oldtoto Casino & Sportsbook Data Care

This page describes what we collect when you use oldtoto and how we keep that data protected. We at oldtoto handle your personal information with care — from account registration through deposits, withdrawals, and gameplay. Our commitment is transparency: you know what we collect, why we collect it, and how we use it.

We operate across supported jurisdictions in Southeast Asia. Our servers process account data, payment records, and game activity. We comply with applicable data-protection laws in each region where we operate. This policy sets out our practices in plain language, not legal jargon.

If you have questions about your data on oldtoto, contact our support team. We respond to data requests and privacy concerns within standard review windows.

What we collect on oldtoto

We collect information in three categories: account data, payment data, and activity data.

Account data: When you register on oldtoto, we collect your email address, phone number, full name, date of birth, and residential address. We also collect identity documents (national ID, passport, or driver's license) during KYC verification. We use this data to verify your identity, prevent fraud, and comply with anti-money-laundering rules.

Payment data: We record every deposit and withdrawal. When you fund your oldtoto account via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer (mobile banking, local payment, online payment, e-wallet), we store the transaction ID, amount, timestamp, and payment method. We do not store your full card number or e-wallet password — payment processors handle that encryption. We use payment records to track account balance, detect suspicious activity, and process refunds.

Activity data: We log your gameplay — which games you play, bet amounts, win/loss outcomes, session duration, and IP address. We also track login times, device type, and browser information. This data helps us detect account abuse, improve game performance, and investigate disputes.

Note: We do not sell your personal data to third parties. We share data only with payment processors, fraud-detection vendors, and legal authorities when required by law.

How we use your data

Our primary use is account management. We verify your identity, process your deposits and withdrawals, and maintain your game history. We also use your data for security — detecting unauthorized access, preventing bonus abuse, and flagging suspicious betting patterns.

We may contact you via email or SMS for account notifications: deposit confirmations, withdrawal status updates, or security alerts. We do not send marketing emails unless you opt in. You can manage your communication preferences in your oldtoto account settings.

We use aggregated, anonymized data for analytics — understanding which games are popular, which payment methods users prefer, and how our platform performs across regions like Jakarta, Surabaya, and Bandung. This helps us improve oldtoto's service.

Cookies and tracking

We use cookies to keep you logged in, remember your preferences, and detect fraud. Session cookies expire when you close your browser. Persistent cookies remain for up to one year. We do not use cookies to track you across other websites.

Our analytics partner may place cookies to measure site traffic and user behavior. These cookies do not identify you personally — they track aggregate patterns only.

Your rights

You have the right to access your personal data on oldtoto. You can download your account information, payment history, and game records by contacting our support team. We provide this data within standard review windows.

You may request correction of inaccurate data — for example, if your address is wrong. You may also request deletion of your account and associated data, subject to legal retention requirements (we must keep payment records for anti-money-laundering compliance).

If you believe we have mishandled your data, you may lodge a complaint with your local data-protection authority.

Data security and third parties

We encrypt your data in transit using TLS (Transport Layer Security). Our servers use standard security practices — firewalls, access controls, and regular security audits. We do not claim absolute protection; no system is immune to breach. If a breach occurs, we notify affected users and relevant authorities as required by law.

Our servers may sit outside your jurisdiction. Data transfers comply with applicable cross-border rules. Payment processors (DANA, e-wallet, mobile banking, and others) handle their own data security; we are not responsible for their practices.

We retain your data for as long as your account is active, plus a retention period for legal compliance. After account closure, we delete most personal data within months, except payment records (kept for anti-money-laundering rules) and dispute records (kept for dispute resolution).

We update this policy periodically. Major changes are announced via email or in-app notification. Continued use of oldtoto after a policy update means you accept the new terms.

Our services are available only where local law permits. Users are responsible for verifying that access and use comply with their own jurisdiction's law. If you have privacy questions, contact our support team — we respond within standard review windows.