LEGAL REFERENCE

Your Data. Your Control. Our Commitment.

Q: Can I download or delete my personal data?

Yes. Email support@barcatoto.app with a data download or deletion request. We'll verify your identity and provide your data within 14 days, or confirm deletion within 30 days. Some records may be retained for legal compliance.

We handle your account details, payment history and personal information with the same care you'd expect from a platform built for Indonesia. This policy explains exactly what we...

Data SecurityPayment PrivacyAccount ProtectionTransparencyYour Rights

Browse the Lobby Read FAQ

Privacy Policy Overview

barcatoto collects personal information—your name, email, phone number, and payment details—only to set up your account, process transactions via DANA, OVO, GoPay and QRIS, and keep your account secure. We do not sell your data to third parties. Your information stays within our platform and trusted payment partners in supported Indonesian regions. We comply with local data protection standards and review this

policy regularly to reflect changes in how we operate.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

HELP CHANNELS

Questions About Your Privacy

REVIEW SIGNALS

How We Protect Your Trust

Encryption Standard

All data transmitted between your device and our servers uses industry-standard TLS encryption. Payment details are never stored in plain text on our systems.

Payment Partner Vetting

DANA, OVO, GoPay and QRIS integrations are audited annually. Each partner maintains separate security certifications and fraud-detection protocols.

Access Controls

Only authorised staff can view account data, and only when needed to resolve your support request or investigate suspicious activity on your behalf.

Audit Logs

We maintain detailed logs of who accessed your account, when, and why. You can request a copy of these logs from our support team.

Breach Response

If we detect unauthorised access to your account or payment data, we notify you within 24 hours and provide guidance on securing your account.

Policy Review Cycle

We review this privacy policy every six months and update it when our data practices change. You'll see the revision date at the bottom of this page.

Consistency Across Our Platform

Web & Mobile

Your privacy protections are identical whether you access barcatoto on desktop or mobile. The same encryption and access controls apply everywhere.

Live Casino & Slots

Data collection rules don't change between our live dealer tables and slot lobbies. Both use the same secure infrastructure and payment safeguards.

Sportsbook Markets

Your betting history and account balance are protected under the same privacy standards as your casino activity. No separate data silos.

Account Linking

If you link multiple payment methods—DANA, OVO, GoPay or QRIS—each connection is encrypted separately and stored with the same security level.

Promotional Data

When you opt into our weekly promo updates, that preference is stored securely and never shared with external marketing partners.

Support Interactions

Chat logs, email threads and support tickets are encrypted and retained only as long as needed to resolve your issue or comply with local law.

Dispute Resolution

If you file a dispute about a transaction, we keep the related account data for 90 days after resolution, then securely delete it.

What Defines Our Privacy Approach

Minimal Collection

We ask only for information needed to verify your identity, process your payments and keep your account safe. No unnecessary fields or hidden data requests.

Local Compliance

Our data handling follows Indonesian standards for personal information protection. We store account data on servers within supported regions where legally required.

Payment Isolation

Your DANA, OVO, GoPay and QRIS credentials are never stored on our servers. Payment processing happens directly with each provider's secure gateway.

Opt-In Communication

You control whether we send you promotional emails, SMS updates or in-app notifications. Change your preferences anytime from your account settings.

Third-Party Limits

We share your data only with payment processors, fraud-detection services and legal authorities when required by law. No data brokers or ad networks.

Retention Clarity

Account data is kept for as long as your account is active. After closure, we retain records for 12 months to comply with financial regulations, then delete them.

Privacy Questions Answered

We collect your name, email, phone number, date of birth for age verification, and payment details linked to DANA, OVO, GoPay or QRIS. We also log your IP address and device type for security purposes. No additional data is requested unless you contact support.

Payment details are encrypted end-to-end and processed directly by DANA, OVO, GoPay or QRIS. We never store your card numbers or e-wallet credentials on our servers. All transactions are logged securely for your records and dispute resolution.

Yes. Email [email protected] with a data download or deletion request. We'll verify your identity and provide your data within 14 days, or confirm deletion within 30 days. Some records may be retained for legal compliance.

We share data only with payment processors, fraud-detection partners and legal authorities when required by law. We do not sell your information to advertisers, data brokers or marketing firms. Your data stays within our ecosystem.

Active account data is retained while your account is open. After closure, we keep records for 12 months to comply with Indonesian financial regulations, then securely delete them. Support tickets are retained for 90 days after resolution.

We notify you within 24 hours via email and SMS. We'll explain what data was affected, steps we've taken to secure your account, and actions you should take. We also report the breach to relevant authorities as required by law.

Yes. Unsubscribe from emails, SMS or in-app notifications anytime from your account settings. You'll still receive transactional messages about your account, withdrawals and support responses, which cannot be disabled.