wartoto Privacy Policy

This page describes what we collect when you use wartoto and how we keep that data protected. When you create an account, fund it, or access our live-dealer tables, sportsbook, or slot games, we gather certain information — your email, identity documents for verification, payment details, and activity logs. We treat this data as confidential and apply industry-standard encryption and access controls.

We operate from data centres outside Indonesia, which means your personal information may be stored or processed in jurisdictions with different privacy laws. We comply with the terms set out in this policy regardless of server location. Your account is governed by the legal framework applicable in your jurisdiction, and we honor requests for data access, correction, or deletion as permitted by local law.

This policy outlines our practices with respect to data collection, use, third-party sharing, cookies, and your rights. If you have questions about how we handle your information, our support team is available in English and Indonesian via chat, email, or phone.

Data Collection and Use on wartoto

What We Collect

When you register for a wartoto account, we collect your email address and a password. When you complete identity verification (KYC), we request a copy of your Indonesian ID card, passport, or driving licence and may verify your address using a utility bill or government document. We securely store these images and extract key data (name, date of birth, document number) for compliance purposes.

During deposits and withdrawals, we collect payment details tied to your chosen method — DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank account (mobile banking, local payment, online payment, e-wallet). We do not store your full payment credentials; instead, our payment processors handle that securely, and we keep only transaction references and confirmation codes. When you play on our live-dealer tables or sportsbook, we log your account activity — games played, bets placed, time stamps, and outcomes — for regulatory compliance and dispute resolution.

We also collect technical data: your IP address, device type, browser version, and approximate location (inferred from IP). We use this to detect fraud, enforce geographic restrictions (since our services are available only where local law permits), and troubleshoot technical issues. Our servers may sit outside your jurisdiction, so this data may be transferred internationally.

How We Use Your Data

We use your data for the following purposes:

  • Account management: Your email and password let us authenticate you, reset forgotten credentials, and maintain your account balance and game history.
  • Regulatory compliance: Your KYC documents and transaction records help us comply with anti-money-laundering (AML) and know-your-customer (KYC) regulations applicable in your jurisdiction.
  • Payment processing: We share payment data with our processors (mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, and bank networks) to execute deposits and withdrawals. These third parties are contractually bound to protect your data.
  • Fraud prevention: We analyze your activity patterns, IP address, and device information to detect unauthorized access, duplicate accounts, or suspicious behavior.
  • Customer support: Our support team may access your account details to assist with password recovery, payment questions, or game disputes. All support conversations are logged for quality and compliance purposes.
  • Analytics and improvement: We aggregate anonymized data (not linked to individuals) to understand user behavior, identify popular games and markets, and optimize our platform.
International Data Transfer: Our servers may sit outside Indonesia. Your data may be transferred to and stored in jurisdictions with different privacy laws. By using wartoto, you consent to this international transfer subject to the protections outlined in this policy.

Third-Party Processors and Sharing

We share your data with the following categories of third parties:

  • Payment processors: online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, and bank networks (mobile banking, local payment, online payment, e-wallet) receive your transaction details to process deposits and withdrawals. They are contractually obligated to protect your data.
  • Cloud hosting providers: Our servers are hosted by third-party cloud providers. We have signed data processing agreements with them to ensure your data is encrypted and secure.
  • Regulatory and law enforcement: If required by law, court order, or legitimate request from regulatory authorities, we may disclose your data to comply with legal obligations or prevent fraud.
  • Service vendors: We may engage analytics providers, email services, or support platforms to help us operate the site. These vendors access only the data necessary to perform their functions and are bound by confidentiality agreements.

We do not sell your personal data to third parties for marketing purposes. We do not share your account balance, game history, or payment details with advertisers or unrelated businesses.

Cookies and Tracking Technologies

When you access wartoto via browser, we use cookies to maintain your session, remember your preferences, and track your activity for fraud detection. Session cookies expire when you close your browser; persistent cookies may remain for up to one year. You can disable cookies in your browser settings, but doing so may impair your ability to log in or use our platform fully.

We may also use tracking pixels and similar technologies to measure page performance and understand how users navigate our site. These tools collect non-personally identifiable information (e.g., page views, time spent, browser type). This data helps us improve user experience and identify potential technical issues affecting players across Jakarta, Surabaya, Bandung, Medan, Semarang, or other regions.

Data Retention

We retain your account data as long as your account remains open. If you close your account, we store your personal and transaction data for up to seven years to comply with AML regulations and resolve potential disputes. After that period, we securely delete or anonymize your information. If you request deletion before the retention period expires, we will comply subject to legal and regulatory constraints — for example, we may retain transaction records if required by law or pending a regulatory inquiry.

Your Rights and Our Commitments on wartoto

Your Rights

Under applicable privacy law, you have the right to access, correct, or delete your personal data. You can request this via our support team — contact us in English or Indonesian through chat, email, or phone. We will respond to data access requests within a reasonable timeframe and will make corrections if you identify inaccuracies.

You can also request that we restrict processing of your data in certain circumstances, or request that your data not be used for marketing purposes (though we already do not share your data for third-party marketing). If you wish to withdraw consent for any data processing, you can do so by contacting support, though this may limit your ability to use wartoto.

Your rights are subject to applicable law in your jurisdiction. If you believe we have mishandled your data, you have the right to lodge a complaint with the relevant data protection authority in your region.

Our Security Commitments

We apply industry-standard encryption (SSL/TLS) to all data transmitted between your browser and our servers. Your account credentials are hashed and salted so that even our staff cannot access your password. Payment details are processed through PCI-compliant third parties and are not stored in plain text on our systems.

Our data centres employ physical security measures (access controls, surveillance) and technical controls (firewalls, intrusion detection, regular security audits). We conduct penetration testing and vulnerability assessments regularly. However, no security system is perfect — we cannot guarantee absolute protection against sophisticated cyberattacks or insider threats. We encourage you to use a strong, unique password and enable two-factor authentication if available.

If we discover a data breach affecting your personal information, we will notify you as soon as reasonably possible via email and through our platform, and we will comply with notification requirements under applicable law.

On wartoto, your data is treated as a core asset requiring protection. We encrypt it, restrict access, and process it only for legitimate business purposes tied to your account and our regulatory obligations.

Data protection principle

Policy Updates and Contact

We may update this privacy policy from time to time. Material changes will be communicated to you via email or a notice on our platform. Your continued use of wartoto after such notice constitutes acceptance of the updated policy. We encourage you to review this page periodically so you remain informed of how we protect your data.

If you have questions or concerns about our privacy practices, contact our support team:

  • Chat support: Available via the help icon on wartoto during business hours (English and Indonesian)
  • Email: Support address available through our contact page
  • Phone: Multilingual support line during business hours

Our services are available only where local law permits. Your use of wartoto and access to your data are subject to the legal framework applicable in your jurisdiction. If you have concerns about jurisdiction-specific compliance, our support team can clarify which protections and restrictions apply to your account.