comtoto wap Platform Privacy Notice

This page describes what we collect when you use comtoto wap and how we keep that data protected. We take data security seriously across account registration, payment processing, gameplay, and withdrawal requests. Our commitment is to handle your information transparently and in accordance with applicable privacy law.

When you create an account on comtoto wap, we collect personal details required for identity verification (KYC) and payment settlement. We use that information only for account management, fraud prevention, regulatory compliance, and service delivery. We do not sell your data to third parties. Your information is encrypted in transit and at rest on our servers.

Read on to understand what data we collect, how we use it, your rights, and how to contact us with privacy questions. Our services are available only where local law permits; we comply with applicable privacy and data-protection regulations in supported jurisdictions.

What data we collect on comtoto wap

Account registration and KYC verification

We collect your email address, full name, date of birth, phone number, and password when you register on comtoto wap. We require this information to set up your account and enable login. During KYC verification (mandatory before deposit or play), we ask you to upload a government-issued ID (national ID, passport, or driver's licence) and proof of address (utility bill or bank statement dated within the last three months).

We store these documents on our secure servers for compliance and fraud-prevention purposes. Our team reviews KYC submissions within 24–48 hours. Once verified, we retain your KYC records for as long as your account is active plus a regulatory retention period (typically five years). We do not share your government ID or KYC documents with third parties except where required by law (e.g., anti-money-laundering authorities).

Payment and transaction data

When you deposit or withdraw funds on comtoto wap, we collect transaction details including the payment method used (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet), amount, timestamp, and transaction status. We do not store your full credit-card number or e-wallet password. Payment processing is handled by our payment partners, who comply with PCI-DSS (Payment Card Industry Data Security Standard) requirements.

We use transaction data to verify deposits, process withdrawals, prevent duplicate charges, and generate account statements. We retain transaction records for seven years to comply with tax and financial-reporting obligations in Indonesia and supported jurisdictions.

Payment processor note: We use third-party payment processors to handle mobile banking, local payment, online payment, and other payment rails. Our processors are subject to their own privacy policies and data-protection agreements. comtoto wap does not have direct access to your payment-provider login credentials.

Gameplay and account activity

We log your gameplay activity on comtoto wap — including games played, bet amounts, round results, and balance changes — for account transparency and dispute resolution. We retain this data for the life of your account plus five years. These logs enable us to answer questions like "What happened in that spin?" or "When was my withdrawal approved?" without relying on player memory.

We analyse gameplay data in aggregate (not linked to individual players) to understand game performance, detect technical issues, and improve our service. We do not use individual gameplay data for marketing or third-party sale.

Cookies and device information

We use cookies and similar tracking technologies on comtoto wap to remember your login session, store your preferred language and game category, and track essential site analytics (page views, error rates, load times). We do not use cookies for cross-site tracking or advertising. You may disable cookies in your browser, but this may affect comtoto wap functionality (e.g., you may need to re-enter your password on each visit).

We also collect basic device information when you access comtoto wap — your device type (mobile, tablet, desktop), operating system, browser version, and IP address. This helps us diagnose technical issues and prevent account takeover (e.g., if your account is accessed from an unusual location, we may ask for additional verification).

Our comtoto wap data handling and your rights

Data security and encryption

We protect your data using industry-standard encryption (TLS/SSL for data in transit, AES for data at rest). Our servers are located in Indonesia and comply with local data-protection standards. We undergo annual security audits and maintain a data-breach response plan. If we discover unauthorized access to your account or personal data, we notify you within 24 hours via email and provide guidance on account recovery (password reset, two-factor authentication enablement).

Third-party processors and data sharing

We share your data with the following third parties only as necessary for service delivery:

Payment processors: DANA, e-wallet, mobile banking, local payment, online payment, e-wallet rail operators, and mobile banking / local payment / online payment / e-wallet (for bank virtual accounts) receive your name, phone, and transaction amount to process deposits and withdrawals.
KYC verification partner: Our identity-verification service reviews your government ID and address to confirm your identity. We do not share your KYC documents publicly.
Fraud-prevention vendor: We use automated fraud-detection tools to flag suspicious account activity. This vendor does not retain your personal data; we do.
Legal / regulatory authorities: If required by court order, anti-money-laundering authorities, or law-enforcement agencies in Indonesia or your jurisdiction, we may disclose your information.

We do not sell your personal data. We do not share your data with marketing companies, data brokers, or third parties for advertising purposes.

Your rights and account control

You have the right to:

Access: Request a copy of all personal data we hold about you on comtoto wap. Submit this request via the Help page; we will respond within 10 business days.
Correction: Update your email, phone, or address in your account dashboard at any time. Contact support if you need to update your registered name (which may require KYC re-verification).
Deletion: Request account closure and data deletion, subject to our retention obligations (e.g., we must retain transaction records for tax compliance). Once your account is closed, we anonymise personal data after the retention period expires.
Objection: Opt out of non-essential communications (e.g., promotional emails). You cannot opt out of transactional emails (account alerts, withdrawal confirmations).

Two-factor authentication protects your account

We recommend enabling two-factor authentication (2FA) in your account settings. 2FA requires a one-time code (sent to your email) when logging in from a new device. This prevents unauthorised access even if your password is compromised.

Data retention and deletion

We retain personal data only as long as necessary for the purposes listed above. Account data (name, email, phone) is kept for the life of your account plus five years after closure. Transaction records are retained for seven years per tax regulations. KYC documents are retained for five years after account closure. Gameplay logs are retained for five years. Once retention periods expire, we delete or anonymise your data. If you request early deletion (before legal retention periods end), we will comply where permitted by law; note that early deletion may prevent you from re-opening your account or disputing historical transactions.

Contact us about privacy

If you have questions about our privacy practices, wish to exercise your rights, or believe we have mishandled your data, contact us via:

Email: [email protected]
Help form: Select "Privacy" as the subject line in your account dashboard
Mail: comtoto wap Privacy Officer, Jakarta, Indonesia

We aim to respond to privacy inquiries within 10 business days. If you believe we have violated applicable privacy law, you may lodge a complaint with your local data-protection authority (e.g., the Indonesian Personal Data Protection Authority if you are in Indonesia).

Policy changes

We may update this Privacy Notice to reflect changes in our practices or applicable law. We will notify you of material changes via email at least 30 days before they take effect. Continued use of comtoto wap after the effective date constitutes acceptance of the updated policy. Check this page regularly for the latest version.

Our commitment to your privacy is central to how we operate comtoto wap. We collect only the minimum data needed to deliver our service, protect against fraud, and comply with law. Your trust matters — we treat your information with care and transparency.