gamatoto Privacy Policy

This page describes what we collect when you use gamatoto and how we keep that data protected. We recognize that privacy is fundamental to trust; your personal information is encrypted, stored securely, and shared only when necessary to operate our platform or comply with law.

When you open an account on gamatoto, deposit via DANA, e-wallet, mobile banking, local payment, or bank transfer, or place a bet on Liga 1 or other sports, we collect specific data points. We use this information to verify your identity (KYC), process your withdrawals, prevent fraud, and provide customer support. We do not sell your data, and we do not use it for marketing beyond our own gamatoto promotions.

Our privacy practices comply with international standards and local regulations where gamatoto operates. If you have questions about how we handle your data, contact our support team or read the detailed sections below.

What Data We Collect on gamatoto

When you register with gamatoto, we collect your email address, phone number, and a password of your choice. During identity verification (KYC), we ask for a government-issued ID (national ID, passport, or driver's license), your date of birth, and proof of address (utility bill, bank statement, or lease agreement). We also collect your banking or payment-wallet details when you deposit or request a withdrawal on gamatoto.

As you use gamatoto, we log your betting activity—which matches you bet on, which slots you play, your wins and losses, and when you accessed your account. We collect your IP address and device information (browser type, operating system) to detect fraud and unusual access patterns. We also record when you contact our support team and what you ask about.

We do not collect your biometric data, location data (beyond what your IP reveals), or any information unrelated to operating gamatoto. We do not install cookies on your device for tracking; we use session cookies only to keep you logged in.

How We Use Your Data on gamatoto

We use your email and phone to send account notifications—deposit confirmations, bonus credits, withdrawal approvals, and security alerts on gamatoto. You can adjust notification frequency in your account settings, but critical security messages cannot be disabled.

Your identity documents are verified by our compliance team to comply with anti-money-laundering (AML) regulations. We compare your submitted ID against our records and confirm your address. This verification is mandatory before you can deposit or withdraw on gamatoto.

Your IP address and device details help us detect unauthorized access attempts and fraud. If we see a login from an unusual location or device, we may ask you to confirm your identity before granting access to gamatoto.

KYC verification data

Your national ID, address, and date of birth are kept encrypted and accessed only by our compliance team for verification and legal reporting.

Payment data

Your bank account or e-wallet details are stored securely and used only to process deposits and withdrawals on gamatoto; we do not retain full card numbers.

Betting history

Your game activity on gamatoto is logged for 7 years to comply with financial and gambling regulations, then securely deleted.

Third Parties and Data Processors

We share your data with third parties only when necessary. Our payment processors (the entities that handle DANA, e-wallet, mobile banking, local payment transactions on gamatoto) receive your payment details to complete deposits and withdrawals. Our bank (online payment, e-wallet, mobile banking, local payment transfer recipients) receives your bank account information to settle withdrawals on gamatoto.

We may share anonymized, aggregated data with game providers (slot game studios, live-dealer studios) to understand player engagement. This data does not include your identity or account balance—only game category and session duration.

We may disclose personal data if required by law (court order, government request, or regulatory inquiry). We will notify you of such disclosures unless legally prohibited. Our servers and databases may be physically located outside Indonesia; by using gamatoto, you consent to this cross-border data transfer.

We at gamatoto encrypt all personal data in transit and at rest, and we limit access to only employees who need it to operate the platform.

Your Rights Regarding Data on gamatoto

You have the right to access your personal data on gamatoto. Log in to your account and review your profile, betting history, and deposit records. You can also request a full export of your data by contacting our support team; we will provide it in a portable format within 30 days.

You have the right to correct inaccurate data. If your name, email, or address is wrong on gamatoto, contact support and we will update it after verifying your identity.

You have the right to lodge a complaint with the data protection authority in your jurisdiction if you believe we have mishandled your data on gamatoto.

Data Retention and Security

We keep your gamatoto account data—email, phone, verified identity—for as long as your account is active, plus seven years after closure for legal compliance. Betting history is retained for seven years. Payment data is retained for three years unless longer retention is required by financial regulations.

All data on gamatoto is encrypted using industry-standard TLS/SSL for data in transit and AES-256 for data at rest. Our servers are in secure data centres with restricted physical access. We conduct regular security audits and penetration testing on gamatoto to identify and patch vulnerabilities.

If we discover a data breach on gamatoto, we will notify affected members and authorities as required by law. We maintain cyber-insurance to cover potential incident costs.

Cookies and Tracking

We use session cookies on gamatoto to maintain your login state while you browse. These cookies are deleted when you close your browser. We do not use persistent cookies or tracking pixels for behavioural analysis.

Our website analytics (page views, time on site) use aggregated, anonymized data only. No individual user is tracked across pages.

If you disable cookies in your browser, gamatoto will not function properly. We cannot adjust this requirement as session management depends on cookies.

Data Transfers and Jurisdiction

gamatoto operates across multiple jurisdictions, including Jakarta, Surabaya, Bandung, Medan, and Semarang. Our servers may be hosted in regions outside Indonesia. By using gamatoto, you consent to your data being stored and processed in these locations, subject to encryption and the security standards outlined in this policy.

We comply with data protection laws in jurisdictions where we operate. Where a conflict exists between local law and our privacy practices, we follow the stricter standard.

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by email or by posting a notice on gamatoto. Your continued use of gamatoto after such changes constitutes acceptance of the revised policy.

Contact Us About Privacy

If you have questions about how we handle your data on gamatoto, or if you wish to exercise any of the rights described above, contact our support team via live chat, email, or in-app help. We will respond within 14 days. You may also submit a formal data access request in writing; we will provide a response within 30 days as required by regulation.

Related policies