totodana Platform Privacy Notice

This page describes what we collect when you use totoe-wallet and how we keep that data protected. We gather your personal information—name, email, phone, ID number, date of birth, and payment details—to verify your identity, process deposits and withdrawals, and comply with anti-money-laundering regulations. We treat this data as sensitive and secure it using encryption, access controls, and regular security audits.

We do not sell your data to third parties. We share information only with payment processors (mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment), anti-fraud services, and where required by law. We store data only as long as necessary—typically while your account is active, plus seven years thereafter for regulatory compliance. You have the right to request access to, correction of, or deletion of your data, subject to legal obligations.

Our services are available only where applicable law permits. If your jurisdiction has specific data protection laws (such as GDPR or local privacy statutes), those laws apply in addition to this notice. Read this page carefully and contact us if you have questions about how we handle your information.

What Data We Collect on totodana

We collect several categories of information when you use totoe-wallet:

  • Account Information: Your full legal name, email address, phone number, date of birth, and government-issued ID (KTP, SIM, or passport number). We require this to verify your identity and comply with anti-money-laundering (AML) regulations.
  • Payment Information: When you deposit or withdraw, we record your payment method (e.g., your mobile banking wallet ID, local payment phone number, bank account number). We do not store full credit card numbers or passwords—our payment processors handle those details securely.
  • Betting and Gaming Data: We log all bets you place on Liga 1, Piala Indonesia, Piala AFF, Champions League, and other markets; all games you play (slots, live dealer tables, esports); and all outcomes and winnings. This helps us detect fraud, resolve disputes, and personalise your account experience.
  • Device and Usage Data: We record your IP address, browser type, device type (Android, iOS, desktop), and timestamps of your logins and transactions. This helps us secure your account and detect unauthorised access.
  • Support Data: If you contact our support team via email, live chat, or ticket, we retain copies of those messages to resolve your issue and improve our service.

We do not ask for sensitive biometric data (fingerprints, facial recognition) or health information. We collect only what is necessary to run our platform and comply with law.

How We Use Your Data on totoonline payment

We use the data we collect for the following purposes:

  • Account verification and AML compliance: We verify your identity against government records and cross-check with anti-fraud databases. This is mandatory under Indonesian and international financial regulations.
  • Payment processing: We share your name, ID, and bank account with payment processors (e-wallet, mobile banking, local payment, online payment virtual accounts) and e-wallet providers (e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking) to process your deposits and withdrawals.
  • Fraud detection and account security: We monitor betting patterns, withdrawal requests, and login behaviour to detect fraud, money laundering, and account compromise. If we spot suspicious activity, we may ask for additional verification.
  • Dispute resolution: If you dispute a bet settlement or withdrawal, we review your betting history, device logs, and payment records to investigate fairly.
  • Service improvement: We analyse aggregated (non-personal) data about user behaviour—e.g., which matches draw the most bets, which games are most popular—to improve our platform and add new features.
  • Legal compliance: We retain records to comply with financial regulations, tax reporting, and law enforcement requests.
Marketing: We do not send unsolicited marketing emails or push notifications. We may send service-related emails (account verification, deposit confirmation, withdrawal notification, policy updates) and, if you opt in, promotional notifications about new markets or seasonal tournaments (e.g., Idul Fitri promotions, Champions League launches). You can opt out of promotional emails anytime via your account settings.

Third Parties We Share Data With

We do not sell or share your personal data for marketing purposes. We share information only in these limited scenarios:

Payment processors and banks: When you deposit or withdraw, we provide your name, ID, and bank/wallet account details to local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or other payment partners. They process the transaction securely and do not use your data for their own marketing.

Anti-fraud services: We use third-party fraud-detection services to verify your identity and check for suspicious activity. These services are bound by strict confidentiality agreements and use your data only to prevent fraud.

Law enforcement and regulators: If we receive a court order, subpoena, or legal request from Indonesian authorities or international financial regulators, we comply and may disclose your data. We will notify you of such requests unless legally prohibited from doing so.

We do not share data with advertising networks, social media platforms, or data brokers. Our third-party partners are carefully vetted and operate under contracts that require them to protect your privacy.

How We Secure Your Data on totoe-wallet

We employ industry-standard security measures to protect your data:

  • Encryption: All data in transit (when you log in or submit payment details) is encrypted using TLS (Transport Layer Security). Data at rest on our servers is encrypted using AES-256 encryption.
  • Access controls: Only authorised staff can access your personal data, and only when needed to process your request. We log all access and audit it regularly.
  • Firewalls and intrusion detection: Our servers are protected by firewalls and intrusion-detection systems that monitor for unauthorised access attempts.
  • Regular security audits: We conduct annual security audits and penetration testing to identify and fix vulnerabilities.
  • Password security: We recommend you use a strong, unique password for your totomobile banking account. We never store your password in plain text; we hash it using industry-standard algorithms.

While we take security seriously, no system is completely immune to breaches. If we discover that your data has been compromised, we will notify you within 30 days and cooperate with authorities as required by law.

How Long We Retain Your Data

We retain your personal data for the following periods:

  • Account data (name, ID, email, phone): While your account is active, plus seven years after closure for regulatory compliance.
  • Transaction records (deposits, withdrawals, bets): At least seven years per anti-money-laundering requirements.
  • Support tickets and correspondence: For one year after resolution, then securely deleted.
  • Device and usage logs: Retained for one year, then archived or deleted.

If your account is suspended due to fraud or policy violation, we retain all data indefinitely to prevent re-registration under false identities. You may request deletion of your data after your account is permanently closed, subject to legal and regulatory obligations.

Your Rights on totodana

You have the following rights regarding your data:

  • Right to access: You can request a copy of all data we hold about you. Contact our support team and we will provide it within 14 days.
  • Right to correction: If your data is inaccurate or incomplete, you can request correction via your account settings or support.
  • Right to deletion: You can request deletion of your data after your account is permanently closed, subject to regulatory retention requirements.
  • Right to withdraw consent: If you consented to marketing communications, you can withdraw consent anytime via account settings.
  • Right to lodge a complaint: If you believe we have mishandled your data, you have the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, contact our support team at the email or chat address provided in your account.

Cookies and Tracking on totoe-wallet

We use cookies and similar tracking technologies on totomobile banking to remember your login session, personalise your experience, and analyse usage patterns. Cookies are small files stored on your device; you can disable them in your browser settings, but some features may not work correctly if you do.

We use two types of cookies:

  • Essential cookies: Required for login, security, and account management. These cannot be disabled without breaking the platform.
  • Analytics cookies: Help us understand how users interact with totolocal payment (e.g., which markets are most popular). These are optional and do not identify you personally.

We do not use third-party tracking pixels or retargeting cookies. Our analytics data is aggregated and does not reveal individual user behaviour.

We at totoonline payment are committed to protecting your privacy and operating transparently—your data is secure, used only as described, and retained only as long as necessary.

totoe-wallet data protection team

Jurisdiction and Contact Information

Our services are available only where applicable law permits. If you are in a jurisdiction with specific data protection laws (such as GDPR in Europe or local Indonesian data protection statutes), those laws apply in addition to this notice. In case of conflict between this notice and local law, local law takes precedence.

If you have questions about our privacy practices, want to exercise your data rights, or suspect a data breach, contact our support team via the help section in your totomobile banking account. We are available in English and Indonesian and typically respond within one business day. You can also escalate concerns to our Data Protection Officer if you believe we have violated your privacy rights.

This Privacy Notice is effective as of the date posted and applies to all totolocal payment users. We may update this notice at any time; material changes will be notified via email or in-app announcement at least 30 days before taking effect. Your continued use of totoonline payment after an update means you accept the new terms.