idetoto Platform Privacy Notice

This page describes what data we collect when you use idetoto, how we protect that data, and what rights you have over your personal information. We take data privacy seriously and implement industry-standard encryption, secure storage, and access controls to ensure your account details, payment information, and gaming history remain confidential.

When you create an idetoto account or place a bet on Liga 1, deposit via QRIS or e-wallet, or join a live-dealer table, we collect certain information necessary to operate the platform, verify your identity, process payments, and comply with local law. This privacy notice explains what we collect, how we use it, who has access to it, and how long we retain it.

Our privacy practices apply across all idetoto access points—desktop browsers, mobile sites, and native iOS and Android apps. If you have questions about how we handle your data, contact our support team via the site chat widget.

What data we collect at idetoto

We collect information in several categories. First, account information: when you register, we collect your full name, date of birth, phone number, email address, and username. We use this to verify your identity, contact you about your account, and recover access if you lose your password.

Second, payment information: when you deposit or withdraw via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank virtual accounts (mobile banking, local payment, online payment, e-wallet), we collect information about the transaction—the amount, the date, the payment method used. We do not store your full card or bank account numbers; instead, we store a tokenized reference to your payment method so we can process future deposits without requiring you to re-enter details.

Third, identity verification (KYC) information: before processing larger withdrawals, we collect a copy of your government-issued ID (passport, national ID card, or driver's license) and proof of address (utility bill, bank statement, or rental agreement). We use this to verify you are who you claim to be and to prevent fraud.

Account information

Name, date of birth, email, phone number, username; used for account management and identity verification.

Payment data

Transaction history, payment method tokens, deposit and withdrawal amounts; used for processing payments and fraud detection.

KYC documents

Government ID and proof of address; used to verify identity before large withdrawals.

Gaming activity

Bets placed, games played, account balance, transaction history; used to operate idetoto and investigate disputes.

Fourth, gaming activity: we automatically collect a record of your betting activity—which markets on Liga 1 or Piala AFF you wagered on, which slots you played, how much you bet, and what you won or lost. This information is stored with your account for dispute resolution, fraud detection, and to help you review your gaming history.

Fifth, technical information: we collect information about your device (browser type, operating system, IP address, device ID) and how you interact with idetoto (pages visited, time spent, features used). We use this to diagnose technical issues, improve performance, and detect fraud or abuse.

How we use your data on idetoto

We use your information for five primary purposes. First, account operation: we use your name, email, and phone to manage your account, send you account notifications (login alerts, withdrawal confirmations), and help you reset your password if needed.

Second, payment processing: we use your payment method information to process your deposits and withdrawals. Your payment provider (mobile banking, local payment, your bank) receives necessary transaction information to complete transfers, but we do not share your full account numbers or credentials with them—only tokenized references.

Fourth, legal compliance: we retain records of deposits, withdrawals, and identity verification to comply with anti-money-laundering (AML) laws, tax reporting requirements, and other local regulations. If a government authority requests your information with a court order, we comply with that request.

Fifth, customer support and dispute resolution: we use your account history and gaming records to respond to support inquiries, investigate disputes, and settle disagreements about game outcomes or transactions.

Third parties and data processors on idetoto

We do not sell your personal data to marketing companies or data brokers. However, we do share data with trusted third parties to operate idetoto. Your payment information is shared with our payment processors and payment providers (the e-wallet or bank) solely to execute your transaction. Your gaming data may be shared with our game providers (slot developers, live-dealer studios) so they can deliver the correct game experience and verify game integrity.

We may also share aggregated or anonymized data—data that does not identify you individually—with analytics partners to help us understand how idetoto is used and where we can improve. We do not share personally identifiable information with these partners.

In rare cases, law enforcement or regulatory authorities may request your information. We comply with legal requests supported by a court order or warrant. We do not voluntarily report user activity to authorities unless required by law.

How we protect your data on idetoto

We use SSL (Secure Sockets Layer) encryption to protect data in transit. All connections between your device and idetoto servers are encrypted, so your login credentials, payment details, and account data cannot be intercepted by hackers.

At rest, we store sensitive data in encrypted databases. Your payment tokens, ID documents, and account information are encrypted so they cannot be read even if someone gains unauthorized access to our servers. We maintain separate, hardened databases for different data types—personal information is isolated from gaming logs, which are isolated from payment records.

We implement access controls: only idetoto staff with a legitimate business need can access your data. We use multi-factor authentication for administrative access to our systems. We conduct regular security audits and penetration testing to identify and fix vulnerabilities.

At idetoto, we view your data privacy as a foundational responsibility—we encrypt everything, limit access strictly, and retain data only as long as necessary.

How long we keep your data

We retain account information (name, email, phone) for as long as your idetoto account is active, plus five years after account closure for anti-money-laundering compliance. If you request deletion of your account, we anonymize your data rather than permanently deleting it, as we are legally required to retain records of transactions for five years.

KYC documents (ID scans, proof of address) are retained for five years after you submit them, as required by anti-money-laundering laws. After five years, we securely delete these documents. If you dispute a withdrawal or gaming outcome, we retain the relevant documentation until the dispute is fully resolved.

Gaming activity logs are retained for one year. After one year, we compress historical gaming data so that you can still download your complete history, but the raw logs are deleted to free storage space.

Your rights over your data at idetoto

You have the right to request access to all personal data we hold about you. Contact our support team with a request, and we will provide you a downloadable file containing your account information, gaming history, and payment records within ten business days.

You have the right to correct inaccurate information. If your name, email, or phone number is incorrect in our records, contact support and we will update it.

You have the right to request deletion of your account and associated data, subject to legal and compliance obligations. If you request deletion, we will anonymize your account (so your personal identifiers are removed) but retain transaction records for five years as required by law.

Cookies and tracking on idetoto

idetoto uses cookies—small text files stored on your device—to maintain your login session, remember your preferences, and analyze how you use the platform. We use session cookies (which expire when you close your browser) to keep you logged in, and persistent cookies (which remain after you close your browser) to remember your preferences like language or theme.

We also use analytics cookies from third-party services like Google Analytics to understand how many people visit idetoto, which pages are most popular, and how long players stay on the site. These cookies do not collect personal information directly; instead, they collect aggregated data (e.g., "50 users visited the Liga 1 betting page today").

You can control cookies in your browser settings. Disabling cookies may prevent you from logging into idetoto, so we recommend keeping cookies enabled. You can also opt out of analytics cookies by visiting the analytics provider's opt-out page.

International data transfers

Our servers may be located outside your jurisdiction. If you are in Jakarta, Surabaya, Bandung, or Medan, your data may be transferred to and stored in data centers outside Indonesia. We ensure that any international transfer is protected by appropriate safeguards—encrypted transmission, contractual agreements with service providers, and compliance with local data protection laws.

By creating an idetoto account, you consent to international transfer of your data for the purposes of operating the platform, processing payments, and providing customer support.

Contact and data subject requests

If you have questions about how we collect, use, or protect your data, contact our support team via the site chat widget. If you wish to exercise a data subject right—access your data, correct information, delete your account, or opt out of analytics—contact support with a clear request and specify which right you are exercising. We will respond within ten business days.

If you are not satisfied with our response to a data privacy concern, you may contact your local data protection authority (e.g., the Commissioner's office in your country).

Summary of our idetoto privacy commitments

We collect your name, contact information, payment method, KYC documents, and gaming history to operate idetoto, process deposits and withdrawals, verify your identity, and comply with local law. We protect this data using SSL encryption, encrypted databases, access controls, and regular security audits. We do not sell your data to third parties; we share it only with trusted payment processors, game providers, and where legally required.

We retain account information for the life of your account plus five years (for AML compliance). KYC documents are retained five years after submission. You have the right to access your data, correct inaccuracies, request deletion, and opt out of optional uses. Our privacy practices apply across all idetoto access points—desktop, mobile browser, and native apps.

idetoto's services are available only where local law permits. Your data is protected according to the standards of the jurisdiction where our servers are located, and we comply with your local data protection laws to the extent applicable. If you have a data privacy concern, contact our support team or your local data protection authority.