LEGAL REFERENCE

Your data stays yours. Here's how.

We built 1001toto around Indonesia's payment rails—QRIS, DANA, OVO, GoPay—and we protect what you share with us the same way. This policy shows you exactly what we collect...

Data ProtectionPayment SecurityAccount PrivacyTransparent PracticesIndonesia Compliant
Tour the Lobby Read FAQ
1001toto Your data stays yours. Here's how.

What we collect and why

When you open an account with 1001toto, we ask for your name, email, phone number and identity details to verify your account and meet local regulatory requirements in supported Indonesian regions. We collect payment information—card details, e-wallet IDs, QRIS references—only to process deposits and withdrawals. We also log your activity on the platform: which games you browse, when you log in, and

how you navigate the lobby. None of this data is sold. We use it to keep your account secure, prevent fraud, and show you content that matches your interests. You can request a copy of your data or ask us to delete it at any time.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

SUPPORT

Questions about your privacy?

Team online

Email Support

Reach our privacy team at [email protected] with any questions about how we handle your data or your rights under local law.

Account Settings

Manage your personal details, communication preferences and data sharing choices directly in your account dashboard anytime.

Data Requests

Submit a formal request to download, correct or delete your personal information through our privacy portal within your account.

TRUST MARKERS

How we earn your trust

Encryption Standard

All data in transit and at rest uses TLS 1.2+ encryption. Your payment details never touch our servers in plain text.

Third-Party Audits

We commission annual security reviews from independent firms to verify our data handling and storage practices meet global standards.

Compliance Framework

Our privacy practices align with Indonesian data protection principles and payment network rules for QRIS, DANA, OVO and GoPay.

No Data Broker Sales

We do not sell, rent or share your personal information with data brokers, advertisers or third parties outside our service partners.

Breach Notification

If a security incident affects your data, we notify you within 72 hours with details of what happened and steps you should take.

Privacy by Design

Every new feature we build starts with a privacy review. We collect only what we need and delete it when you no longer need the service.

Consistency across our policies

Terms of Service
Defines your rights and responsibilities when you use 1001toto; privacy policy covers data handling specifically.
Cookie Policy
Explains how we use cookies and tracking pixels to remember your preferences and improve your lobby experience.
Payment Terms
Details deposit and withdrawal rules for QRIS, DANA, OVO and GoPay; privacy policy covers how we secure payment data.
Dispute Resolution
Outlines how we handle account disputes and complaints; privacy policy ensures your complaint data stays confidential.
Affiliate Program
If you refer friends, we share only your referral ID with partners; your personal data remains private under this policy.
Account Closure
When you close your account, we delete personal data within 30 days unless law requires us to keep records longer.
Policy Updates
We notify you of material privacy changes via email 30 days before they take effect; you can review changes anytime here.
PLATFORM SNAPSHOT

What defines our privacy approach

Minimal Collection We ask for only the information we need to verify...
Local Payment Rails QRIS, DANA, OVO and GoPay transactions are processed through certified...
Transparent Logging Your login history, game activity and payment records are visible...
User Control You control your communication preferences, data sharing choices and can...
Vendor Accountability Every service provider we work with—hosting, analytics, payment processors—signs a...
Incident Response If a breach occurs, our security team isolates affected systems...

Privacy questions answered

We keep your account data for as long as your account is active. After you close it, we delete personal information within 30 days unless local law requires longer retention for tax or fraud prevention purposes.

Yes. Log into your account, go to Settings > Privacy > Download My Data, and we'll email you a complete file of everything we hold about you within 7 business days.

No. Payment details are tokenized and stored by our certified payment processors. We keep only a reference ID so we can match deposits to your account without storing raw card or wallet data.

We share data only with service providers who help us run the platform—hosting companies, payment processors, fraud detection firms. All sign strict data protection agreements. We never sell your data to advertisers or brokers.

We notify you within 72 hours with details of what was accessed, steps we took to stop it, and free credit monitoring if payment data was exposed. We also report to relevant Indonesian authorities.

Yes. Request account closure in Settings > Account > Close Account. We delete your personal data within 30 days. Transaction records for QRIS, DANA, OVO and GoPay may be kept longer for regulatory compliance.

We use cookies to remember your login, language preference and game history so you don't have to re-enter them. See our Cookie Policy for details on third-party analytics and how to opt out.