LEGAL REFERENCE

Your Privacy Matters to Us

We've built 20toto around your trust. This privacy policy explains how we collect, use and protect your personal data when you open an account, fund it through DANA...

Data ProtectionPayment SecurityAccount PrivacyTransparent PracticesYour Control
20toto Your Privacy Matters to Us

How We Handle Your Information

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

SUPPORT

Questions About Your Privacy

Email Support Reach our privacy team at [email protected] with any concerns about how we handle your data. We respond within 24 hours.
Account Settings Manage your privacy preferences directly in your account dashboard. Update contact details, review login history and control data sharing options anytime.
Data Access Requests You can request a copy of all personal data we hold about you. Submit your request through your account or email us, and we'll deliver it within 14 days.
WHY VISITORS TRUST US

Why Your Data Is Safe With Us

Encryption Standard

All payment and account data travels over SSL/TLS encryption. Your DANA, OVO, GoPay and QRIS transactions are protected by the same security protocols used by banks.

Compliance Framework

We comply with Indonesian data protection regulations and international privacy standards. Our systems are audited annually by independent security firms.

No Third-Party Sales

We never sell your personal information to advertisers, brokers or unrelated companies. Your data stays within 20toto unless you explicitly consent otherwise.

Fraud Prevention

We monitor account activity to detect and prevent unauthorized access, payment fraud and identity theft. Your security is our priority every day.

Transparent Logging

Every login, payment and withdrawal is logged and visible in your account history. You can review your activity anytime and flag anything unusual.

Incident Response

If a security breach occurs, we notify affected users within 48 hours and provide guidance on protecting your account. We maintain incident response protocols.

Consistency Across Our Platform

Same Privacy Rules EverywhereWhether you're on our live casino tables, slot lobbies or sportsbook, the same privacy protections apply. No hidden data collection between sections.
Mobile & Desktop AlignedYour privacy settings sync across all devices. Log in on your phone or desktop and your preferences, data access and security settings remain consistent.
Payment Method ParityDANA, OVO, GoPay and QRIS transactions receive identical encryption and fraud monitoring. No payment method gets less protection than another.
Account History UnifiedAll your activity — deposits, withdrawals, game sessions and support tickets — lives in one searchable history. Nothing is hidden or siloed.
Withdrawal & Refund PrivacyWhen you withdraw funds to DANA, OVO, GoPay or QRIS, we apply the same data minimization rules. Only essential details reach your payment provider.
Support Ticket ConfidentialityEvery support conversation is encrypted and visible only to you and our support team. We never share ticket content with third parties or use it for marketing.
Policy Updates NotifiedIf we change this privacy policy, we email you 30 days in advance. You can review changes and decide whether to continue using 20toto.

What Defines Our Privacy Approach

Minimal Data Collection

We ask only for information needed to verify your identity, process DANA, OVO, GoPay and QRIS payments, and deliver the platform. No unnecessary fields.

User Control First

You decide what data we collect and how we use it. Opt out of marketing emails, disable analytics tracking and manage cookie preferences in your settings.

Transparent Processing

We explain exactly why we collect each piece of data and how long we keep it. No vague terms or hidden clauses buried in fine print.

Secure Payment Flow

Your DANA, OVO, GoPay and QRIS details never touch our servers directly. Payment processing happens through PCI-DSS compliant third-party gateways.

Right to Be Forgotten

You can request account deletion anytime. We remove your personal data within 30 days, except where law requires us to retain records for compliance.

Regular Security Audits

We conduct quarterly penetration tests and annual third-party security audits. Results inform our ongoing improvements to data protection systems.

Privacy Policy Questions Answered

Payment data is encrypted end-to-end and processed through PCI-DSS certified gateways. We never store full card or wallet credentials on our servers. Each transaction is verified and monitored for fraud.

Yes. Log into your account and visit Privacy Settings to download a complete data export. You can also email [email protected] to request a formal data access report within 14 days.

No. We never sell or share your personal data with advertisers, brokers or unrelated third parties. We only share data with payment processors and compliance partners where legally required.

We retain active account data while your account exists. After closure, we keep records for seven years to comply with Indonesian financial regulations, then delete them securely.

We notify affected users within 48 hours with details of what occurred and steps to protect your account. We also file required reports with local authorities and provide free credit monitoring where applicable.

Yes. Request account deletion in your settings or email support. We remove personal data within 30 days, except transaction records required by law for financial compliance.

We use essential cookies for account security and session management. Analytics and marketing cookies are optional. Manage your preferences in Privacy Settings anytime without losing platform access.