onictoto Casino & Sportsbook Data Care
This page describes what we collect when you use onictoto and how we keep that data protected. We collect personal information only to verify your identity, process your deposits and withdrawals, and maintain your account. We don't sell your data to third parties, and we don't use it for marketing beyond service notifications.
Our data handling follows Indonesian data protection principles and international standards. When you create an account on onictoto, we encrypt your credentials, store your identity documents securely, and limit internal access to what's necessary for account management and legal compliance. Your payment information (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet transaction records) is handled by our payment partners under their own security protocols.
We've structured this policy to be clear and direct. Each section explains what we collect, why we collect it, how long we keep it, and what rights you have. If you have questions about your data on onictoto, our support team can provide specific details about your account.
What Data We Collect on onictoto
We collect your email address, phone number, full name, and date of birth when you register an account on onictoto. This is our Know Your Customer (KYC) verification step. We may request additional identity documents (national ID, passport, or driver's license) depending on your region and deposit size. We store these documents securely and use them only for account verification and fraud prevention.
When you log in to onictoto, we record your login timestamp and device type (Android, iOS, or browser). This helps us detect unusual account activity and protect against unauthorised access. We don't track your location in real time, but we do note the country from which you access onictoto to ensure you're in a supported jurisdiction.
We collect transaction data: every deposit, withdrawal, and game session on onictoto is logged with the amount, timestamp, and outcome. This data is stored in your account history so you can review it at any time. We use this data to settle disputes, detect fraud, and comply with financial regulations across supported regions like Jakarta, Surabaya, Bandung, and Medan.
We collect cookies and session tokens when you use onictoto. These allow us to keep you logged in across app restarts and to remember your preferences (language, notification settings, favourite games). We don't use cookies to track you across other websites.
We collect only what we need to operate onictoto
We don't ask for your address, employment history, or social media profiles. We collect identity information for verification, payment information for transactions, and activity logs for security and compliance.
How We Use Your Data on onictoto
We use your email and phone number to send account notifications: login alerts, deposit confirmations, withdrawal status updates, and password reset links. We don't send promotional emails or unsolicited marketing. You can control which notifications you receive in your account settings on onictoto.
We use your identity documents to verify your account during registration and before your first withdrawal. This verification protects both you and our platform by ensuring that accounts are linked to real individuals and that withdrawals go to the correct person. Verification typically takes 24 hours.
We use your transaction data to settle disputes, detect fraud, and comply with financial regulations. If you question a game result or a withdrawal status on onictoto, we review your transaction logs to investigate. We also use aggregated (non-personal) transaction data to monitor platform health and detect suspicious patterns.
We use your login and device data to protect your account. If we detect an unusual login (e.g., from a new device or country), we may require additional verification. This two-factor authentication step takes 10–30 seconds but adds meaningful security.
Third-Party Data Processors
Our payment partners (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) receive your payment information when you deposit or withdraw. We don't control how these partners handle your data—they operate under their own privacy policies. We recommend reviewing their policies if you want to understand their data practices.
We use cloud hosting providers to store onictoto's servers and databases. These providers may be located outside Indonesia. We encrypt all data in transit and at rest, so your information is protected even if it crosses borders. We have data processing agreements with all our hosting providers to ensure they meet our security standards.
We may share your data with law enforcement or regulatory authorities if required by law. We don't do this voluntarily; we respond only to valid legal requests. If we receive such a request, we'll notify you unless we're legally prohibited from doing so.
Your Rights on onictoto
You have the right to access your data on onictoto. You can view your account information, transaction history, and login activity in your account settings at any time. If you want a complete copy of your data, our support team can provide it in a standard format.
You have the right to correct inaccurate data. If your name, email, or phone number is wrong on onictoto, you can update it in your account settings. If you need to change your identity documents, contact our support team.
You have the right to delete your account on onictoto. When you close your account, we delete your personal information (name, email, phone, identity documents) within 30 days. We retain transaction records for 7 years as required by financial regulations, but we remove all identifying information so the records are anonymised.
You have the right to object to certain data uses. If you don't want to receive login alerts or deposit confirmations, you can disable notifications in your account settings. However, we must retain transaction data for legal compliance, so you can't opt out of that.
Security and Data Protection on onictoto
We encrypt all data in transit using HTTPS (TLS 1.2 or higher). When you log in to onictoto or submit payment information, the data is encrypted before it leaves your device. We don't store passwords in plain text; we hash them using industry-standard algorithms so that even our staff can't see your password.
We store your data on encrypted servers with access controls. Only authorised staff can access your account information, and we log all access attempts. We conduct regular security audits and penetration tests to identify and fix vulnerabilities.
We support two-factor authentication (2FA) on onictoto. When you enable 2FA, login requires a confirmation code from your phone in addition to your password. This significantly reduces the risk of unauthorised access even if your password is compromised.
We have an incident response plan. If we detect a data breach on onictoto, we'll notify affected users and relevant authorities within the timeframes required by law. We'll also take steps to prevent similar incidents in the future.
Cookies and Tracking on onictoto
We use session cookies to keep you logged in on onictoto. These cookies expire when you close your browser or after a period of inactivity (typically subject to verification). We use persistent cookies to remember your preferences (language, notification settings) across sessions. You can delete these cookies in your browser settings, but you'll need to log in again and reset your preferences.
We don't use third-party tracking cookies or analytics that follow you across other websites. We use internal analytics to understand how users navigate onictoto (e.g., which games are most popular, where users encounter errors), but this data is aggregated and anonymised.
Contact and Data Requests
If you have questions about your data on onictoto, want to request a copy of your information, or want to exercise your rights, contact our support team. We respond to data requests within 30 days. You can also contact us if you believe we've mishandled your data or violated this policy.
We review this privacy policy periodically and update it if our practices change. We'll notify you of material changes via email or a notice on onictoto. Your continued use of onictoto after a policy update means you accept the new terms.
Summary of Our onictoto Data Commitments
We collect personal information only to verify your identity, process your transactions, and maintain your account on onictoto. We don't sell your data, don't use it for marketing beyond service notifications, and don't share it with third parties except where required by law or payment processing. We encrypt all data in transit and at rest, limit internal access to what's necessary, and support two-factor authentication for security.
You have the right to access, correct, and delete your data on onictoto. You can review your account information and transaction history at any time. If you close your account, we delete your personal information within 30 days while retaining anonymised transaction records for legal compliance.
Our data handling follows Indonesian data protection principles and international standards. If you have questions about how we handle your data on onictoto, our support team is available to help. We're committed to transparency and to protecting your information as you use our platform.