rdtoto Platform Privacy Notice
This page describes what we collect when you use rdtoto and how we keep that data protected. We collect personal information to run our gaming platform, process your deposits and withdrawals via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, and e-wallet, verify your identity, and provide customer support. Our data practices comply with Indonesian privacy law and international standards.
We store your data on secure servers. Some servers may sit outside Indonesia; we encrypt all data in transit and at rest to prevent unauthorised access. You have the right to know what we hold about you, request corrections, and ask for deletion subject to our legal retention obligations. This policy explains your rights and how to exercise them.
Our privacy practices are reviewed periodically and updated as our service evolves. If we make material changes to how we use your data, we will notify you by email at least 14 days before the change takes effect. By using rdtoto, you consent to this privacy policy.
What personal data we collect on rdtoto
We collect information you provide directly: your legal name, email address, phone number, date of birth, and national identity document (KTP for Indonesian nationals). During account verification, we may ask for a photo of your ID and a selfie to confirm you are who you claim to be. We also collect your nominated payment methods (bank account or wallet details) to process deposits and withdrawals.
We collect information about your activity on rdtoto: login timestamps, game history (which games you played, bets placed, results), deposits and withdrawals, support inquiries, and device information (browser type, IP address, operating system). This data helps us detect fraud, improve our platform, and personalise your experience. We do not sell this data to third parties.
We collect transactional data from our payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet). When you deposit or withdraw, your payment provider shares transaction details with rdtoto (amount, timestamp, payment method, your account identifier). This data is merged with your rdtoto account for record-keeping.
How we use your data on rdtoto
We use your personal information to operate the platform: creating your account, processing your deposits and withdrawals, settling game outcomes, and sending you transaction confirmations. Your email and phone are used for account recovery, two-factor authentication, and support communication. During major events like Liga 1 finals, Piala Indonesia matches, Piala AFF tournaments, and holidays (Idul Fitri, Idul Adha, Imlek, Nyepi), we may send promotional messages about new games or deposit offers—you can opt out of these in your account settings.
We use activity data to detect fraud and money laundering. If we notice suspicious patterns (e.g., rapid deposit-and-withdrawal cycling, betting on events from multiple jurisdictions simultaneously, account access from conflicting geographic locations), we investigate and may freeze your account pending review. This protects both you and rdtoto from criminal activity.
We use aggregated, anonymised data for analytics: understanding player behaviour, improving game performance, and planning server capacity for peak seasons. This aggregated data cannot identify you personally.
Third parties and data processors on rdtoto
We share your data with third parties only as necessary to operate rdtoto. Your payment information goes to our acquiring banks (mobile banking, local payment, online payment, e-wallet) and wallet processors (mobile banking, local payment, online payment, e-wallet, mobile banking, local payment) to execute deposits and withdrawals. These processors have their own privacy policies; we recommend reviewing them.
We may share your data with government authorities (Indonesian tax office, financial crime investigation unit, local law enforcement) if legally compelled by court order or statute. We do not volunteer information; we respond only to formal legal requests. If we receive such a request, we will notify you unless prohibited by law.
We use third-party services for email delivery (confirmation emails, password resets), analytics (understanding which games are popular in Jakarta, Surabaya, Bandung, Medan, Semarang and other regions), and customer support platforms. These vendors are contractually bound to protect your data and use it only for the services they provide to rdtoto.
Data sharing on rdtoto
- Payment processors (online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) receive transaction details
- Government authorities receive data only by court order or legal compulsion
- Email, analytics, and support vendors receive limited data under strict contracts
- We do not sell your personal data to advertisers or data brokers
- Game providers (CQ9, live-dealer studios) may see your username and game activity but not payment details
Your data retention and deletion rights on rdtoto
We retain transaction data (deposits, withdrawals, bets, results) for seven years after your account closes. This is required by Indonesian financial regulations for tax and anti-money-laundering compliance. Personal identifiers (name, email, phone, KTP) are retained for seven years as well. After seven years, we delete this data unless we are required to retain it longer by law.
You can request anonymisation of your personal identifiers before the seven-year period ends. We will replace your name with a unique code, delete your email and phone, and remove your KTP details—while keeping transaction records for regulatory compliance. This way, your financial history is preserved for audit purposes but is no longer linked to your identity.
To request anonymisation or deletion, contact our privacy team via the support form on our FAQ page or email [email protected]. We will respond within 30 days. If you close your account, we do not delete data immediately; we mark your account as inactive and proceed with the standard retention timeline above.
Cookies and tracking on rdtoto
We use cookies (small text files stored on your device) to remember your login session, preferences (e.g., dark mode, language), and to track how you navigate rdtoto. These cookies help us improve user experience and prevent fraud. We use both first-party cookies (set by rdtoto) and third-party cookies (set by analytics providers). You can disable cookies in your browser settings, but this may break some rdtoto features (e.g., login persistence).
Our analytics provider may place tracking pixels on rdtoto pages to measure traffic and user behaviour. This data does not identify you personally; it is aggregated across all rdtoto users. You can opt out of analytics tracking in your account privacy settings.
Your rights and how to exercise them on rdtoto
You have the right to access your personal data. Contact our privacy team and we will provide a complete export of what we hold about you within 30 days. You have the right to correct inaccurate information (e.g., if your registered phone number is wrong); update this via Account Settings or contact support. You have the right to request deletion of your personal data subject to our seven-year retention requirement for transactions.
You have the right to opt out of marketing communications (promotional emails and SMS). Use the unsubscribe link in any promotional message or adjust your preferences in Account Settings. Opting out does not affect transactional emails (order confirmations, password resets, support replies).
If you believe rdtoto has mishandled your data, contact us first. If you are not satisfied with our response, you may lodge a complaint with Indonesia's Personal Data Protection Authority (OPDP). Our full privacy practices and contact details are available on this page. We are committed to transparent, lawful data handling.