totomantap Platform Privacy Notice

This page describes what data we collect when you use totomantap, how we store and process it, who has access to it, and what rights you have over your information. We at totomantap take data protection seriously and comply with applicable Indonesian data-protection standards when handling account details, payment information, and gaming activity.

Our services are available to users in supported jurisdictions where local law permits. When you create an account with us, you entrust us with sensitive personal information—your legal name, email address, phone number, date of birth, and identity documents required for KYC verification. We protect this data using encryption, access controls, and secure server infrastructure. We do not sell your data to third parties, nor do we share it beyond what is necessary for service delivery and legal compliance.

This privacy notice is current as of the date listed at its end. We may update it if our practices change; we will notify you of material changes via email or through the platform. Your continued use of totomantap after any update constitutes acceptance of the revised policy.

What data we collect on totomantap

We collect the following information when you create and use a totomantap account:

  • Account registration data: Legal name, email address, phone number, date of birth, username.
  • Identity verification: Photograph of your Indonesian KTP or passport, address proof if requested, national ID number.
  • Payment information: Payment method details (e-wallet or bank account linked to your deposit method), transaction history showing which payment channels you use (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet).
  • Gaming activity: Spins, bets, tournament participation, slot game titles played (Aviator, Sweet Bonanza, Gates of Olympus, Fortune Tiger, Mahjong Ways), live-dealer session logs, sports markets viewed or engaged with (Liga 1, Piala AFF, Champions League, Premier League).
  • Account security: Login timestamps, IP addresses, device information, two-factor authentication logs.
  • Communications: Support tickets, emails, in-app chat messages between you and our support team.

We collect this data to operate totomantap, verify your identity, process deposits and withdrawals, detect fraud, comply with anti-money-laundering (AML) regulations, and respond to your inquiries. We do not collect your data for marketing purposes without your explicit consent. If you provide additional information (such as marketing preferences), we use it only in the manner you specify.

Data minimization: We collect only data necessary to deliver our service. We do not ask for unnecessary personal details, and we retain data only as long as we need it for the stated purposes.

How we use your data on totomantap

We use your data for the following purposes:

  • Service delivery: Creating and maintaining your account, processing deposits and withdrawals, hosting gaming sessions, managing tournaments.
  • Compliance: KYC verification, anti-money-laundering (AML) checks, fraud detection, dispute resolution, legal investigation requests.
  • Support: Responding to your questions, investigating account issues, handling withdrawal delays or payment problems.
  • Security: Protecting against unauthorized access, detecting suspicious activity, preventing fraud and abuse.
  • Analytics and improvement: Understanding platform usage patterns to improve game selection, payment flow, and customer experience.

We do not use your data for automated decision-making that significantly affects you (such as denying an account) without human review. If we suspect unauthorized activity on your account, we may restrict access temporarily while we investigate; we will notify you and provide an explanation as soon as practicable.

Third parties and data processors on totomantap

We may share your data with third-party processors and partners to operate totomantap:

  • Payment providers: mobile banking, local payment, online payment, e-wallet, mobile banking, local payment partners, and banks (online payment, e-wallet, mobile banking, local payment) receive minimal data needed to process your deposits and withdrawals (name, account identifier, transaction amount).
  • Game suppliers: Slot game developers (Pragmatic Play, PG Soft, Habanero) and live-dealer studios (Evolution Gaming) receive anonymized gaming session data for compliance and audit purposes, not your personal identity.
  • Compliance and fraud detection: Third-party services may assist with KYC verification, identity fraud checking, and anti-money-laundering compliance.
  • Legal authorities: We comply with valid legal orders, court summons, or police investigations by sharing necessary data.

We ensure all third-party processors sign data-protection agreements and handle your data only for specified purposes. We do not authorize third parties to use your data for their own marketing or unrelated purposes.

Data storage location

Our servers may sit outside your jurisdiction. We use secure data centres with encryption and backup systems. By using totomantap, you consent to your data being stored and processed in these locations, subject to applicable data-protection law.

Your rights regarding data on totomantap

You have the following rights over your data held by totomantap:

  • Access: You can request a copy of all personal data we hold about you. Contact our support team with a formal request, and we will provide it within a reasonable timeframe.
  • Correction: If your data is inaccurate or incomplete, you can ask us to correct it. You can update some information directly in your account settings.
  • Deletion: You can request deletion of your account and associated data, subject to legal retention requirements (such as AML compliance). We will honor deletion requests unless we are required by law to retain the data.
  • Data export: You can request that we export your data in a portable format (e.g., CSV). We provide this at no cost.
  • Objection: You can object to certain uses of your data. However, we may continue processing if required by law or to operate the platform.

To exercise any of these rights, contact our support team in English during business hours. We process requests within 30 days in most cases. We may ask you to verify your identity before processing a request.

Cookies and tracking technologies on totomantap

We use cookies and similar technologies to operate totomantap and improve your experience. Cookies are small files stored on your device; they help us remember your login session, language preference, and account settings. We use two types:

  • Essential cookies: Required for account login, security, and payment processing. These cannot be disabled.
  • Preference and analytics cookies: Help us understand how you use totomantap (game choices, tournament participation patterns). These are optional; you can disable them in your browser settings without affecting core functionality.

We do not use third-party tracking pixels or share cookie data with advertisers. Our analytics are internal only, used to improve platform performance and game selection.

Data retention on totomantap

We retain your data for as long as necessary to operate totomantap and comply with law. Retention periods vary:

  • Active account data: Retained while your account is active and for three years after account closure (for AML and dispute resolution).
  • Transaction records: Retained for seven years per Indonesian financial-regulation requirements.
  • Gaming session logs: Retained for two years for audit and dispute purposes.
  • Support communications: Retained for one year after resolution for record-keeping.

After retention periods end, we securely delete or anonymize your data. If you request account deletion before retention periods end, we delete what we can immediately and anonymize the rest per regulatory requirements.

Security and data breach notification on totomantap

We at totomantap implement industry-standard security measures to protect your data. Our infrastructure includes encryption (TLS/SSL for data in transit), access controls (role-based permissions for employees), and regular security audits. We train our staff on data protection and maintain strict confidentiality agreements.

No security system is perfect. If we detect a data breach that affects your information, we will notify you promptly via email or account notification. We will describe the breach, what data was affected, what steps we are taking to contain it, and what you can do to protect yourself (e.g., change your password, monitor your accounts, report suspicious activity to payment providers like DANA, e-wallet, or your bank).

We recommend enabling two-factor authentication (2FA) on your totomantap account and using a strong, unique password. Do not share your login credentials with anyone, and be cautious of phishing emails claiming to be from totomantap support.

Contact us on totomantap privacy matters

If you have questions about our privacy practices, wish to exercise your rights, or want to report a data concern, contact our support team:

  • In-app support chat: Available during business hours in English.
  • Email: Submit a privacy or data-access request through our contact form.
  • Account settings: Visit the About us page for additional contact options.

We handle all privacy requests confidentially and respond within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with relevant data-protection authorities in your jurisdiction.

We at totomantap remain committed to protecting your privacy. This policy reflects our current practices; we update it as our service evolves. Thank you for trusting us with your data.