mentos Platform Privacy Notice

This page describes what we collect when you use mentos and how we keep that data protected. We at mentos take your privacy seriously. We collect only the information necessary to operate our platform, verify your identity, process your payments, and comply with local law. We do not sell your data to third parties, and we do not use it for marketing purposes beyond your mentos account.

Our privacy practices reflect our commitment to transparency. When you register on mentos, you provide your email, phone number, and legal name. When you deposit or withdraw, we collect payment details. When you use our platform, we log your activity for security and compliance purposes. This notice explains each data category, how long we retain it, and what rights you have to access, update, or delete your information.

We operate across multiple jurisdictions, and our data handling complies with applicable local regulations. If you have questions about how we use your data on mentos, or if you wish to exercise your rights (such as requesting a copy of your data or deletion), contact our support team. We respond to all data requests within 30 days.

What Data We Collect on mentos

We collect data in three categories: account information, payment information, and activity logs. Account information on mentos includes your email, phone number, legal name, date of birth, and country of residence. We collect this during registration and use it to create and manage your mentos account.

Identity verification data on mentos includes your government-issued ID (passport, national ID card, or driving licence) and proof of address (utility bill, bank statement, or rental lease). We collect these documents to comply with anti-money-laundering (AML) and know-your-customer (KYC) regulations. We retain these documents for the duration of your mentos account plus seven years after closure, as required by law.

Payment information on mentos includes your e-wallet account details (for DANA, e-wallet, mobile banking, local payment, online payment, e-wallet) or bank account information (for mobile banking, local payment, online payment, e-wallet transfers). We do not store full payment card numbers or bank account numbers on our servers. Instead, we use tokenization—our payment processor stores the sensitive data, and we store only a token that references it. This reduces our security risk and protects your financial information.

Activity logs on mentos: We log your login times, IP addresses, game activity, wagers, and withdrawals. We retain these logs for 12 months for security and dispute resolution purposes. We use them to detect fraud, investigate account compromises, and settle disputes about bet outcomes or bonus eligibility.

We also collect technical data on mentos, including your device type, browser, operating system, and approximate location (based on IP address). We use this data to optimize our platform, detect technical issues, and prevent fraud. We do not use location data to target you with marketing.

How We Use Your Data on mentos

We use your account information on mentos to create your account, process your deposits and withdrawals, calculate your loyalty tier and weekly cashback, and communicate with you about your account. We send you emails about bonus eligibility, tier upgrades, and seasonal campaigns. You can opt out of promotional emails at any time via your account settings on mentos, but we will continue to send transactional emails (deposit confirmations, withdrawal status, etc.).

We use your identity verification data on mentos to comply with AML and KYC regulations. We may share this data with our compliance team and, if required by law, with government authorities. We do not use it for any other purpose.

We use your payment information on mentos to process deposits and withdrawals. Our payment processors (third-party companies that handle e-wallet and bank transfers) have access to this data. We require them to maintain the same level of security and confidentiality as we do.

We use your activity logs on mentos to detect fraud, investigate disputes, and improve our platform. If you report a problem with a bet settlement or bonus calculation on mentos, we review your activity logs to understand what happened and resolve the issue.

Your Rights and Our mentos Data Practices

You have the right to access your data on mentos. Contact our support team, and we will provide a copy of all personal information we hold about you within 30 days. You also have the right to update your information—your email, phone number, and address can be changed in your mentos account settings at any time.

You have the right to delete your mentos account and associated data. If you request deletion, we will close your account and remove your personal information from our active systems within 30 days. However, we retain your data for seven years if required by law (such as AML regulations) or if there are outstanding disputes or investigations related to your mentos account.

Data transfers and international storage on mentos

Our servers may sit outside your jurisdiction. When you use mentos, your data may be transferred to and stored in countries other than Indonesia. By using mentos, you consent to this transfer. We apply the same security standards to all data, regardless of where it is stored.

We use cookies on mentos to remember your login status, store your preferences, and track your activity for security purposes. Cookies are small files stored on your device. You can disable cookies in your browser settings, but this may limit mentos functionality. We do not use cookies for third-party advertising or tracking.

We may share your data on mentos with third parties in limited circumstances. Our payment processors have access to payment information. Our compliance team may share data with government authorities if required by law. We do not sell your data to marketing companies or data brokers. If we are acquired or merge with another company, your data may be transferred as part of that transaction, and we will notify you.

Security and Data Retention on mentos

We encrypt all data in transit using TLS 1.2+ protocols. We encrypt sensitive data at rest using AES-256 encryption. We limit access to your data to mentos employees and contractors who need it to perform their jobs. We conduct regular security audits and penetration testing to identify and fix vulnerabilities.

If we discover a data breach on mentos, we will notify you within 72 hours and provide details about what data was compromised and what steps we are taking to secure it. We maintain cyber insurance to cover potential losses from breaches.

We retain your data on mentos for as long as your account is active, plus the retention periods outlined above. If you close your mentos account, we delete your personal information within 30 days, except where we are required by law to retain it longer (such as AML records, which we keep for seven years).

Contact us about your data: Email our support team or use the contact form on mentos to request access, updates, or deletion of your data.
Data requests on mentos: We respond to all data requests within 30 days. If your request is complex, we may ask for clarification.
Your mentos account: You can view and update your profile information in your account settings at any time.
Cookies and tracking: You can disable cookies in your browser, but this may affect mentos functionality.

This privacy notice applies to mentos.app and all mentos services. We may update this notice from time to time to reflect changes in our practices or applicable law. We will notify you of material changes via email or in-app notification. Your continued use of mentos after an update constitutes your acceptance of the updated notice.

Our services on mentos are available only where local law permits. If you have privacy concerns or believe we have mishandled your data, you may have the right to lodge a complaint with your local data protection authority. We encourage you to contact us first so we can address your concerns directly.