Data Retention
We keep your account data for as long as you're active, then delete within 30 days of closure unless law requires longer storage. No indefinite archiving.
LEGAL REFERENCE
Your Privacy Comes First at tototik
We've built our privacy framework around your account security, payment protection and data transparency. Every piece of information you share — from your QRIS details to your gaming...
Data EncryptedPayment SecureYour ControlTransparent PolicyIndonesia Compliant
How We Handle Your Information
tototik collects account details, payment references and gaming activity to deliver your lobby experience, process DANA, OVO, GoPay and QRIS transactions, and comply with local regulations in supported Indonesian regions. We do not sell your data to third parties. Your information is stored on secure servers with restricted access. We retain account records for the duration of your membership and as required
by law. If you close your account, we delete personal data within 30 days unless legal obligations require longer retention. Our privacy practices align with Indonesian data protection standards and international encryption protocols.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
TRUST MARKERS
Why Your Data Is Safe With Us
SSL Encryption
All data transmitted between your device and our servers uses 256-bit SSL encryption. Payment details and account credentials are never...
Regular Audits
We conduct quarterly security audits and penetration testing to identify and patch vulnerabilities before they affect your account or payment...
Payment Compliance
DANA, OVO, GoPay and QRIS transactions are processed through PCI-DSS compliant gateways. We never handle raw payment credentials directly on...
Data Minimization
We collect only the information needed to run your account, process deposits and withdrawals, and meet local regulatory requirements. No...
Access Controls
Only authorized staff can view your personal data, and only when required for account support, fraud prevention or legal compliance...
Incident Response
If a security incident occurs, we notify affected users within 24 hours and provide clear steps to protect your account...
PLATFORM COMPARISON
How Our Policy Stacks Up
Third-Party Sharing
We share data only with payment processors, fraud prevention partners and legal authorities when required. We never sell your information to advertisers or data brokers.
Cookie Transparency
Our site uses essential cookies for account login and session management, plus analytics cookies to improve your experience. You can disable non-essential cookies anytime.
User Rights
You can request a copy of your data, correct inaccuracies, delete your account and opt out of marketing emails. Submit requests via [email protected].
Policy Updates
We notify you of material privacy changes via email at least 30 days before they take effect. You can review the full change log on this page.
International Standards
Our encryption and access controls meet international best practices. We align with GDPR principles even though we operate primarily in Indonesia.
Dispute Resolution
Privacy disputes are handled through our support team first, then escalated to local Indonesian authorities if needed. We aim to resolve concerns within 14 days.
QUICK SIGNAL
What Defines Our Privacy Approach
01
Account Ownership
Your account is yours alone. We never access your DANA, OVO, GoPay or QRIS wallet directly. You authorize each transaction and can review your full payment history anytime.
02
Transparent Logging
Every login, deposit, withdrawal and game session is logged and visible to you. You can spot unusual activity immediately and alert us to freeze your account.
03
Fraud Prevention
We monitor for suspicious patterns — unusual login locations, rapid withdrawals, duplicate accounts — and flag them before they affect your funds or data.
04
Lobby Privacy
Your gaming history, favourite games and betting patterns are private. We use this data only to personalize your lobby experience, never to profile or sell insights.
05
Communication Control
You choose how we contact you — email, SMS or in-app only. Unsubscribe from promotions anytime. We respect your inbox and never spam or share your contact details.
06
Deletion Rights
Close your account and request full data deletion. We remove your personal information within 30 days, keeping only transaction records required by Indonesian law.
Privacy Policy Questions Answered
We never store your wallet credentials. Payment processors handle all sensitive data through encrypted channels. We receive only transaction confirmations and your account balance updates. Your payment method stays secure on your phone or bank app.
Yes, we log your account activity to detect fraud and personalize your lobby. You can view your full history in Account Settings. We use this data only internally — it's never shared with third parties or used for external profiling.
We delete your personal information within 30 days of closure. Transaction records required by Indonesian law are retained separately and anonymized. You can request a final data export before deletion if needed.
No. We never sell your data to advertisers, data brokers or marketing firms. We share information only with payment processors, fraud prevention partners and legal authorities when required by law in supported regions.
We review our policy quarterly and update it when regulations change or we add new features. Material changes are emailed to you 30 days before they take effect. You can always see the change log on this page.
Contact our support team immediately via live chat or [email protected]. We can freeze your account, review the activity and help you secure it. Change your password and enable two-factor authentication if available.
Yes. Our mobile app uses the same 256-bit SSL encryption as our desktop site. All data transmitted between your phone and our servers is encrypted. Keep your app updated for the latest security patches.