LEGAL REFERENCE

How luna4d Handles Your Account Data

This is the luna4d privacy policy — the document that tells you what we collect when you open an account with us, why we hold it, and how...

Plain-English policyData minimisationIndonesia-awareUpdated regularlyAccount-level controls
See the Lobby Read FAQ
luna4d How luna4d Handles Your Account Data

Policy Scope, Jurisdiction and Your Rights

Our privacy policy applies to every luna4d account opened from supported regions where local law permits. We collect the identifiers you give us at sign-up, the device fingerprint your browser shares, and the transaction references your e-wallet returns when you top up. We hold this data to keep your account secure, to honour audit obligations, and to resolve disputes if a session

is queried. You can request access, correction or deletion of your record at any time by writing to our policy desk, and we'll respond within statutory windows that apply to Indonesian residents.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

HELP CHANNELS

Privacy Contact Paths

Team online

Policy Desk Email

Write to our dedicated privacy mailbox for access requests, correction notices or deletion claims. We log every message and reply within the statutory window that applies to your account region.

In-Lobby Chat

Open the chat widget from your account header and ask for the privacy team. The agent will route your ticket to the data officer and share a reference number you can quote later.

Written Notice

Send a signed letter to our registered correspondence address if you prefer a paper trail. We accept scanned copies attached to your verified account email for faster handling.

EDITORIAL CLARITY

How We Keep This Policy Honest

Quarterly Review

Our legal team re-reads this policy every quarter and flags any clause that no longer matches how the lobby actually...

Named Data Officer

A single person owns this document inside luna4d. You can ask for their decision in writing whenever an automated response...

Encryption At Rest

Every identifier you share at sign-up is encrypted on our database tier. Keys rotate on a fixed schedule and access...

Vendor Audits

Third parties that touch your data — payment processors, KYC checkers, hosting — are reviewed annually against our processor checklist...

Version History

We keep older versions of this policy readable so you can compare what changed. Each release carries a date stamp...

Indonesia Awareness

Local statutory windows for response, correction and deletion are mapped into our internal SLA. Indonesian residents get timelines aligned to...

PLATFORM COMPARISON

Consistency Across Our Policy Pages

01

Privacy vs Terms

Terms cover the contract; this policy covers data. We cross-reference both so a clause in one never silently overrides the other.

02

Privacy vs Cookies

Cookie notice handles browser storage specifically; this policy explains the wider account record behind it.

03

Privacy vs KYC

KYC page lists the documents collected. This policy explains retention windows for those same documents.

04

Privacy vs Payments

Payments page covers DANA, OVO, GoPay and QRIS flows. This policy explains the transaction metadata we store.

05

Privacy vs Security

Security page describes controls. This policy describes which data those controls are protecting.

06

Privacy vs Contact

Contact page lists general channels. This policy gives a dedicated route to the data officer.

07

Privacy vs Updates

Update log records every amendment with a date so you can audit drift between versions.

What Defines Our Policy Page

Plain Sections

Every clause sits under a short heading so you can skim to the part that matters to your account without reading the whole document end to end.

Dated Versioning

The footer shows the issue date of the version you're reading. Older revisions stay accessible if you need to compare wording for a past account event.

Inline Definitions

Where we use a term like processor or controller, the meaning sits beside it. You don't need a separate glossary tab open to follow along.

Account-Level Hooks

Each data-handling clause points to the account screen where you can act on it — export, edit or close — so the policy isn't theoretical.

Mobile-First Layout

The page renders cleanly on phones so you can read it on the train before completing sign-up. No horizontal scroll, no zoomed text boxes.

Search-Friendly Anchors

Every section has a stable anchor link. If our support team cites a clause by name, the URL will jump you to that exact paragraph.

Privacy Policy Questions

We collect the identifiers needed to open and secure your account: name, date of birth, contact email, phone number and the document references your KYC step returns. Nothing beyond that is requested at registration.

Active accounts retain data for the life of the account plus the statutory tail required by Indonesian record-keeping rules. Closed accounts move to a restricted archive and are purged once that window expires.

Yes. Write to our policy desk from your verified email and we'll start the closure flow. Some records — financial logs, KYC artefacts — stay in archive for the period local law requires.

Only the minimum needed to settle your DANA, OVO, GoPay or QRIS transaction is shared with the relevant processor. We don't pass marketing identifiers to them and they don't pass yours back.

Material changes trigger an in-lobby notice and an email to your verified address. Minor edits — typo fixes, clarifications — appear in the version log at the foot of this page.

Primary storage sits with audited hosting partners in regions where local law permits cross-border processing. Backup copies are encrypted and held under the same contractual controls as the live tier.

Our named data officer handles every privacy ticket. Reach them through the policy mailbox or ask in-lobby chat to escalate; you'll receive a reference number and a written response within the statutory window.