LEGAL REFERENCE

Your privacy is how we build trust

We've put your account security and data protection at the centre of every decision we make. This is our promise to you — transparent, clear and built around...

Account SecurityPayment ProtectionData TransparencyYour Control

Tour the Lobby Read FAQ

Privacy Policy for totojitu Players

totojitu collects and processes personal data — your name, email, phone number, payment details and gameplay history — to create your account, process withdrawals and deposits via DANA, OVO, GoPay and QRIS, detect fraud and improve our service. We share data only with payment processors and where local law permits in supported Indonesian regions. Your data is encrypted and stored securely. You

have the right to access, correct or request deletion of your information. This policy is governed by the jurisdictions in which we operate. For questions about how we handle your data, reach our support team.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

HELP CHANNELS

Privacy Questions? We're Here

REVIEW SIGNALS

How We Earn Your Confidence

Encrypted Connections

Every transaction — DANA, OVO, GoPay, QRIS — travels through SSL encryption. Your payment data never leaves your session unprotected.

Third-Party Audits

Our security practices are reviewed by independent firms. We publish audit summaries so you know exactly what we've tested and verified.

Clear Data Retention

We tell you exactly how long we keep your gameplay history, payment records and personal details. Old data is deleted on schedule.

No Selling Your Data

We don't sell your personal information to marketers or third parties. Your account belongs to you, and your privacy stays with us.

Transparent Cookie Use

Our site uses cookies to remember your preferences and keep you signed in. You can control which ones you accept in your browser settings.

Incident Response Team

If a breach ever occurs, we notify affected players immediately and detail what happened, what we've done and how you're protected going forward.

Consistency Across Our Policy Suite

Privacy & Terms Alignment

Our privacy policy and terms of service use the same definitions for personal data, so you see one story across both documents.

Account Security Policy

The password and two-factor authentication rules in our account security guide mirror the protection standards outlined in this privacy statement.

Payment Processing Policy

How we handle DANA, OVO, GoPay and QRIS payments is detailed in our payment privacy addendum, which cross-references this main policy.

Cookie & Tracking Policy

Our separate cookie notice goes deeper into tracking pixels and analytics tools. It expands on the cookie section you'll find here.

Dispute & Withdrawal Policy

When you submit a payment dispute or withdrawal request, the privacy protections in our dispute policy apply alongside this statement.

Marketing Communications Policy

How we use your email and phone for promotions is governed by our comms policy, which honours the data consent choices you make here.

Data Subject Rights Procedure

Your right to access, correct or delete your data is detailed in our data rights procedure, which implements the promises we make in this policy.

What Protects Your Account

Session Timeout

Your session automatically ends after 30 minutes of inactivity. Log back in and your lobby state is restored, but your account stays locked until you authenticate.

Two-Factor Authentication

Enable 2FA on your account to add a second layer — a code sent to your phone — when you log in from a new device or location.

Activity Log Access

View every login, deposit via DANA, OVO, GoPay, QRIS, and gameplay session in your activity log. Report anything you don't recognise.

Payment Method Masking

Your full bank account or e-wallet number is never shown in your lobby or email receipts. Only the last four digits appear for your reference.

Fraud Detection System

Our system flags unusual withdrawal patterns or login attempts. We contact you to confirm before processing transactions that look out of place.

Account Recovery Tools

If your account is compromised, use our recovery form to regain access and reset your password. We verify your identity using information only you know.

Privacy Questions Answered

We collect your name, email, phone number, date of birth, address and government-issued ID for verification. We also record your payment methods — DANA, OVO, GoPay, QRIS details — and gameplay activity including wagers, wins and withdrawals.

We retain your account data for up to 7 years to comply with anti-money-laundering laws in supported regions. Personal identifiers are deleted sooner unless we're required to keep them by local regulation or an ongoing dispute.

We share payment data with our DANA, OVO, GoPay and QRIS processors only to complete your deposits and withdrawals. We may disclose data to law enforcement if legally required. We never sell your information to marketers or data brokers.

Yes. Log into your account, go to Settings > Privacy > Data Access and request a copy of all personal information we hold. We'll email a complete report within 14 days in a format you can read and download.

Your transactions are encrypted end-to-end using 256-bit SSL. Payment data passes through tokenized connections so our servers never see your full card or wallet details. Each payment is scanned for fraud before confirmation.

Change your password immediately and enable two-factor authentication if you haven't already. Contact our support team with details. We'll review your account activity, freeze any suspicious transactions and help you secure your information.

You can request deletion after your account is fully closed and all disputes are resolved. We'll delete most personal data within 30 days, though we may retain anonymous gameplay records or data needed for legal compliance.