yamitoto Platform Privacy Notice

This page describes what we collect when you use yamitoto and how we keep that data protected. We at yamitoto understand that your personal information is sensitive. When you register an account, deposit funds via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer (mobile banking, local payment, online payment, e-wallet), or place a bet on Liga 1, Piala AFF, or any other market on our platform, we collect and process specific data to operate our service securely and comply with applicable law.

Our commitment is to be transparent about what we collect, how we use it, and who we share it with. We encrypt sensitive data, limit access to authorised personnel, and retain information only as long as necessary. You have rights over your data: you can request to access it, correct it, or delete it, subject to legal obligations we may have to retain certain records.

We operate yamitoto in jurisdictions where online gaming is permitted by local law. Your data may be stored on servers located outside your country. By using yamitoto, you consent to this cross-border data transfer.

Data We Collect on yamitoto

We collect data in several categories. First, account information: your full legal name, email address, phone number, and date of birth. This is mandatory to create a yamitoto account and verify your identity during Know Your Customer (KYC) verification.

Second, identity documents: we require a government-issued ID (passport, national identity card, or driver's license) and proof of address (a utility bill or bank statement dated within three months). We store scanned copies of these documents encrypted on our servers. This is a regulatory requirement to comply with anti-money-laundering (AML) law across jurisdictions where yamitoto operates.

Third, payment information: when you deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or direct bank transfer, we record the transaction—amount, method, date, and time. We do not store your actual wallet passwords or bank credentials. Instead, we use tokenisation: payment processors issue us a secure token that allows us to process transactions without retaining sensitive banking data.

Fourth, activity logs: we record your bets, casino plays, deposits, and withdrawals. We log your IP address, device type, browser type, and geolocation (at country and city level). This helps us detect fraudulent activity and understand how users interact with yamitoto's products.

Geolocation and jurisdiction verification

We use geolocation data to verify that you are accessing yamitoto from a jurisdiction where our services are legal. If we detect access from a restricted region, we may temporarily suspend your account pending clarification.

How We Use Your Data on yamitoto

We use your data for several purposes. Account operation: we need your name, email, and phone to manage your account, send you important notices, and process your requests for password resets or account recovery.

Verification and compliance: we use your identity documents and address proof to verify your identity and comply with AML regulations. We are legally required to confirm that you are not on international sanctions lists and that you are a real person eligible to use yamitoto.

Payment processing: we use your deposit and withdrawal records to process transactions, prevent fraud, and reconcile your account balance. Payment processors and banks that handle your mobile banking, local payment, online payment, or e-wallet / mobile banking / local payment / online payment transfers also receive transaction data as needed to complete transfers.

Fraud detection and security: we monitor your activity logs (IP addresses, geolocation, betting patterns) to detect suspicious behaviour such as account takeover, bonus abuse, or prohibited conduct. If we identify risks, we may restrict your account pending investigation.

Note: We do not use your data to profile you for marketing purposes or to build personal psychological profiles. We do not sell your data to advertisers.

Third-Party Processors and Data Sharing on yamitoto

We share your data with essential service providers. Payment processors: e-wallet, mobile banking, local payment, online payment, e-wallet, and mobile banking providers receive your transaction details to process deposits and withdrawals. Banks (local payment, online payment, e-wallet, mobile banking) receive transfer requests with your account information.

Verification services: we may share your identity documents with third-party identity verification providers to confirm your legitimacy. These providers are contractually bound to protect your data and use it only for verification purposes.

Compliance and authorities: if required by law, we may disclose your information to government agencies, law enforcement, or financial regulators. Such disclosure is rare and occurs only under legal compulsion or genuine suspicion of unlawful activity.

We do not share your data with unaffiliated marketers, data brokers, or social media platforms. We do not sell your personal information.

Data Security and Storage on yamitoto

We encrypt all personal data at rest on our servers using industry-standard encryption (AES-256). All data transmitted between your device and yamitoto's infrastructure is encrypted in transit using TLS (Transport Layer Security). Access to your data is restricted to authorised yamitoto staff who have signed confidentiality agreements.

Our servers may be located in jurisdictions outside Indonesia, including the European Union, United States, or Southeast Asia. By using yamitoto, you consent to this cross-border transfer and storage. We select data centres with robust security certifications and regular security audits.

We retain your personal data for as long as your account is active plus a retention period of typically five to seven years for regulatory and tax compliance. After this period, we securely delete or anonymise your data, except where we are legally required to retain it longer.

Your Rights Regarding Data on yamitoto

You have the right to access your personal data. Contact our support team to request a copy of all data we hold about you. We will provide this within 30 days of your request.

You have the right to correct inaccurate data. If your name, email, or address has changed, update it in your account settings or contact support.

You have the right to delete your data, subject to exceptions. If you request account deletion, we will erase most of your personal information. However, we may retain transaction records and identity documents as required by law for anti-money-laundering and tax compliance.

You have the right to object to processing. If we use your data in a way you believe is unfair, you can object, and we will review your complaint.

  1. Contact our support team

    Use live chat, email, or in-app help to request data access or deletion.

  2. Provide identification

    We verify your identity before processing data requests for security.

  3. Receive your data

    We provide a copy within 30 days, or explain if legal exceptions apply.

Cookies and Tracking Technologies on yamitoto

We use cookies and similar technologies (pixels, local storage) to improve your experience on yamitoto. Session cookies store your login state so you remain authenticated while browsing. Analytics cookies help us understand which products (Liga 1 betting, live blackjack, slots like Aviator or Sweet Bonanza) users engage with most.

We do not use third-party advertising cookies or sell your browsing behaviour to advertisers. Most cookies expire when you close your browser; persistent cookies (used for login convenience) expire after 30 days of inactivity.

You can disable cookies in your browser settings. However, some yamitoto features may not work properly if cookies are disabled.

Contact Us About Privacy on yamitoto

If you have questions about our privacy practices or wish to exercise your data rights, contact our support team via live chat, email, or in-app help ticket. Our team operates across Indonesian cities—Jakarta, Surabaya, Bandung, Medan—with English and Bahasa Indonesia support.

If you believe we have violated your privacy rights or mishandled your data, you have the right to lodge a complaint with your local data protection authority (in Indonesia, Otoritas Jasa Keuangan / OJK or relevant privacy regulators).

Updates to This Privacy Policy

We may update this privacy policy to reflect changes in our practices, legal requirements, or technology. When we make material changes, we will notify you via email or in-app message. Your continued use of yamitoto after notification constitutes acceptance of updated terms. We encourage you to review this policy periodically.

Summary of Our Privacy Commitment

We at yamitoto are committed to protecting your personal data. We collect only what is necessary, use it only for lawful purposes, encrypt it securely, and limit access to authorised staff. We do not sell your data to marketers. You have transparent access to your information and rights to correct, access, or delete it subject to legal obligations.

Our services are available only where local law permits. If you have any privacy concerns or questions, our support team is available to assist you.

Related guides

Legal
Terms & Conditions
8-min read
Legal
Legal Notice
4-min read
Support
Account Security Guide
5-min read