Your Data. Our Responsibility.
We handle your account details, payment history and personal information with the same care we put into our lobby. This policy explains exactly how we collect, store and...
What We Collect and Why
When you join diamond toto, we collect your name, email, phone number and date of birth to verify your identity and comply with local regulations in supported regions. Your payment information—whether you're using DANA, OVO, GoPay or QRIS—is encrypted and processed through secure payment gateways. We also track your gameplay activity, account balance and transaction history to deliver your lobby experience, prevent
fraud and meet our obligations under Indonesian law where applicable. We never sell your data to third parties. Your information stays with us to run your account and improve our service.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
Questions About Your Privacy
Email Support
Reach our privacy team at [email protected] with any questions about how we handle your data, your rights or how to request account information.
Account Settings
Log in and visit your account settings to review what personal information we hold, update your details or adjust your communication preferences anytime.
Data Requests
You can request a copy of all personal data we hold about you. Submit your request via email and we'll respond within 14 business days with your complete data file.
How We Protect Your Trust
Encryption Standard
All data transmitted between your device and our servers uses TLS 1.2 encryption. Your payment details and account credentials are never stored in plain text.
Regular Audits
We conduct quarterly security audits and penetration testing to identify and fix vulnerabilities before they affect your account or payment information.
Access Controls
Only authorised staff can access your personal data, and only when needed to process your requests, investigate issues or comply with legal obligations.
Breach Protocol
If we discover unauthorised access to your data, we notify you within 48 hours and provide guidance on protecting your account and payment methods.
Retention Limits
We keep your data only as long as needed to run your account and meet legal requirements. After account closure, we delete personal information within 90 days.
Third-Party Vendors
Payment processors, hosting providers and analytics partners sign data-protection agreements. We audit their practices annually to ensure your information stays secure.