shimmer Casino & Sportsbook Data Care

Most online platforms collect data quietly; we collect data transparently and only what we need to operate shimmer fairly. This page describes what we collect when you use shimmer and how we keep that data protected. We treat personal information—your email, payment details, identity documents, betting history—as a responsibility, not a resource to monetize. Every piece of data we hold has a clear operational or legal purpose.

We at shimmer do not share your data with marketing companies, data brokers, or advertising networks. We do not build behavioural profiles to sell. We do not track your movements outside shimmer. Our servers may sit outside your jurisdiction, but your data remains encrypted and segregated from third-party systems. This policy explains our practices in plain language so you know exactly what happens to your information.

If you have questions about how we handle your data, our customer support team can respond via live chat or email. We also provide a data request process so you can access, download, or delete your personal information at any time.

What We Collect and Why

Account and Payment Data

When you register on shimmer, we collect your email address, username, and password. We require a phone number so we can verify your account and contact you if we detect unauthorized access attempts. We also collect payment information—which depends on your chosen method. If you deposit via DANA, e-wallet, or mobile banking, we record the transaction ID and amount. If you use bank transfer (local payment, online payment, e-wallet, mobile banking virtual account), we store the details of your deposit and withdrawal instructions.

We collect payment data because we must comply with anti-money-laundering regulations and because we need to reconcile deposits and withdrawals. Your payment details are encrypted and never shared with payment processors beyond what is necessary to settle transactions. We do not store full credit card numbers or local payment / online payment credentials on our servers; those are processed by trusted third-party payment gateways.

Identity Verification (KYC)

For larger withdrawals, we request identity documents—a copy of your ID card, passport, or driver's licence—and proof of address such as a utility bill or bank statement. This Know Your Customer process is a legal requirement in most jurisdictions where shimmer operates, including from users in Jakarta, Surabaya, Bandung, Medan, and Semarang. We use this information solely to verify your identity and prevent fraud. We store these documents encrypted and retain them only as long as required by law, typically 5-7 years after your account closure.

Game and Betting Activity

We collect data about your bets—which live-dealer table you joined, which sportsbook markets you placed bets on (Liga 1 matches, Piala AFF tournaments, MotoGP events), which slots you played, and the outcome. We record bet amounts, settlement times, and whether you won or lost. This data helps us detect fraud (like collusion or money-laundering patterns), calculate your winnings accurately, and respond to dispute claims. We also use aggregate betting data—not linked to you personally—to understand game popularity and ensure our table limits and game selection match player demand.

Technical and Support Data

We collect technical information: your device type, operating system, browser, IP address, and pages you visit on shimmer. We log support tickets, chat transcripts, and email exchanges with our customer support team. During high-traffic periods like Liga 1 matches or around Idul Fitri and Idul Adha, we monitor server load and user activity to keep the platform stable. We do not use this data to build advertising profiles; we use it to improve performance and respond to your support requests.

Cookies and trackers

We use session cookies to keep you logged in and functional cookies to remember your language preference. We do not use tracking cookies or third-party analytics that follow you across the web.

Automated decisions

We may use automated systems to flag suspicious activity—unusual betting patterns, rapid deposits and withdrawals, geographic inconsistencies. These trigger a manual review; we do not make final decisions automatically.

Retention periods

We keep account data for 7 years after closure, betting records for 7 years, and payment records for 7 years. Support tickets are retained for 3 years. Technical logs are purged after 90 days.

Your Rights and Our Data Protection

Your Data Rights

You have the right to access all personal data we hold about you. You can request a copy via our support teamwe provide it within 14 days in a standard format. You also have the right to correct inaccurate data, request deletion of data we no longer need legally, and object to certain uses. If you request deletion of your account, we will remove your profile, disable your login, and anonymize your betting history—although we retain payment records as required by anti-money-laundering law.

Third-Party Processors

We use third-party service providers: payment gateways (for DANA, e-wallet, mobile banking, local payment, bank transfers), email providers for our notifications, and cloud hosting for our servers. We vet these processors for security and data-handling practices and require them to sign data-protection agreements. They are not permitted to use your data for their own purposes. We do not use Google Analytics, Facebook pixels, or other advertising-linked trackers. Our server infrastructure is operated by a major cloud provider with ISO 27001 certification and encrypted data at rest.

International Data Transfer

shimmer's servers are located outside your country. By using shimmer, you consent to your data being transferred to and stored in that location. We apply encryption and strict access controls so that even our hosting provider cannot read your sensitive information. We comply with data-protection standards for cross-border transfers and do not permit data to be accessed from jurisdictions without adequate privacy laws.

Contact and Data Requests

If you have questions about your data or wish to exercise your rights, contact our team via live chat or email through our support pageWe respond to data-access requests within 14 days and data-deletion requests within 30 days. If you believe we have mishandled your data, you have the right to lodge a complaint with your local data-protection authority.

We review this privacy policy annually and update it if our practices change. We will notify you of material changes via email. Your continued use of shimmer after an update means you accept the new terms. We remain committed to transparent, fair, and secure data handling—the same principles that guide every other aspect of how we operate shimmer.