sitoto Platform Privacy Notice
This page describes what data we collect when you use sitoto and how we keep that information protected. Our privacy approach reflects the regulatory requirements of online gaming platforms—we collect identity documents for account verification, payment information for deposits and withdrawals, and activity logs for compliance. We treat your data as a core asset requiring careful handling, encryption, and restricted access.
We at sitoto do not sell your personal information to marketing companies or data brokers. We do not use your data to build advertising profiles. We do share information with payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) and regulatory authorities when legally required. Our privacy commitments are backed by industry-standard encryption, access controls, and data retention limits.
If you have questions about your data rights or how we handle information on sitoto, contact our support team through your account dashboard or review the detailed sections below.
What Data We Collect on sitoto
We collect several categories of data when you create an account and use sitoto. Your registration data includes your full legal name, date of birth, phone number, and email address. You provide this directly during account setup.
Our sitoto verification process requires identity documents—a national ID card, passport, or driver's license—plus proof of address (utility bill, bank statement, or government letter dated within three months). We store digital copies of these documents indefinitely for regulatory compliance and dispute resolution.
Payment data on sitoto includes the payment methods you link to your account: wallet names, bank account numbers, or payment provider account identifiers. We do not store full credit card numbers or payment provider passwords—those remain with your bank or wallet provider.
We also collect transaction records: all deposits, withdrawals, tournament entries, game participation, and account activity. These records are logged automatically and retained for a minimum of seven years to support dispute resolution, tax compliance, and regulatory audits.
How We Use Your Data on sitoto
We use the data we collect on sitoto for five primary purposes. First, we use your identity and address documents to verify your account and comply with know-your-customer (KYC) regulations in our operating jurisdictions. Second, we use your payment information to process deposits and withdrawals. Third, we use your transaction records to maintain your Betting History, resolve disputes, and detect fraud or policy violations.
Fourth, we use your contact details (email and phone) to send account notifications: deposit confirmations, withdrawal approvals, tournament schedules, and security alerts. Fifth, we may use anonymized or aggregated data (stripped of identifying information) to improve our sitoto platform, understand usage patterns, and develop new features for Aviator, Sweet Bonanza, Gates of Olympus, Fortune Tiger, and Mahjong Ways tournaments.
We do not use your data for marketing to third parties. We do not sell your contact information to other platforms. We do not use your data to build behavioral profiles for advertising.
Our data practices on sitoto prioritize security, transparency, and regulatory compliance over collection volume.
Third Parties and Data Processors
We share your data with select third parties to operate sitoto. Our payment processors (the providers behind DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, and bank transfers) receive payment information necessary to execute deposits and withdrawals. We do not control how these providers handle your data—you should review their privacy policies directly.
We also work with fraud-detection services that analyze transaction patterns to identify suspicious activity on sitoto. These services receive transaction data but do not receive your identity documents or contact information. Our hosting and infrastructure providers (which may be located outside Indonesia) store our servers and databases; data in transit and at rest is encrypted, so even these providers cannot read your personal information without decryption keys.
We may share data with regulatory authorities, law enforcement, or government agencies if we are required to do so by legal process (subpoena, court order, or regulatory request). We will notify you of such requests unless legally prohibited.
Data Security on sitoto
We at sitoto use industry-standard encryption (SSL/TLS for data in transit, AES-256 for data at rest) to protect your information. Your login credentials are hashed, not stored in plain text. We enforce strong password requirements and offer two-factor authentication as an additional security layer.
We limit access to your data internally—only sitoto staff members who require access for compliance, support, or fraud investigation can view your information. We conduct regular security audits and maintain activity logs of who accesses your data and when.
We do not guarantee that our security measures are absolute. No system is immune to all attacks. If we identify a security breach affecting your data, we will notify you and regulatory authorities as required by law.
Your Rights Regarding Data on sitoto
You have the right to access the personal data we hold about you. To request a copy of your data, contact our support team through your account dashboard and specify what information you want to access. We respond to data access requests within 30 days.
You have the right to request correction of inaccurate data. If your profile information on sitoto is incorrect, you can update it through your Account Settings or request that we make corrections. Identity or address documents may require re-verification if changed significantly.
You have the right to request deletion of your data, subject to legal limitations. We cannot delete transaction records or identity documents that we are required to retain for compliance (typically seven years for transactions, indefinitely for KYC documents). We can delete optional marketing data or other information that is not legally required.
You may also request that we restrict the use of your data in certain ways, or that we provide your data in a portable format suitable for transfer to another platform (where technically feasible).
-
Submit a data access request
Contact sitoto support and specify the data you want to access.
-
We respond within 30 days
We provide your data or explain if legal restrictions apply.
-
Exercise your rights
Request correction, deletion, or data portability through the same channel.
How Long We Keep Your Data
We retain different categories of data for different periods on sitoto. Your identity documents (ID, proof of address) are retained indefinitely to support regulatory compliance and dispute resolution. Your transaction records are retained for a minimum of seven years to support tax compliance, dispute resolution, and regulatory audits. Your account profile (name, contact details) is retained while your account is active and for one year after you close the account, in case disputes arise.
Temporary operational data (like session tokens and login logs) is retained for 90 days. Marketing or preference data is retained only while your account is active, unless you request that we retain it for longer.
If you request account deletion on sitoto, we close your account and delete non-mandatory data. We retain transaction records and identity documents as required by law, but we remove your personal contact information from active systems.
International Data Transfers
Our servers and infrastructure may be located outside Indonesia. When you use sitoto, your data may be transmitted to, stored in, or processed in countries other than your country of residence. Data protection laws vary by jurisdiction, and your data may receive different levels of protection in other countries than it would in Indonesia.
By creating an account on sitoto, you consent to the international transfer and processing of your data as described in this privacy notice. We use encryption and contractual safeguards to protect data during international transfers.
Updates to This Privacy Notice
We may update this privacy notice to reflect changes in our operations or applicable law. We will notify you of material changes via email and display a notice on sitoto at least 30 days before the change takes effect. Your continued use of sitoto after the effective date constitutes acceptance of the updated notice.
Contacting Us About Privacy
If you have questions about our privacy practices on sitoto, wish to exercise your data rights, or believe we have mishandled your information, contact our support team through your account dashboard. We aim to respond to privacy inquiries within 10 business days. For formal data protection complaints, you may also contact your local regulatory authority or data protection agency if one exists in your jurisdiction.
Related policies
Our sitoto privacy notice is effective as of its publication date. We are committed to transparent data handling and respect for your privacy. Our services are available only where local law permits. For questions or to exercise your rights, contact our support team through your account dashboard.
Legal and Jurisdiction Information
Service availability
We offer our sitoto service only in jurisdictions where online gaming and sportsbook services are legally permitted by applicable local law. We do not make independent determinations about the legality of our service in your specific location—that responsibility rests with you, the user. Before accessing sitoto, you must verify that your jurisdiction permits access to platforms like ours and that such access does not violate local regulations, licensing requirements, or other legal constraints. We monitor changes in regional gaming laws and may restrict or withdraw our service from jurisdictions where it becomes prohibited. We do not target specific regions as "legal" or "illegal," nor do we claim to be licensed in any particular jurisdiction. Instead, we operate under the principle that our service is available only where the applicable law of that jurisdiction permits it. Our privacy notice and terms of use apply globally to all users of sitoto, regardless of their location, and access is contingent on your acceptance of these policies and compliance with applicable local law. If you are unsure whether sitoto is available in your jurisdiction, we recommend reviewing local gaming regulations or consulting with a legal professional familiar with your region's laws before creating an account.
Account eligibility
To create an account on sitoto, you must be of legal age according to the laws applicable in your jurisdiction. Because age requirements vary significantly across jurisdictions, we do not impose a single age threshold globally. Instead, we require all applicants to certify during registration that they meet the minimum age requirement in their own jurisdiction. During our know-your-customer verification process, we confirm your date of birth against government-issued identification documents. If we discover that your account was created by someone below the legal age in their jurisdiction, we close the account immediately and forfeit any associated balance. We do not permit multiple accounts per person on sitoto, and we do not permit account creation on behalf of other individuals. If you are a parent or guardian concerned about a minor's access to our platform, you are responsible for implementing technical or parental controls to restrict that access. We do not provide account management tools specifically for minors or age-restricted users. By creating an account on sitoto, you certify that you are of legal age in your jurisdiction and that you are authorized to enter into binding agreements under the laws of that jurisdiction.
Local-law responsibility
You are solely responsible for determining whether accessing and using sitoto complies with the laws of your jurisdiction. We provide our platform on an "as-available" basis and do not guarantee that it is legal for you to use it, even if access is technically possible from your location. Some jurisdictions prohibit all forms of online gaming; others permit specific types such as sportsbooks but restrict live-dealer tables or slot games; still others permit all forms but require licensing or tax registration. Your obligation is to understand your own jurisdiction's laws before creating an account or depositing funds on sitoto. If your jurisdiction prohibits access to our platform, we advise you not to use it, and we reserve the right to block or restrict access from those jurisdictions at any time. We do not provide legal advice regarding your jurisdiction's laws, and we do not accept liability if you use sitoto in violation of local law. If you are unsure about the legal status of online gaming in your area, we recommend consulting with a local attorney or regulatory authority before accessing our platform. Your access to sitoto constitutes your acceptance of responsibility for determining and complying with applicable local law in your jurisdiction.
Data and privacy scope
When you create an account on sitoto, we collect personal data including your full legal name, date of birth, phone number, email address, and government-issued identity documents as part of our know-your-customer verification process. We also collect payment information (the payment methods you link to your account) and transactional data such as deposits, withdrawals, tournament entries, and game activity. This data is collected for compliance, security, fraud prevention, and account management purposes. We retain your identity documents and verification records indefinitely for regulatory compliance and audit trails. Your transactional data is retained for a minimum of seven years to support dispute resolution and regulatory inquiries. We encrypt all data in transit and at rest using standard security practices. We do not sell your personal data to third parties. We may share your data with payment providers, fraud-detection services, and regulatory authorities if required by law or to enforce our terms. Our full privacy notice explains in detail how we handle each category of data. By creating an account on sitoto, you consent to our collection and use of your data as described in this privacy notice and our terms of use.
Contact for legal inquiries
If you have legal questions about sitoto, our privacy notice, or your rights and obligations as a user, you may contact our support team through your account dashboard or via the contact methods provided in your account settings. We aim to respond to legal or compliance inquiries within five business days. We do not provide legal advice, but we can clarify our policies, explain how our platform operates, and direct you to relevant sections of our privacy notice and terms of use. If you wish to report a suspected violation of our policies by another user, or if you have identified a security vulnerability, contact our support team immediately. For regulatory or government inquiries, we maintain a dedicated legal contact address listed in our legal notice. We comply with lawful requests from regulatory authorities and may cooperate with investigations conducted by government agencies in jurisdictions where sitoto operates. Response times for regulatory inquiries may vary depending on the urgency and complexity of the request. All other privacy-related questions should be directed to our standard support channels through your sitoto account.