Reference

How toto15 Protects Your Personal Data

Your privacy matters to us at toto15 — every piece of personal data you share, from account registration to payment transactions via DANA, OVO, GoPay and QRIS, is…

Encrypted account dataDANA & OVO transaction privacyRight to request deletionNo third-party data saleQRIS payment data protected
toto15 How toto15 Protects Your Personal Data
PRIVACY CONTACT PATHS

Reach Us About Your Privacy Rights

If you want to review, correct or remove personal data held on your toto15 account, our privacy support team is available 24 hours a day, 7 days a week.

Live Chat Available 24/7 directly on toto15.click — start a chat session, state your privacy request and our team will guide you through the data review or deletion process step by step.
Email Privacy Team Send a detailed request to [email protected]. Include your registered account email and the specific data action you need — correction, access or deletion. We respond within 24 hours.
In-App Messaging Log into your toto15 account on mobile or desktop, navigate to Help Centre, then select Privacy Request from the menu to submit your request directly from your authenticated session.
DATA HANDLING PRACTICES

How We Keep Your Account Data Secure

We apply layered security across every part of your data lifecycle — from the moment you open your account to the point where payment confirmation arrives from DANA, OVO, GoPay or QRIS.

Cookie Management

We use session cookies for account authentication and analytics cookies to understand how pages are used. You can adjust cookie preferences in your browser settings at any time without affecting your account login.

Payment Data Isolation

DANA, OVO, GoPay and QRIS transaction identifiers are stored in an isolated payment vault, separate from your profile data. No payment processor receives your full account activity history.

Data Retention Schedule

Active account data is retained while your account remains open. If you close your account, we delete non-essential profile data within 30 days and retain only records required by applicable local obligations.

Account Security Steps

Two-step verification is available on every toto15 account. We recommend enabling it under Settings → Security so that even if your password is compromised, no one else can access your personal data.

Third-Party Sharing Policy

We do not sell your personal data to any third party. Data is shared with payment processors like DANA and GoPay only to the extent needed to complete your transaction, under strict data-processing agreements.

Requesting Data Changes

Submit a data-access or correction request via live chat or email any day of the week. We verify your identity through your registered email before making any change to the data held on your account.

Your Privacy Questions, Answered

Below are the questions we hear most often from people in Indonesia who want to understand exactly how their data is handled on toto15. If your question is not listed, reach out through live chat or email and we will give you a specific answer tied to your account.

We collect your full name, email address, phone number, date of birth and the payment identifiers linked to DANA, OVO, GoPay or QRIS. We collect only what is necessary to operate your account and process transactions securely.

We share data only with payment processors — DANA, OVO, GoPay, QRIS — to complete your transactions, and only the data each processor strictly needs. We do not sell, rent or trade your personal data to any outside marketing or data-broker company.

Send a data-access request to [email protected] from your registered email address, or raise it via in-app messaging under Help Centre → Privacy Request. We will deliver a summary of your held data within 7 working days.

Yes. Submit a deletion request through live chat or email. We will remove non-essential profile data within 30 days of account closure. Some records may be retained where retention is required under applicable local law — we will tell you clearly what those records are.

Payment identifiers for DANA, OVO, GoPay and QRIS are stored in a separate encrypted vault, isolated from your profile. Data is transmitted using TLS 1.3 encryption, and no full payment credentials are stored on our main servers.

We use authentication cookies to keep your session active and analytics cookies to improve page performance. You can manage or block non-essential cookies through your browser settings. Blocking analytics cookies does not affect your ability to log in or make payments.

Non-essential profile data is deleted within 30 days of account closure. Transaction records and verification documents required under local law are retained only for the period that local law specifies, then permanently removed. The full timeline depends on local law.