LEGAL REFERENCE

Your data stays yours at toto 22

We believe your account, payment details and personal information belong to you. This policy shows exactly how we handle, store and protect what you share when you open...

Account SecurityData ProtectionPayment PrivacyTransparent PracticesYour Control
Browse the Lobby Read FAQ
toto 22 Your data stays yours at toto 22

Our privacy commitments for Indonesia

toto 22 operates under the laws and regulations applicable to our platform in supported Indonesian regions. We collect only the information needed to verify your identity, process your deposits and withdrawals through DANA, OVO, GoPay and QRIS, and keep your account secure. Your personal data is encrypted, stored separately from transaction records, and never sold to third parties. We may share data

with payment processors and compliance partners where necessary. You can request access, correction or deletion of your data at any time.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

24/7 SUPPORT

Questions about your privacy?

Email Support Contact our privacy team at [email protected] with any...
Live Chat Open your account and reach our support agents...
Privacy Request Form Submit a formal data access, correction or deletion...
WHY VISITORS TRUST US

What makes our privacy practice real

Encryption Standard

All data transmitted between your device and our servers uses TLS 1.2 or higher. Stored payment information is encrypted at...

Regular Audits

We conduct annual security audits to check for vulnerabilities. Third-party firms test our payment flows and data handling processes independently.

Compliance Partner

Our payment processors for DANA, OVO, GoPay and QRIS maintain their own compliance certifications. We verify these quarterly to keep...

Data Minimisation

We ask only for information required by law: name, date of birth, ID number, phone and address. No unnecessary fields...

No Third-Party Sales

We do not sell, rent or share your personal data with marketers, data brokers or advertisers. Period. Your privacy is...

Incident Response Plan

If we detect a breach, we notify affected accounts within 48 hours and provide clear steps to secure your data...

How our privacy policy stands up

Data RetentionWe retain your account data for seven years after closure, as required by Indonesian financial regulations. Deleted data is purged within 30 days.
Cookie UseEssential cookies keep you logged in and process your bets. We do not use tracking cookies for advertising. Optional analytics cookies require your consent.
Third-Party AccessYour data reaches payment providers, fraud detection partners and compliance auditors only. No ad networks, no social platforms, no data brokers touch your file.
QRIS, DANA, OVO, GoPay PrivacyWhen you deposit via these methods, their privacy policies also apply to your transaction. We enforce no weaker standard than theirs. Check their terms too.
Cross-Border TransfersYour account lives in a jurisdiction that supports Indonesian players. Data does not leave this region unless required by law or a court order.
User RightsYou can download your account history, request corrections, export your data, and ask us to delete it. All requests processed within 30 days of receipt.
Policy UpdatesWe update this policy only when regulations change or we add services. Changes are notified by email. Continued use means you accept the new terms.
AT A GLANCE

How privacy shapes your account

01
One Login, Full Control Your credentials are yours alone. Two-factor authentication is optional but recommended. You can change your password and recovery email anytime from settings.
02
Payment Data Isolation Your DANA, OVO, GoPay or QRIS details are never stored on our servers. Payment processors handle this securely. We store only transaction IDs and amounts.
03
Account History Access Log in and download your complete transaction, deposit and withdrawal history as a PDF. Statements are yours to keep, audit or share with authorities.
04
Opt-Out of Marketing Unsubscribe from email promotions in one click. We respect your choice. Transactional emails (deposits, withdrawals, account alerts) will still reach you.
05
Session Security Your session expires after 30 minutes of inactivity. Log out manually anytime. Using a shared device? Clear your browser cache after every visit.
06
Dispute Support If you spot unauthorised activity on your account, contact support immediately. We freeze the account, investigate, and protect your balance during review.

Privacy questions answered

We collect your name, date of birth, identity number, phone number, address and email during account creation. We ask for proof of identity once. Deposit and withdrawal data is recorded for audit purposes only. We do not track your browsing outside our platform.

Your DANA, OVO, GoPay or QRIS credentials are handled directly by those payment providers. We never see your full card number or wallet password. We store only a token that proves the transaction completed. All communication is encrypted end-to-end.

We share data only with payment processors, compliance auditors and fraud-detection services. We never sell your information to marketers or data brokers. Any mandatory legal disclosure is made only under court order in supported Indonesian regions.

Active account data is retained for seven years after you close your account, as required by Indonesian regulations. Deleted personal records are purged within 30 days. You can request deletion anytime by contacting [email protected].

You can access, download, correct or delete your personal data at any time. Submit requests via your account settings or email [email protected]. We process these within 30 days. You can also opt out of marketing emails instantly.

We use essential cookies to keep you logged in and process your bets. Optional analytics cookies track page visits only with your consent. No advertising cookies or third-party trackers. You can disable cookies in your browser, but this may affect your account.

If we detect unauthorised access, we notify affected accounts within 48 hours. We provide steps to secure your account, freeze suspicious activity and offer free credit monitoring if needed. We also file a report with relevant Indonesian authorities.