lintoto Platform Privacy Notice
This page describes what we collect when you use lintoto and how we keep that data protected. We operate our gaming platform across multiple Indonesian regions—Jakarta, Surabaya, Bandung, Medan, Semarang, Yogyakarta, and elsewhere—and handle personal data according to Indonesian privacy law and international standards. Our commitment is transparency: we tell you what we collect, why we collect it, and who we share it with.
When you open an account, deposit funds via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer (mobile banking, local payment, online payment, e-wallet), or request a withdrawal, you provide personal information to lintoto. We store, encrypt, and protect that information. We don't sell it to advertisers. We don't share it with unrelated third parties. This policy explains what happens to your data at every step.
If you have questions about how lintoto handles your information, our support team can answer them. You also have rights—to access your data, to correct it, to request deletion (subject to legal retention requirements), and to withdraw consent. We respond to data requests within 30 days.
What we collect and how we use it on lintoto
We collect data in three categories: account information, transaction information, and device/usage information.
Account information: When you open a lintoto account, we collect your email address, a password (hashed, never stored in plain text), and your chosen payment method. During account opening, you optionally provide a display name. We use this data to identify you, communicate with you about your account, and process your requests.
Before your first withdrawal, we collect Know-Your-Customer (KYC) data: government-issued ID (KTP, passport, or driver's license), proof of residence (utility bill, bank statement, or rental agreement), phone number, and birth date. We verify this information against government databases (where permitted by law) and payment-processor requirements. We use KYC data to comply with anti-money-laundering regulations, prevent fraud, and confirm that you are of legal age and a real person. We do not share KYC data with third parties except when required by law or to fulfill payment processing.
Transaction information: We record every deposit, withdrawal, and wager on lintoto. We capture the amount, timestamp, payment method used (e.g., DANA, e-wallet, mobile banking virtual account), and transaction status (completed, failed, pending). We store this data for settlement reconciliation, accounting, and fraud detection. We retain transaction history for at least 7 years to comply with Indonesian financial regulations.
Device and usage information: We log your IP address, browser type, device type (mobile, desktop), operating system, and pages visited. We track session duration, login times, and game interactions (which games you play, your bet amounts, outcomes). We use this data to prevent abuse, detect fraudulent activity, improve our platform, and troubleshoot technical issues. We don't use this data for marketing or to build advertising profiles.
We encrypt payment data separately
Your local payment wallet, online payment account, or bank account information is encrypted and stored separately from your account profile. This isolation ensures payment details are protected even if other account data is accessed.
Our lintoto data security practices
We protect your data using industry-standard encryption. All data transmitted between your device and lintoto's servers uses TLS (Transport Layer Security), the same encryption banks use. Data at rest—stored in our databases—is encrypted using AES-256 encryption. We control access to encrypted data through role-based access controls: only lintoto staff with a legitimate need (e.g., customer support investigating a withdrawal issue) can view your personal information.
We conduct annual security audits by independent third-party firms. These audits test our infrastructure for vulnerabilities, validate our encryption implementation, and verify our access controls. We maintain backups of all data in geographically separated locations to prevent data loss; these backups are also encrypted.
Our servers may sit outside Indonesia. Some databases are hosted in Asia-Pacific regions; backup copies may reside in other countries. Data leaving Indonesia or moving between servers is encrypted end-to-end, so physical location doesn't expose plain-text information. By using lintoto, you consent to this international data transfer.
Third parties and payment processors
We share your data with specific third parties only as needed to operate our platform. Payment processors: When you deposit via e-wallet, mobile banking, or local payment, we share your transaction request with those e-wallet providers. When you use a online payment, e-wallet, mobile banking, or local payment virtual account, we share your transfer details with our bank partners. These processors receive only the information necessary to complete the transaction—your name, amount, and account reference. They are contractually bound to protect your data and use it only for payment processing.
Fraud detection and KYC verification: We share your ID number and name with Indonesian anti-fraud databases and government identity-verification services when required by law. This is part of KYC compliance. We do not sell or share this data with marketing companies or data brokers.
Customer support: Our multilingual support team (operating in Jakarta, Surabaya, and other cities) has access to your account data to investigate disputes, confirm withdrawals, and troubleshoot technical issues. Support staff are trained on data protection and sign confidentiality agreements.
Cookies and tracking on lintoto
We use cookies (small files stored on your device) to maintain your login session and remember your preferences (language, theme, last-played game). These are functional cookies—necessary for the platform to operate. We don't use tracking cookies for behavioral advertising.
You can disable cookies in your browser settings, but some lintoto features may not work correctly. Our cookies expire after your session ends or after a defined inactivity period (typically 30 days). We don't place cookies on third-party sites.
Your privacy rights on lintoto
- Right to access: Request a copy of all data we hold about you
- Right to correct: Update inaccurate personal information
- Right to delete: Request deletion of your data (subject to legal retention requirements)
- Right to withdraw consent: You may withdraw consent for data processing; we'll delete or anonymize your data where legally permitted
- Right to data portability: Request your data in a portable format (CSV, JSON) for transfer to another service
Data retention and deletion on lintoto
We retain account data (email, password hash, phone number) for as long as your account is active. If you close your account, we retain this data for 7 years for anti-fraud and regulatory compliance purposes, then securely delete it. We retain transaction records (deposits, withdrawals, bets) for 7 years as required by Indonesian financial law, then delete them. KYC documents (ID scans, address proofs) are retained for 7 years after your last account activity, then deleted.
You can request early deletion of your account at any time by contacting our support team. If your account has an outstanding balance or pending withdrawal, you must resolve those before deletion. We respect deletion requests unless we're required by law to retain your data (e.g., anti-money-laundering holds during fraud investigations).
Our lintoto privacy commitment
Privacy is foundational to how we operate lintoto. We don't monetize your data through advertising. We don't build shadow profiles or sell to data brokers. Our business model is straightforward: you fund an account, you place wagers, we settle outcomes, and you can withdraw your funds. Your data is a necessary operational asset, not a product we sell.
This privacy notice is effective as of the date it was last updated. We revise it periodically to reflect changes in our practices or legal requirements. Material changes (e.g., a new third-party processor, a change in data retention policy) are communicated via your account notification center. Your continued use of lintoto after notification constitutes acceptance of the updated notice.
Contact our support team if you have privacy questions, wish to exercise your data rights, or believe we've mishandled your information. Response times vary by request type (access requests typically 30 days, complaints investigated within 14 days), but we treat all privacy inquiries as priority.
Data processors and international transfers on lintoto
We use third-party service providers to host our infrastructure, process payments, and maintain backups. These processors are contractually bound to use your data only for the purposes we specify and to implement the same security standards we do. Where processors operate outside Indonesia, we ensure data transfers include legal safeguards (standard contractual clauses or binding corporate rules).
Our primary infrastructure partners are cloud-hosting providers in Asia-Pacific. Our payment processors are licensed financial intermediaries in Indonesia and neighboring countries. Our backup service providers maintain encrypted copies in geographically separated regions. All of these partners sign data-processing agreements that commit them to data protection and confidentiality.
Policy updates and contact
This privacy notice applies to all lintoto users, regardless of region. It supersedes all previous privacy policies. We may update it to reflect legal changes, operational changes, or improvements in our practices. We notify you of material changes via your account or email. Your use of lintoto after notification indicates acceptance of the updated notice.
If you disagree with our privacy practices or believe we've violated your data rights, you can lodge a complaint with us or with Indonesian data-protection authorities. We investigate all complaints and respond within 30 days.