gajahtotoPrivacy Policy

This page describes what we collect when you use gajahtoto and how we keep that data protected. We at gajahtoto take your privacy seriously. We collect only the information necessary to operate our platform, verify your identity, process your payments, and comply with financial regulations in the jurisdictions where we operate.

Our platform operates across multiple data centres and connects to payment processors in Indonesia and internationally. Your account information, KYC documents, and transaction history are stored on encrypted servers. We do not sell your personal data to marketing firms, nor do we share it with third parties except where required by law or necessary to process your transactions through DANA, e-wallet, mobile banking, local payment, online payment, or bank partners.

We encourage you to read this policy carefully. If you have questions about how we handle your data, our support team is available during business hours to clarify any point. Your privacy choices and rights are outlined below.

What Data We Collect on gajahtoto

We collect personal information in several categories. When you register an account on gajahtoto, we require your email address, full name, date of birth, and phone number. During KYC verification, we ask for a scanned copy of your Indonesian ID (KTP, passport, or driver's license) and proof of address such as a utility bill, rental agreement, or government-issued document dated within the last three months.

We collect transaction data automatically. Every deposit, withdrawal, game spin, and bet is logged on gajahtoto with a timestamp, amount, and outcome. This information appears in your Recently Played history and is used for withdrawal verification, dispute resolution, and anti-fraud checks. We also collect technical data: your IP address, device type, browser version, and access times. This data helps us detect account compromise and maintain platform security.

Document storage on gajahtoto

We store your KYC documents in encrypted format on secure servers. We do not print, photograph, or share your ID or proof-of-address documents with third parties except where required by law or court order.

We do not collect sensitive biometric data, health information, or financial account numbers. When you link a payment method on gajahtoto, we do not store your full card number or bank account details; instead, we receive a tokenized reference from your payment processor (DANA, e-wallet, mobile banking, local payment, or your bank) that allows us to initiate transactions without handling raw account data.

How We Use Your Data on gajahtoto

We use your personal information to operate our platform. Your email and name allow us to verify your account and send important notifications (account confirmations, withdrawal status, security alerts). Your phone number may be used for two-factor authentication or account recovery. Your KYC documents verify that you are of legal age and establish your identity for compliance purposes.

Transaction data on gajahtoto is used for withdrawal verification, anti-fraud checks, and dispute resolution. When you request a withdrawal, our compliance team reviews your Recently Played history to confirm that funds come from legitimate gameplay, not from external sources or money laundering. Technical data (IP address, device fingerprint) helps us detect account takeovers and block access from prohibited jurisdictions.

We do not use your data for marketing unless you explicitly opt in. We do not sell your contact information to third parties. We do not profile you for targeted advertising. Your data on gajahtoto is used only to deliver the service you requested: account management, game access, and payment processing.

Data Protection and Your Rights on gajahtoto

We encrypt all personal data in transit (using HTTPS/TLS) and at rest (using AES-256 encryption on our servers). Our data centres are located in multiple jurisdictions, including regions outside Indonesia. This means your data may be stored outside your home country and subject to foreign data protection laws. By using gajahtoto, you consent to cross-border data transfer and acknowledge that local jurisdiction protections may not apply to data stored abroad.

We retain your account information for as long as your account is active. If you close your account, we retain transaction records for three years minimum to comply with anti-money-laundering and financial reporting regulations. KYC documents (ID, proof of address) are retained for three years after account closure, then securely destroyed.

Access request
You may request a copy of your personal data on gajahtoto by contacting our support team. We provide a response within 30 days.
Correction
You can update your email, phone, and name through your account settings on gajahtoto. KYC document updates require compliance review.
Deletion
We can delete your account and most associated data upon request, but we retain transaction records for three years as required by law.

Third-Party Partners and gajahtoto Data Sharing

We share your data with third parties only when necessary. Payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment) receive your name, email, and transaction amount to process deposits and withdrawals. These processors are bound by their own privacy policies and do not use your information for purposes outside payment processing.

Our anti-fraud vendor receives your IP address, device fingerprint, and transaction history to detect suspicious activity on gajahtoto. Our email service provider receives your email address to send account notifications. Neither of these vendors uses your data for marketing or secondary purposes. We do not permit them to sell or share your information.

We may disclose your data if required by law, court order, or government request. In such cases, we notify you unless prohibited by law. We do not voluntarily provide user data to law enforcement without legal process.

Cookies and Tracking on gajahtoto

We use cookies and local storage to remember your login session, language preference, and gameplay history on gajahtoto. These cookies are essential for platform functionality; without them, you would need to re-enter your credentials each time you visit. We do not use cookies for tracking or profiling across other websites.

You can disable cookies in your browser settings, though doing so may affect gajahtoto functionality. We do not place third-party tracking pixels or analytics cookies that profile your behavior across the internet. Our platform analytics use aggregated, anonymized data only (e.g., "many active users accessed gajahtoto from Jakarta today"); we do not track individuals across sessions.

Contact Us About Your Privacy on gajahtoto

If you have questions about how we handle your data, wish to request access to your personal information, or want to lodge a privacy complaint, contact our support team during business hours. We respond to all privacy requests within 30 days. If you are unsatisfied with our response, you may escalate to our compliance manager for review.

We at gajahtoto remain committed to protecting your privacy and maintaining the security of your account. This privacy policy is effective as of the date listed in your account settings. We may update this policy to reflect changes in our practices or legal requirements. We will notify you of material changes via email or in-platform alert. Your continued use of gajahtoto after such notification constitutes your acceptance of the updated policy.