jastotoPrivacy Policy

This page describes what we collect when you use jastoto and how we keep that data protected. We are committed to transparency about our data practices. When you register an account, deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer, or participate in football betting, esports markets, or slot gaming, we collect and process information to verify your identity, process payments, and deliver our service.

We at jastoto comply with Indonesian data-protection standards and safeguard your personal information with industry-standard encryption and access controls. Your data is used only for account administration, payment processing, fraud prevention, and regulatory compliance. We do not sell your information to third parties, and we share it only with payment processors and service providers bound by confidentiality agreements.

The sections below explain in detail what information we collect, how we use it, who may access it, your rights, and how to contact us if you have questions or wish to request access to your data.

Information We Collect on jastoto

We collect several categories of information to operate our jastoto platform responsibly and securely.

Account Registration Data

When you create a jastoto account, we collect your email address, phone number, and a password you choose. We use your email and phone for account notifications, password recovery, and two-factor authentication. Your password is hashed and salted using cryptographic algorithms; we never store it in plain text and cannot recover it for you—if you forget your password, you will need to reset it via the jastoto website or app.

Identity Verification (KYC)

Before you can deposit or withdraw on jastoto, we require identity verification. You must upload a copy of a valid ID document (KTP, passport, or driving licence) and a selfie holding that document. We process and store these documents securely to comply with Indonesian financial regulations and prevent fraud, money laundering, and underage access. Your identity documents are encrypted and stored separately from your account profile, accessible only to authorised jastoto team members for verification purposes.

Payment Information

When you deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or direct bank transfer (mobile banking, local payment, online payment, e-wallet), we collect transaction data: the amount, date, time, and payment method used. We do not store your full e-wallet credentials, card numbers, or bank account numbers on jastoto servers. Payment processing is handled by third-party payment gateways (Midtrans, Doku, or similar providers) that comply with PCI DSS and other security standards. We receive only confirmation that a payment succeeded or failed, along with a transaction reference number.

Betting and Gaming Activity

We record all bets placed on football matches (Liga 1, Piala Indonesia, Champions League, Premier League), esports markets (Mobile Legends, Free Fire, PUBG Mobile), and slot game activity. This includes bet amount, odds, match or game details, outcome, settlement status, and timestamp. We use this data to calculate your account balance, resolve disputes, detect irregular patterns, and comply with regulatory reporting requirements.

Technical and Usage Data

We collect IP address, device type (Android, iOS, desktop), operating system version, app version, browser type, and pages accessed within jastoto. This helps us diagnose technical issues, optimise performance, and prevent fraud. We use cookies and similar tracking technologies to maintain your session, remember preferences, and analyse user behaviour on an aggregate level—never to identify you personally without consent.

Communication Data

If you contact our support team via live chat, email, or phone, we store a record of your inquiry, our response, and any personal information you share during the conversation. We use this data to resolve your issue, maintain support quality, and train our team.

How We Use Your Data

We at jastoto use your information for the following purposes:

• Account Management: Creating and maintaining your jastoto account, verifying your identity (KYC), processing password resets, and enabling two-factor authentication.
• Payment Processing: Handling deposits and withdrawals through our payment-processor partners; confirming transactions; and investigating failed payments or fraud.
• Game Settlement: Calculating bet and game outcomes, determining winnings or losses, and updating your account balance automatically.
• Fraud and Compliance: Detecting unusual account behaviour, preventing money laundering, complying with anti-terrorism financing laws, and responding to legal requests from Indonesian authorities.
• Service Improvement: Analysing how users interact with jastoto to improve game offerings, payment options, and customer support.
• Communications: Sending account notifications, payment confirmations, support responses, and (if you have opted in) promotional messages about new games or betting markets.

Third-Party Processors and Data Sharing

We do not sell your personal data to third parties for marketing or any other purpose. However, we share certain information with trusted partners to operate jastoto:

• Payment Gateways: We share transaction details with payment processors (e.g., Midtrans, Doku) to process deposits and withdrawals. These partners comply with PCI DSS and local data-protection laws.
• Verification Providers: We may use third-party KYC services to verify your identity documents. These providers are bound by strict confidentiality agreements.
• Cloud Infrastructure: Our servers may be hosted on international cloud platforms (e.g., AWS, Google Cloud). Your data is encrypted in transit and at rest; we ensure all processors comply with data-residency requirements where applicable.
• Legal and Regulatory: If required by Indonesian law or court order, we will disclose information to law-enforcement agencies, tax authorities, or financial-crime investigators.

Your Rights and Data Access

You have the right to access, correct, or request deletion of your personal data held on jastoto, subject to legal and operational constraints. To exercise these rights, contact our support team via email, live chat, or phone. We will verify your identity and respond within a standard processing window—typically 14–30 days for complex requests.

If you wish to delete your jastoto account and all associated data, we can do so, provided you have no outstanding bets, pending withdrawals, or regulatory holds. Historical transaction records may be retained for accounting and compliance purposes as required by Indonesian law.

Cookies and Tracking Technologies

Our jastoto platform uses cookies to maintain your login session, remember your preferences, and track usage patterns for performance optimisation. Cookies are small text files stored on your device. Essential cookies are necessary for jastoto to function; you cannot opt out of these. Analytics cookies help us understand how users interact with our platform; you may disable these through your browser settings (though this may degrade your experience).

Third-party services (payment gateways, cloud providers) may set their own cookies. We encourage you to review their privacy policies. You can clear cookies from your browser at any time; you will be logged out of jastoto and will need to log back in.

Data Retention

We retain account data (email, phone, hashed password) for as long as your jastoto account is active. After you close your account, we retain identifying and transaction data for up to five years to comply with Indonesian tax and anti-money-laundering requirements. Personal documents (ID scans, selfies) are securely deleted after account closure, unless we are required to retain them by law.

Security Measures

We at jastoto implement industry-standard security to protect your data. All sensitive information is encrypted using TLS 1.2 or higher during transmission and AES-256 encryption at rest. We use secure password-hashing algorithms, multi-factor authentication options, and access controls limiting employee access to personal data on a need-to-know basis. Our systems undergo periodic security audits and vulnerability assessments.

However, no online service is non-specific info secure. If you suspect unauthorised access to your jastoto account, change your password immediately and contact our support team. We will investigate and, if necessary, reset your account security settings.

Contact Us About Privacy

If you have questions about this privacy policy, wish to access your data, or believe we have mishandled your information, please contact us:

• Email: [email protected]
• Live Chat: Available in the jastoto app and website during support hours
• Phone: Contact details available through the jastoto support section
• Mailing Address: Our registered office is located in Jakarta and handles privacy inquiries during business hours

We will respond to privacy inquiries within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Indonesian Ministry of Communication and Information Technology (Kominfo) or other relevant regulatory bodies.

This privacy policy was last updated in 2026. We may modify this policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes via email or through a prominent notice on the jastoto platform. Your continued use of jastoto after such changes constitutes your acceptance of the updated policy.