LEGAL REFERENCE

Your privacy matters to us

At lagunatoto, we're transparent about how we collect, use and protect your personal information. This privacy policy explains what data we gather when you open an account, play...

Data ProtectionSecure PaymentsAccount PrivacyTransparency

View Game Library Read FAQ

Our privacy commitment and scope

lagunatoto operates within supported regions of Indonesia and complies with applicable data protection laws. We collect information necessary to verify your identity, process deposits and withdrawals via DANA, OVO, GoPay and QRIS, and deliver our gaming services. Your data is encrypted and stored securely. We do not sell personal information to third parties. Payment processors handle transaction data independently under their own

privacy terms. This policy covers your interactions across our website, mobile app and lobby. By creating an account, you agree to these practices.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

24/7 SUPPORT

Contact us about your privacy

Email Support Reach our privacy team at [email protected] with questions about your personal data, account access requests or data deletion concerns. We respond within 48 business hours.

Live Chat Open the chat widget in your account dashboard to discuss privacy matters in real time. Our team can guide you through data management options and explain how your information flows.

Account Settings Visit your profile page to review personal details, manage communication preferences and control which data elements are stored. Changes take effect immediately on your account.

REVIEW SIGNALS

Editorial trust and governance

Privacy Officer

A dedicated privacy officer oversees data handling, breach response and policy updates. They ensure lagunatoto aligns with regional data protection standards and your rights as an account holder.

Encryption Standard

We use industry-standard 256-bit SSL encryption for all transmissions involving account credentials, personal data and payment information. Regular security audits verify our infrastructure.

Third-Party Audit

Our payment processors (DANA, OVO, GoPay, QRIS) maintain independent certifications. We audit vendor access logs quarterly to confirm no unauthorized handling of your information.

Data Retention Schedule

We retain account data for the duration of your membership plus 24 months afterward to satisfy regulatory and dispute-resolution obligations. You may request deletion sooner where law permits.

Breach Response Protocol

If unauthorized access affects your data, we notify you within 72 hours with details of what occurred, steps we took and your options. We cover identity monitoring costs where applicable.

Policy Review Cycle

We review this privacy policy annually and after significant platform changes. Material updates are announced in your account inbox 30 days before they take effect.

How our privacy aligns with your expectations

Transparent Data Use	Unlike generic platforms, we spell out exactly why we collect each data point—from account verification to lobby personalization—and never use it for unrelated marketing without your consent.
Payment Privacy	When you deposit via DANA, OVO, GoPay or QRIS, your payment details stay with the processor. lagunatoto receives only confirmation and balance updates, not your card or wallet credentials.
No Data Sharing Sales	We do not monetize your profile by selling data to advertisers, brokers or analytics firms. Your gaming history and preferences remain yours alone within lagunatoto's ecosystem.
Regional Compliance	Our policy reflects Indonesia's data protection environment and supported regions. If you move jurisdictions, we update your data handling to match your new region's laws.
User Control Defaults	You control communication frequency, data visibility to other players and third-party integrations. We default to privacy-first settings; you opt in to extras, not out.
Dispute Access Rights	You may request a copy of all personal data we hold, see how we use it and challenge its accuracy. We fulfill these requests at no cost within 30 days of your written request.
Kids & Account Holders	Our platform is age-restricted. We do not knowingly collect data from minors. If we discover underage account activity, we suspend the account and delete associated personal information.

What shapes our privacy approach

Account Security Layer

Every login is checked against unusual location, device and timing patterns. If we spot anomalies, we send a verification code to your registered email or phone before granting access.

Session Management

Your lobby session times out after 15 minutes of inactivity. You control how long login tokens persist. Each logout clears session memory from our servers within seconds.

Game Play Logging

We record spins, bets and outcomes purely to settle disputes, detect fraud and honor your payout requests. Logs are encrypted and accessible only to our compliance team when investigating claims.

Cookie & Tracking

We use cookies to remember your language, lobby preferences and login status. No tracking cookies follow you off-site. You can disable all cookies in your browser; the lobby will still load.

Marketing Consent

We ask permission before sending promotional emails or push notifications. Unsubscribe links appear in every message. Your choice updates instantly; no delay between opting out and delivery stop.

Data Portability

Request your account history in CSV or JSON format. We include all personal details, deposits, game records and communications. Export arrives within 5 business days to your registered email.

Privacy questions we hear often

We collect your name, email, phone number, date of birth and address to verify your identity and comply with local gaming regulations. We also gather IP address, browser type and device model for security purposes. Payment details are handled by DANA, OVO, GoPay or QRIS—we see only transaction confirmations, not card numbers or wallet credentials.

We encrypt all data in transit using 256-bit SSL and apply two-factor authentication when you log in from new devices. Our servers run behind firewalls with intrusion detection. We monitor login patterns 24/7 and lock accounts if we spot unusual activity. You receive a verification email before access is restored.

Yes. Request deletion through your account settings or email [email protected]. We delete personal information within 30 days, except data required by law (identity verification records, transaction history for disputes). After your account closes, we retain anonymized session logs for 24 months, then purge all traces.

We share minimal data with payment processors (DANA, OVO, GoPay, QRIS) to complete deposits and withdrawals. We do not sell data to advertisers or brokers. We may disclose information to regulators or law enforcement when legally required. All third-party vendors sign strict confidentiality agreements.

We notify you within 72 hours of any unauthorized access affecting your information. The notification includes what data was exposed, steps we took to secure it and your options (password reset, account freeze, identity monitoring). We cover monitoring costs where applicable and document all breach details for authorities.

Active account data is retained for as long as your account exists. After closure, we keep personal details and transaction history for 24 months to resolve disputes and meet tax obligations. Game logs (spins, bets, outcomes) are purged after 12 months. You may request earlier deletion except where law requires retention.

Absolutely. Unsubscribe links appear in every promotional email. You can also toggle marketing preferences in your account settings—changes take effect immediately. We do not send unsolicited messages after you opt out. Transactional emails (login alerts, deposit confirmations, withdrawal updates) cannot be disabled as they serve your account security.