dinastoto - Privacy Policy for Online Casino Members

What We Collect and How We Use It

When you create an account with dinastoto, we collect your email address, full name, date of birth, and a password. We use these details to authenticate you on our platform and to communicate important account updates, verification status changes, and withdrawal confirmations. Our authentication system verifies your credentials each time you log in; we do not store your password in plain text and do not transmit it unencrypted.

Before you deposit, we ask for identity verification. We collect a government-issued ID number, a photograph or scan of your ID document, and proof of your address—typically a utility bill or bank statement. We use these to confirm you are who you claim to be and to meet know-your-customer (KYC) obligations under Indonesian banking regulations. This verification step may take 1–2 business days; during this period, we hold your data in a secure queue pending review by our compliance team.

Payment Data and Transaction History

When you choose a deposit method—whether DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet—we collect the payment details you provide and store a record of every transaction you make. This includes the date, time, amount, payment method used, and the status (successful, pending, failed, or reversed). We retain transaction records for seven years to meet tax and regulatory requirements. We do not store your full payment credentials (e.g., card numbers or bank account numbers) on our own servers; those details are encrypted and stored by our payment processors. We receive only a tokenised reference that allows us to initiate future transactions to the same account.

We do not sell or share your payment data

Your payment information is used only to process deposits and withdrawals on your behalf. We do not share it with marketing partners, data brokers, or any third party except the payment processors necessary to complete your transactions.

How We Use Your Data on dinastoto

Beyond identity verification and payment processing, we use your data in several ways. We analyse your account activity to detect fraudulent patterns and to protect against money laundering and abuse. If you contact our support team, we keep a record of your inquiry and our response so we can handle follow-ups efficiently. We may use your email to notify you of system maintenance, security alerts, or changes to our terms. We do not use your data to build advertising profiles or to sell you marketing. We also do not monitor your gameplay patterns for profiling purposes; we collect gameplay logs only to debug technical issues and to enforce our account terms.

Data retention: We keep account data for the duration of your membership plus three years after closure. Transaction records are retained for seven years. Identity documents are deleted after five years unless required by law to keep them longer.
Third-party processors: Our payment processors, email service, and server hosts may process your data on our behalf. We ensure they meet equivalent data protection standards through written agreements. You can request a list of our processors by contacting us.
Cookies and tracking: We use cookies to maintain your login session and to remember your preferences. We do not use third-party tracking cookies for advertising. You can disable cookies in your browser settings, though doing so may limit some platform features.

Your Rights and Our Commitments

You have the right to request access to all personal data we hold about you. We will provide it in a machine-readable format within 14 business days. You also have the right to request correction of inaccurate data—for example, if your registered address has changed. We correct such information within 5 business days. You may request deletion of your account and associated data; we will remove it within 30 days except where we are legally obliged to retain it for compliance purposes (such as transaction records for tax audits).

If you believe we have misused your data or violated your privacy rights, you may lodge a formal complaint with us. We investigate all complaints within 14 business days and will advise you of the outcome. If you remain unsatisfied, you may escalate to the relevant Indonesian data protection authority. We undertake to cooperate fully with any official investigation. We also undertake to notify you promptly—within 72 hours—if there is a data breach that compromises your information, except where such notification would compromise an ongoing investigation.

This privacy policy applies to all uses of dinastoto and may be updated at any time. Material changes are communicated to you via email. Your continued use of the platform after notification constitutes acceptance of the updated policy. You may contact our privacy team at any time with questions, requests, or concerns about how we handle your data.