At ijaya, protecting your personal information is a core part of how we operate. This Privacy Policy explains exactly what data we collect from you, why we collect it, how we use it, and the rights you have over your own information.
These highlights summarise our core data protection principles — please read the full policy below
ijaya collects personal data solely to operate the Platform, process payments, verify identity, comply with regulatory requirements, and improve the member experience. Your data is not sold to third parties for advertising purposes.
All data transmitted between your device and the ijaya Platform is encrypted using SSL/TLS technology. This includes login credentials, personal details, payment information, and game session data — protecting you at every interaction.
You have the right to access the personal data ijaya holds about you, request corrections, ask for deletion where legally permissible, and opt out of marketing communications at any time. Contact our support team to exercise any of these rights.
ijaya operates under international gaming authority oversight. Our data practices comply with the requirements of our operating licence, including anti-money-laundering (AML) obligations that require collection and retention of certain identity and transaction records.
If you prefer not to receive promotional emails or platform notifications from ijaya, you can opt out at any time through your Account settings or by contacting support. Opting out of marketing does not affect transactional communications about your account.
Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, including compliance with legal and regulatory retention obligations. Upon Account closure, data is handled in accordance with applicable retention schedules.
Important: This Privacy Policy ("Policy") describes how ijaya ("ijaya", "we", "us", "our") collects, uses, discloses, and protects personal information provided by or collected from members and visitors ("you", "your") of the ijaya Platform at ijaya.app. By registering an Account or using the Platform, you consent to the practices described in this Policy. If you do not agree, you must not use the Platform.
1.1 This Policy applies to all personal data processed by ijaya in connection with the operation of the Platform, including data collected during registration, during gameplay, during payment processing, and during interactions with ijaya's customer support team.
1.2 This Policy should be read alongside ijaya's Terms & Conditions, which govern your use of the Platform as a whole. In the event of a conflict between this Policy and the Terms & Conditions on privacy-related matters, this Policy prevails.
1.3 ijaya operates under international gaming authority oversight, which imposes specific data collection and retention obligations on the Platform. Some data processing described in this Policy is required by regulatory obligation rather than by choice.
ijaya collects the following categories of personal data:
3.1 Directly from you — when you register an Account, complete identity verification, make deposits or withdrawals, contact support, or update your Account profile.
3.2 Automatically — through cookies, server logs, and Platform analytics tools as you use the Platform, including during gameplay and browsing sessions.
3.3 From third parties — from payment processors and e-wallet providers (such as Touch n Go, Boost, GrabPay, Maybank, and CIMB) in connection with transaction processing; from identity verification service providers; and from fraud detection services.
3.4 From publicly available sources — to the extent permitted by applicable law and required by regulatory compliance obligations, including AML screening against publicly available sanctions and watchlists.
ijaya uses the personal data it collects for the following purposes:
ijaya processes personal data on the following legal bases:
6.1 ijaya does not sell your personal data to third parties for commercial purposes.
6.2 ijaya may share your personal data with the following categories of third parties, strictly as necessary to operate the Platform and comply with applicable obligations:
6.3 All third-party processors engaged by ijaya are subject to contractual data protection obligations consistent with applicable law and ijaya's regulatory licence requirements.
7.1 Some of ijaya's third-party service providers are based outside of Malaysia. Where personal data is transferred internationally, ijaya ensures that appropriate safeguards are in place, including standard contractual clauses or equivalent mechanisms recognised under applicable data protection requirements.
7.2 ijaya does not transfer personal data internationally for purposes beyond those described in this Policy. Where regulatory obligations require data to be retained in a specific jurisdiction, ijaya complies with those requirements.
8.1 ijaya implements appropriate technical and organisational security measures to protect personal data against unauthorised access, loss, destruction, alteration, or disclosure. These measures include SSL/TLS encryption for all data in transit, access controls limiting data access to authorised personnel, encrypted storage of sensitive data including passwords, and regular security reviews.
8.2 While ijaya takes data security seriously, no system is completely immune to security incidents. In the event of a data breach affecting your personal data, ijaya will take appropriate steps to contain the breach and, where required, notify affected Members and relevant authorities in accordance with applicable obligations.
8.3 You are responsible for keeping your Account login credentials secure. ijaya recommends using a strong, unique password for your ijaya Account and not sharing it with any other person or platform.
9.1 ijaya retains personal data for as long as is necessary to fulfil the purposes for which it was collected, subject to any longer retention period required by law or regulatory obligation.
9.2 In particular, AML and KYC regulations applicable to ijaya's gaming authority licence require retention of identity records and transaction records for a minimum period following Account closure or the last transaction. ijaya complies with these minimum retention periods.
9.3 Upon Account closure by request, personal data that is not required to be retained under applicable law will be deleted or anonymised within a reasonable period. You will be notified of the applicable retention period for your data upon making a closure request.
9.4 Gaming activity records (bet history, game logs) are retained for the applicable regulatory period and may be used in connection with disputes, audits, or compliance reviews during that retention window.
10.1 The ijaya Platform uses cookies and similar tracking technologies to operate the Platform, maintain your session, remember your preferences, and analyse platform usage.
10.2 The following categories of cookies are used:
10.3 Most browsers allow you to control or delete cookies through their settings. Disabling essential cookies will affect your ability to use the Platform and may prevent login or session maintenance from functioning correctly.
Subject to applicable law and regulatory restrictions, you have the following rights in relation to your personal data held by ijaya:
To exercise any of these rights, contact ijaya's support team. Requests will be handled within 30 days. Some requests may be subject to identity verification before processing.
Note that regulatory obligations (AML, KYC) may restrict ijaya's ability to delete certain data prior to the expiry of the applicable statutory retention period. In such cases, ijaya will inform you of the applicable restriction and its basis.
12.1 The ijaya Platform is strictly for adults aged 21 and above. ijaya does not knowingly collect personal data from individuals under the age of 21.
12.2 Age verification is conducted at registration and at first withdrawal. Where ijaya discovers that an Account has been registered by a person under 21, the Account will be immediately closed, any deposits returned to the payment source, and the associated data handled in accordance with applicable regulatory requirements.
12.3 If you have reason to believe that a minor has registered or attempted to register on the Platform, please contact ijaya's support team immediately.
The ijaya Platform may reference third-party payment providers and game studio partners. ijaya is not responsible for the privacy practices of any third-party websites or services. This Policy applies only to the ijaya Platform at ijaya.app. We recommend reviewing the privacy policies of any third-party services you use in connection with the Platform.
14.1 ijaya reserves the right to amend this Privacy Policy at any time. Material changes will be notified to Members via email and/or a notice on the Platform prior to the change taking effect.
14.2 Your continued use of the Platform after notification of a change constitutes your acceptance of the revised Policy. If you do not agree with any change, you may close your Account in accordance with ijaya's Terms & Conditions.
14.3 The "Last Updated" date at the top of this Policy reflects the date of the most recent revision. We recommend reviewing this Policy periodically.
For any questions, concerns, or requests relating to this Privacy Policy or to the personal data ijaya holds about you, please contact the ijaya support team through the following channels:
ijaya aims to acknowledge written data enquiries within 5 business days and provide a full response within 30 days. Where a request is complex or involves multiple data subjects, ijaya will inform you if an extension to the response period is required.
Questions about your data or account privacy? Our 24/7 support team is ready to help. Or simply log in to your ijaya account to manage your privacy settings and responsible gaming tools.
21+ The ijaya platform is for adults aged 21 and above only. Please gamble responsibly.