LEGAL REFERENCE

Your Privacy Comes First at kiutoto

We handle your account details, payment information and gaming history with the same care we put into our lobby. This policy explains exactly how we collect, use and...

Data SecurityPayment ProtectionYour ControlTransparencyIndonesia-Compliant
View Game Library Read FAQ
kiutoto Your Privacy Comes First at kiutoto

How We Protect Your Information

kiutoto collects personal data — your name, email, phone number and payment details — only to set up your account, process transactions and keep your gaming history secure. We use encryption for all sensitive information and never share your data with third parties without your consent, except where local law in supported regions requires it. Your DANA, OVO, GoPay and QRIS transactions

are handled through secure payment gateways. We retain your data for as long as your account is active, plus a retention period for compliance purposes.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

24/7 SUPPORT

Questions About Your Privacy

Email Support Reach our privacy team at [email protected] with any...
Account Settings Manage your data preferences, communication settings and privacy...
Data Requests Request a copy of your personal data, corrections...
EDITORIAL CLARITY

Why Your Data Is Safe With Us

Encryption Standard

All account logins, payment details and gaming records use industry-standard SSL encryption to prevent unauthorized access.

Secure Payment Gateway

DANA, OVO, GoPay and QRIS transactions route through certified payment processors that meet Indonesia's financial security standards.

No Third-Party Sales

We never sell your personal information to advertisers, data brokers or marketing firms. Your data stays yours.

Regular Audits

Our security infrastructure undergoes regular third-party audits to identify and fix vulnerabilities before they become risks.

Compliance Team

A dedicated compliance officer oversees data handling practices and ensures we meet Indonesia's privacy and gaming regulations.

Incident Response

If a data breach occurs, we notify affected users within 48 hours and provide guidance on protecting your account.

WHY THIS PLATFORM

How Our Policy Stacks Up

01

Data Minimization

We collect only the information needed to run your account and process payments — no unnecessary tracking or profiling.

02

Transparent Practices

This policy is written in plain language, not legal jargon. We explain what we do and why in terms you can understand.

03

User Rights

You can access, correct, download or delete your personal data anytime through your account or by contacting support.

04

Cookie Control

We use cookies only for account security and lobby preferences. You can disable non-essential cookies in your browser settings.

05

No Selling Data

Unlike many platforms, we don't monetize your information. Your data is a trust asset, not a revenue stream.

06

Indonesia-First Compliance

Our policy aligns with Indonesian data protection standards and payment regulations for DANA, OVO, GoPay and QRIS users.

07

Annual Review

We update this policy yearly to reflect new security practices, regulatory changes and user feedback from our community.

QUICK SIGNAL

What Defines Our Privacy Approach

01
Account-First Design Every privacy decision we make starts with your account security. Your login, balance and transaction history are protected first.
02
Payment Integrity DANA, OVO, GoPay and QRIS details are encrypted end-to-end. We never store full card numbers or wallet credentials on our servers.
03
Lobby Transparency Your gaming history, session logs and account activity are visible to you anytime. We keep no hidden records or shadow profiles.
04
Consent-Based Comms We only send you emails, SMS or in-app messages about your account, promotions you've opted into, or security alerts.
05
Regional Respect We follow Indonesia's data residency and privacy laws. Your information stays within supported regions unless you request otherwise.
06
Breach Accountability If we fail to protect your data, we take responsibility. Our incident response plan prioritizes your notification and recovery.

Privacy Questions Answered

We collect your name, email, phone number, date of birth and payment details (DANA, OVO, GoPay, QRIS or bank account) to create your account, verify your identity and process transactions. We also log your gaming activity and session data for security and account history purposes.

We retain your account data for 12 months after closure to comply with Indonesian financial regulations and resolve any outstanding disputes. After that period, we delete or anonymize your personal information unless legal obligations require longer retention.

Yes. Log into your account, go to Settings > Privacy, and select 'Download My Data'. We'll compile your profile, transaction history and gaming records into a file and email it to you within 7 business days.

We share data only with payment processors (for DANA, OVO, GoPay, QRIS transactions), hosting providers and legal authorities where required by Indonesian law. We never sell your information to advertisers or data brokers.

All payment information is encrypted using SSL 256-bit encryption and stored on PCI-DSS compliant servers. We never retain full card numbers or wallet credentials. Payment processing happens through certified gateways that meet Indonesia's financial security standards.

We notify all affected users within 48 hours via email and in-app alert. We'll provide guidance on securing your account, offer free credit monitoring if applicable, and work with authorities to investigate. Our incident response team prioritizes your protection.

Absolutely. Every marketing email and SMS includes an unsubscribe link. You can also manage communication preferences in your account settings under Notifications. We'll keep sending security alerts and transaction confirmations regardless.