LEGAL REFERENCE

Your privacy matters. Here's how we protect it.

Q: How do I request a copy of my personal data or ask for deletion?

Email privacy@totomacau4d.bet or use the Data Access form in account settings. Include your account ID and a photo ID copy. We verify your identity, then deliver your data within 14 days. Deletion is subject to legal retention requirements.

At totomacau 4d, your account security and data protection are built into every transaction. This privacy policy outlines exactly what we collect, how we use it, and the...

Account SecurityPayment ProtectionData EncryptionIndonesia Compliance

Tour the Lobby Read FAQ

Privacy Policy Overview

totomacau 4d operates as a gaming platform for supported regions in Indonesia. We collect personal data only to operate your account, process deposits via DANA, OVO, GoPay and QRIS, and prevent fraud. Your information is encrypted, never sold to third parties, and retained only as long as your account is active or as local law requires. Access requests and data corrections can

be submitted to our support team. We comply with data protection standards applicable in Indonesia and notify you of material policy changes within 30 days.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

HELP CHANNELS

Privacy Questions & Support

Team online

Email Support

Contact our data protection team at [email protected] for account security, data access requests, or deletion queries. We respond within 48 hours.

Live Chat

Reach our support agents through in-account chat during operating hours. Ask about payment data handling, encryption methods, or any privacy concern tied to your lobby access.

Privacy Request Form

Submit formal data access, correction, or deletion requests via our account settings page. Verification may be required to confirm your identity before processing.

WHY VISITORS TRUST US

Why Your Data Is Safe Here

SSL Encryption Standard

Every deposit through DANA, OVO, GoPay and QRIS travels over 256-bit SSL encryption. Your payment credentials never touch our servers...

Data Segregation

Account credentials, transaction logs and personal details are stored in separate encrypted databases. Breach of one compartment does not expose...

Annual Security Audit

Third-party penetration testing and compliance audits run yearly. Results inform our encryption upgrades and fraud-detection rules. Audit summaries are available...

Indonesia Data Residency

Personal data collected from Indonesia-based accounts is retained on Indonesia-region servers, aligned with local data protection expectations. International transfers require...

No Third-Party Data Sales

We never sell, lease or share your account data, payment history or betting patterns with marketers, data brokers or unaffiliated...

Payment Partner Vetting

DANA, OVO, GoPay and QRIS providers are selected and monitored for PCI compliance. We review their security postures quarterly and...

Consistency Across Our Policy Suite

Terms of Service	Defines account rights and restrictions. Privacy policy works alongside it — terms address what you can do; privacy explains how we guard your data while you do it.
Cookie Policy	Separate document covering session tracking, analytics and ad-preference cookies. Links to privacy policy; both comply with Indonesia browser tracking norms and user consent requirements.
Responsible Account Use	Covers account limits, deposit caps and self-directed pause tools. Privacy policy ensures those settings are encrypted and never shared with external parties. Both protect you.
Payment Security Addendum	Details PCI DSS standards for DANA, OVO, GoPay and QRIS transaction handling. Sits under privacy policy; reinforces that payment data is segregated and never used for marketing.
Affiliate & Partner Disclosure	Explains how totomacau 4d partners earn commission; clarifies that affiliate data flows do not include your personal details. Partners see only aggregated, non-identifying referral metrics.
Mobile App Privacy Notice	Mobile app collects device identifiers and location metadata for crash reporting and fraud prevention. Full disclosure is in-app; phone-specific permissions are consistent with web policy.
Incident Response Protocol	Documents how we notify you if a data breach occurs. Privacy policy commits us to 72-hour notification to affected users. Incident response sits as an appendix to main policy.

What Protects You Inside the Policy

Encrypted Deposit Flow

Every DANA, OVO, GoPay and QRIS transaction is tokenized before it enters our database. Your wallet ID and PIN never appear in our logs. Payment gateway partners handle credential storage.

Account Verification Layer

Before withdrawals, we verify your identity via phone OTP or email confirmation. This two-factor check is mandatory; data collected for verification is retained for 90 days post-transaction only.

Session Timeout & Auto-Lock

Your account session expires after 30 minutes of inactivity. Login credentials reset on browser close. If you access from a new device, we send a confirmation email to the registered address.

Transaction History Privacy

Your betting history and payout records are visible only to you and our compliance team. Marketing and analytics teams receive only anonymized, aggregated game-play statistics—never personal bet details.

Cookie & Tracking Consent

We ask for explicit consent before placing non-essential cookies. You can opt out of analytics tracking in account settings; essential cookies for security and fraud prevention remain active by design.

Right to Data Portability

You can request a copy of your personal data in machine-readable format (CSV or JSON) within 14 days. This includes account details, transaction dates and dispute records for your review and export.

Privacy Policy Questions Answered

We collect your name, email, phone number, date of birth, and Indonesia ID or tax ID for verification. Payment information (DANA, OVO, GoPay, QRIS wallet details) is tokenized and never stored in plain text. We also log your IP address and device type for fraud prevention.

Account data is retained for 7 years post-closure to comply with Indonesia financial reporting laws. Personal identifiers (name, email) are deleted after 2 years unless required for dispute resolution. Payment records remain for the full 7-year window.

We only share data with payment processors (DANA, OVO, GoPay, QRIS providers), fraud-detection services, and law enforcement if legally required. We never sell your data to marketers. Partners sign strict data-processing agreements.

Your payment credentials are sent directly to the payment provider, not through totomacau 4d servers. We receive only a transaction confirmation token. Your wallet credentials and PIN remain private to the payment provider alone.

Email [email protected] or use the Data Access form in account settings. Include your account ID and a photo ID copy. We verify your identity, then deliver your data within 14 days. Deletion is subject to legal retention requirements.

Your betting history is private. We do not share individual bet details with marketers. We use only anonymized, aggregated data for game-feature recommendations and platform improvements. You can opt out of recommendation emails in settings.

If a breach affects your account data, we notify you by email and SMS within 72 hours. We also post a notice on the platform homepage. We'll specify what data was exposed and steps you can take to protect yourself.