dingdongtoto Platform Privacy Notice

Data protection regulation across Indonesia and other regions has shifted significantly in recent years, making transparency about how operators handle user information a standard requirement. This page describes what we collect when you use dingdongtoto and how we keep that data protected.

We at dingdongtoto take your privacy seriously. When you create an account, fund it, place a wager on our live-dealer tables, sportsbook markets, or slot games, we collect and process personal data. We use it to operate your account, comply with local regulations, and prevent fraud. We do not sell your data to third parties, and we encrypt all sensitive information in transit and at rest.

This notice explains our data practices in detail. If you have questions after reading it, contact our support team via the in-app help system. Your service on dingdongtoto is available only where local law permits; if you are outside a permitted jurisdiction, the legal status of your data processing is your responsibility.

What Data We Collect on dingdongtoto

When you register for dingdongtoto, we collect your email address, phone number, and a strong password. During account creation, you also provide your date of birth and a username. We use this to set up your account and authenticate you when you log in.

Before you can deposit or wager on dingdongtoto, we perform identity verification (KYC). You provide your national identity document number; we cross-reference it against government records to confirm your identity. Depending on your location—Jakarta, Surabaya, Bandung, Medan, Semarang, or elsewhere in a permitted jurisdiction—this verification is automated or may require additional documentation (a photo of your ID or a selfie holding your ID).

When you fund your account, we collect transaction data tied to your chosen payment method: DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or your bank account (mobile banking, local payment, online payment, e-wallet). We do not store your full payment credentials; our processor tokenises them. We record the amount, date, and method so we can match deposits to your account and detect suspicious patterns.

Activity and Behavioural Data

We log your activity on dingdongtoto: which games you access, how long you play, your wager history, and your win/loss outcomes. We track your session IP address and device type (mobile, desktop, web browser) for security and fraud prevention. If you enable two-factor authentication, we store a hash of your 2FA secret so we can verify codes when you log in from a new device.

We retain this activity data indefinitely for account reconciliation, dispute resolution, and regulatory reporting. If you request your data export, we provide a full history within 5 business days.

We do not retain your password

Your password is hashed using industry-standard cryptography. We cannot retrieve or reset it—you can only reset it yourself via the login page.

How We Use and Protect Your Data

We use your personal data for four main purposes: operating your account, complying with law, preventing fraud, and communicating with you. We never use your data to sell products, send unsolicited marketing, or build profiles for third-party advertisers.

Your data is encrypted using SSL/TLS when it travels between your device and our servers. At rest, sensitive fields (passwords, identity numbers, 2FA secrets) are encrypted using AES-256. Our servers are located in secure data centres with restricted access and continuous monitoring. We undergo regular security audits and penetration testing.

Third-Party Data Processors

We work with external processors to operate dingdongtoto:

Payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, and our banking partners) handle your deposit and withdrawal transactions. They may retain transaction records per their own privacy policies.
Identity verification vendors cross-check your document number against government records during KYC. Data is deleted after verification unless you challenge the result.
Cloud hosting providers host our databases and application servers. Our provider enforces data residency rules; your data may sit outside Indonesia if required by our operational needs.
Email and SMS providers send you account notifications and password-reset codes. These providers have access to your contact details during transmission but do not retain logs.

All processors sign data processing agreements binding them to GDPR-equivalent safeguards, even if GDPR does not apply in your jurisdiction.

Your Rights on dingdongtoto

You have the right to access your data. Request an export in Account Settings → Data & Privacy; we provide a complete download within 5 business days. You can update your email and phone number directly in your account settings. If you want to delete your account, contact support; we will close it and retain transaction records only as required by law (typically 7 years for anti-money-laundering compliance).

If we deny a data-access request or refuse to delete your account, we provide a reason in writing. You can escalate disputes through your local data-protection authority if applicable in your jurisdiction.

Cookies and Tracking

We use cookies to keep you logged in and to remember your language preference. Cookies are small text files stored on your device; you can disable them in your browser, but dingdongtoto will not function properly without them. We do not use third-party tracking cookies or analytics libraries that build cross-site profiles. We do not use Google Analytics or Facebook Pixel.

International Data Transfers

Our servers may sit outside Indonesia. By using dingdongtoto, you consent to your data being transferred to and processed in jurisdictions outside your home country. If your jurisdiction has data-export restrictions (for example, the European Union under GDPR), you assume all legal risk if you choose to use dingdongtoto.

Data you should know

We collect email, phone, identity number, payment data, and activity logs.
All data in transit is encrypted via SSL/TLS; sensitive data at rest is encrypted via AES-256.
We retain activity logs indefinitely; identity data is retained per regulatory requirements.
We do not sell or share your data with advertisers or unrelated third parties.
Our processors may store data outside your jurisdiction as required by operations.

Contact Us on Privacy Matters

If you have a privacy concern or wish to exercise your rights, contact dingdongtoto support via the in-app help system or email. We respond to all data-subject requests within 30 days. For data-protection complaints, you may also escalate to your local regulator if applicable in your jurisdiction.

We update this privacy notice periodically. Major changes are communicated via in-app notification; continued use of dingdongtoto means you accept the updated notice. This notice is current as of the date last updated, shown at the bottom of the page.