Reference

Legal framework that protects your account and payments

When you open an account on maha138, your deposits via DANA, OVO, GoPay and QRIS are protected by our payment security protocols and data handling rules.

Account creation and verificationPayment security and verificationData retention and privacyWithdrawal and dispute resolution
maha138 Legal framework that protects your account and payments
HOW TO REACH US

Get legal or account support when you need it

Our support team handles account disputes, data requests and legal questions through multiple channels. Reach us during business hours (Monday to Friday, 08:00–21:00 Western Indonesia Time) via live chat inside your account lobby, email at [email protected], or through our help centre. For urgent payment disputes, contact support immediately with your transaction reference number so we can verify the payment record in our system.

Team online

Live Chat Support

Open your account and tap the help icon in the lobby footer. A support agent will respond within two minutes during business hours to answer legal or account questions.

Email Support

Send account or data requests to [email protected] with your account username and transaction details. We reply within 24 hours on business days.

In-App Help Centre

Browse our help topics directly in the account menu — select 'Legal & Account' to see FAQs on withdrawals, data deletion and dispute timelines.

SECURITY AND DATA HANDLING

How we protect your account and personal information

Data security on maha138 starts with encrypted connections when you log in. Your account is protected by two-factor authentication (2FA), which you can activate in the security settings…

Encryption and Transport Security

All connections to maha138 use HTTPS encryption. Payment data sent to DANA, OVO, GoPay and QRIS gateways is encrypted end-to-end…

Two-Factor Authentication

Enable 2FA in your account settings after registration to add an extra layer of security.

Data Retention Limits

We keep your account data only as long as needed. Transaction records are retained for seven years where local law…

Payment Processor Compliance

DANA, OVO, GoPay and QRIS transfers are processed by licensed Indonesian payment providers that meet local financial security standards and…

Fraud Monitoring

Our system flags unusual withdrawal patterns or repeated failed logins.

Data Access and Deletion

You can request a copy of all your personal data via the account settings menu under 'Download My Data'.

Answers to the questions we hear most about account rules

When you open a dispute, our team matches your account record against the payment processor log for DANA, OVO, GoPay or QRIS. If the transaction cleared successfully, we investigate whether a refund was already issued to your wallet. Disputes are resolved within five business days. If the payment failed on the processor side, the funds return to your wallet automatically within 24 hours.

After account closure, we delete your contact details and personal profile within 90 days. Transaction records and payment history are retained for seven years where local law permits, then permanently removed. You can request early deletion by emailing [email protected] with your account username.

Yes. Log into your account, go to Settings > Download My Data, and we will prepare a file containing all your personal information, account activity and transactions. The download link is sent to your registered email within 24 hours. Alternatively, contact our support team via live chat for a manual export.

Contact our support team immediately and provide your transaction reference number. We will freeze your account pending verification. At the same time, notify your payment provider (DANA, OVO, GoPay or QRIS) directly so they can reverse the transfer on their end if fraud is confirmed. Our legal team will provide documentation of the investigation.

No. Your account data — name, phone, payment details, transaction history — is never sold or shared with advertisers or third parties. We share data only with payment processors (DANA, OVO, GoPay, QRIS) to complete transactions and with legal authorities where local law requires disclosure.

Access and eligibility depends on local law. Your account terms are governed by the regulations that apply in your jurisdiction. For questions about local compliance or legal standing, contact our legal team at [email protected] with details of your location and concern.

maha138 uses cookies only for session authentication and fraud prevention — not for cross-site tracking or advertising. You can disable non-essential cookies in your browser settings at any time. Disabling cookies may affect login persistence and account recovery features, but will not prevent you from using the platform.