LEGAL REFERENCE

How We Handle Your Account Data

This is the datatoto privacy policy page, written for you in plain language. We explain what we collect when you open an account, how we store your sign-in...

Policy v3.2Indonesia scopePlain-languageAccount-data focusUpdated quarterly
See the Lobby Read FAQ
datatoto How We Handle Your Account Data

Policy Posture and Jurisdiction Scope

This policy applies to your use of datatoto where local law permits and across supported regions in Indonesia. We collect the data you give us at sign-up (name, contact, verification documents), the device signals your browser shares, and the transaction references tied to your chosen e-wallet rail. We do not sell your personal data to third parties. We share limited records with

our payment partners only to settle a deposit or withdrawal you initiated. Where Indonesian regulation requires a retention window, we hold the file for that period and then purge it from our active systems. You can request a copy of your record, ask us to correct an entry, or close the account entirely — the contact paths are listed further down this

page.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

24/7 SUPPORT

Reach Our Privacy Team

Data Request Inbox Email our privacy desk for copies of your account file, corrections to a field we hold, or a full closure request. We respond within five working days across Indonesia time zones.
In-Lobby Chat Open the chat widget once you're signed in and ask for the privacy queue. The agent routes your message to the data team rather than the general account-support pool for faster handling.
Postal Channel For formal data-subject letters under Indonesian law, our registered correspondence address is published in your account footer. Send signed requests there and we'll log them on receipt.
EDITORIAL CLARITY

How This Policy Is Reviewed

Quarterly Legal Review

Our in-house counsel re-reads this policy every quarter and flags any clauses that no longer match how datatoto actually processes your data, so the wording on this page stays accurate.

Indonesian Counsel Input

A local advisor reviews jurisdiction wording against current Indonesian data-protection expectations. Their notes shape how we describe retention windows, consent prompts and cross-border transfer references.

Engineering Sign-Off

Before any clause goes live, our platform engineers confirm the described data flow matches what the code actually does. No policy text ships ahead of the system that backs it.

Version Tracking

Every revision carries a version tag and a changelog entry. If we move from v3.2 to v3.3, you can see exactly which paragraph shifted and when the change took effect.

Plain-Language Pass

We rewrite legal phrasing into sentences you can scan on a phone. Dense clauses get broken into shorter lines so the policy reads cleanly on the lobby browser you already use.

User Feedback Loop

Privacy questions from chat get logged. If the same point comes up repeatedly, we add a clarifying line here rather than letting confusion stack up across multiple account holders.

Consistency Across Our Policy Pages

Terms of ServiceThe terms page covers the contract between you and datatoto. This privacy page covers the data side of that same relationship — the two are written to dovetail, never to contradict.
Cookie NoticeThe cookie notice itemises every script the lobby loads. This page describes what happens to the data those scripts collect once it reaches our servers in supported regions.
KYC PageThe KYC document page lists what verification files we need. This policy explains how long we keep those files and which staff roles can open them after submission.
Payment TermsPayment terms describe DANA, OVO, GoPay and QRIS rail behaviour. This policy describes what transaction metadata we retain from those rails for reconciliation and audit purposes.
Account ClosureThe closure page walks through the off-boarding steps. This policy clarifies which records survive closure for regulatory retention and which are purged from active systems immediately.
Security PageOur security page describes encryption and infrastructure choices. This policy explains the data those controls protect — the link between the two should feel seamless when you read them together.
Complaints ChannelThe complaints page routes general disputes. Data-specific complaints belong in the privacy inbox listed above, so this policy stays the single source for data-handling escalations.
PLATFORM SNAPSHOT

What This Policy Page Contains

01
Scope Statement Up top, we set out which products and which Indonesian regions this policy applies to, so you know whether the wording covers the lobby session you're currently inside.
02
Data Categories A clear list of the data types we hold: identity fields, device signals, transaction references and chat transcripts. Each category links to why we keep it.
03
Retention Windows For each data type, we state how long the record stays in active storage and when it moves to archive or deletion under Indonesian retention expectations.
04
Your Rights Panel A summary of access, correction, portability and closure rights, with the exact channel to use for each. No buried clauses — the rights sit in their own block.
05
Third-Party Map A short list of the processors we share data with — payment partners, KYC vendors, hosting providers — and the narrow purpose each one is authorised to perform.
06
Change Log At the bottom, a dated log of every revision to this page. Nothing changes silently; if we update a clause, the entry shows up here on the same day.

Common Privacy Questions

We collect your name, contact details, date of birth and the identity documents required for verification under Indonesian rules. Device and browser signals are captured automatically to secure the session you open.

Active account data stays for the life of the account. After closure, we retain regulatory records for the window Indonesian law specifies, then purge the file from our live systems on schedule.

We share only the transaction reference needed to settle the deposit or withdrawal you initiated. No browsing history, chat content or game activity is passed to these e-wallet partners at any point.

Yes. Email the privacy inbox listed in the support block above and we'll compile your record. Expect a response within five working days, with the file delivered through a secure channel.

Open the in-lobby chat, ask for the privacy queue, and tell the agent which field is incorrect. Identity-related corrections need a fresh document; contact-detail edits go through more quickly.

Material changes are flagged inside the lobby on your next sign-in and logged in the change log at the bottom of this page. Minor wording fixes appear in the log without an in-lobby prompt.

Start with our privacy inbox. If the response doesn't resolve the matter, you may escalate to the relevant Indonesian data-protection authority — the postal address and reference are provided on request.