seven years afterward (to comply with regulatory requirements).

Activity logs include login timestamps, deposit and withdrawal records, game play history, IP addresses, browser type, and device information. We collect this automatically to detect fraud, resolve disputes, and comply with anti-money-laundering laws. These logs are retained for seven years.

Account information
Email, name, date of birth, phone, address. Collected during signup and account maintenance.
Identity documents
Government ID, proof of address, selfie. Collected before first withdrawal; encrypted and stored separately.
Activity logs
Logins, deposits, withdrawals, game play, IP address, device type. Collected automatically for fraud detection and regulatory compliance.
Payment information
E-wallet tokens, bank account details (via payment providers only). We do not store full card or bank numbers.

How we use your data on kuda

We use account information to operate your kuda account, process deposits and withdrawals, and contact you about account activity or service updates. We use identity documents to verify your age and prevent fraud. We use activity logs to detect unusual behaviour, resolve disputes, and comply with anti-money-laundering and counter-terrorism-financing regulations.

We do not use your data for marketing without your consent. We do not sell, rent, or share your personal information with advertisers or data brokers. We may share aggregated, anonymized statistics (e.g., "many active users in Jakarta played Aviator in the past week") with business partners or regulators, but this does not identify you.

Third-party processors on kuda

We share data with essential service providers: payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet), email providers, cloud hosting services, and compliance partners. These processors handle data according to contracts that require them to protect your privacy and use data only for the service we contracted them to provide.

We may disclose data to law enforcement if required by a valid court order, subpoena, or legal process. We comply with local laws in each jurisdiction where kuda operates. If we are served with a legal demand, we will notify you unless the law forbids us from doing so.

How we protect your data on kuda

We use HTTPS encryption for all web traffic. Passwords are hashed using industry-standard algorithms; we never store plain-text passwords. KYC documents are encrypted at rest and accessible only to authorized compliance staff. We conduct regular security audits and penetration testing to identify vulnerabilities.

We enforce access controls: employees see only the minimum data needed for their role. Support staff cannot see your password or full payment details. We maintain incident response procedures so that if a breach occurs, we investigate, notify affected users, and cooperate with law enforcement.

Your rights regarding kuda data

You have the right to access, correct, or delete your personal data, subject to legal and regulatory constraints. You can request a copy of your account information by contacting our support team. You can update your email, phone, or address within your account settings at any time.

You cannot delete data that we are required to keep for regulatory purposes (e.g., KYC documents, transaction records for seven years). If you close your kuda account, we retain your data according to retention schedules unless applicable law allows deletion.

  • 1
    Request accessStep 1

    Email our support team to request a copy of your personal data. We respond within 14 days.

  • 2
    Correct inaccuraciesStep 2

    Update your email, phone, or address in account settings. Contact support for document corrections.

  • 3
    Request deletionStep 3

    Request deletion of non-essential data. Regulatory-retention data cannot be deleted but will be anonymized after retention periods end.

Cookies and tracking on kuda

We use cookies to keep you logged in, remember your preferences, and detect fraud. Essential cookies are necessary for kuda to function; optional cookies help us understand how you use our platform. You can disable optional cookies in your browser settings without breaking core functionality.

We use analytics (IP address, page visits, time on site) to improve user experience and identify technical issues. We do not use this data to identify you personally. Third-party analytics tools may set their own cookies; review their privacy policies for details.

Key data practices

  • We encrypt all sensitive data (passwords, KYC documents, payment tokens) at rest and in transit.
  • We retain account and activity data for seven years to comply with anti-money-laundering regulations.
  • We do not sell your data to advertisers or brokers.
  • We share data with payment processors and compliance partners under strict confidentiality agreements.
  • You can request access, correction, or deletion of your data subject to legal retention requirements.

Jurisdiction and data retention on kuda

Our servers are located in multiple jurisdictions, and your data may be transferred outside your country of residence for processing and backup. We apply the same encryption and security standards regardless of server location. By using kuda, you consent to this cross-border data transfer.

We retain data according to legal requirements. Account information is kept for the account lifetime plus three years after closure. Identity documents are kept for seven years to comply with anti-money-laundering laws. Activity logs (logins, transactions, game play) are retained for seven years. After retention periods end, we delete or anonymize the data.

Changes to our kuda privacy policy

We may update this policy at any time. Material changes will be announced via email to your registered address and published on kuda. Continued use of your account after publication constitutes acceptance of the updated policy. We encourage you to review this page periodically.

Contact us about kuda privacy

If you have questions about how we handle your data, want to request access, or wish to file a complaint, contact our support team in English during business hours. We respond within 24 hours on business days. For urgent data-security issues, mark your email as urgent and we will prioritize it.

Our privacy policy applies where kuda is legally available. Users are responsible for verifying compliance with local data-protection laws. If local law provides stronger privacy protections, those protections apply to you on kuda.