Terms of Service
Account rules referenced in the terms point back to the same retention periods and contact channels named here, so the two documents read as one coherent posture.
LEGAL REFERENCE
How totosakti Handles Your Account Data
This is the privacy policy for totosakti. We wrote it for you in plain language so you can see exactly what we collect when you open an account...
Plain-language policyIndonesia-awareAccount data onlyUpdated regularlyReader-first wording
Our Privacy Posture and Your Rights
We collect what we need to run your account: your name, contact handle, device fingerprint, and the payment references you choose at the cashier. Where local law permits, we hold transaction logs for the period required by Indonesian financial rules, then we let them expire. You can ask us to export your record, correct a field, or close the account entirely —
we action requests inside the windows the policy commits to. Marketing contact is opt-in only; switching it off does not affect lobby access. We do not sell your data to third-party advertisers, and any processor we share with (payment rails, fraud screening, hosting) is bound by contract to the same limits we apply ourselves in supported regions.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
SUPPORT
Reach Our Privacy Desk
If anything in this policy needs clarifying, our privacy desk is reachable through the same channels as account support — staffed by humans who can read your record and act on it.
Privacy Email
Write to our data-protection inbox with your account handle and the request type. We confirm receipt the same day and resolve standard export or deletion requests within the policy window.
In-Lobby Chat
Open the chat bubble inside your account and ask for the privacy team. The agent routes you straight to a reviewer who can read your data record and answer policy-specific questions on the spot.
Postal Channel
For formal notices we accept registered post to our listed Indonesia correspondence address. Include your account handle so we can match the letter to your record and respond inside thirty days.
WHY THIS PLATFORM
Why You Can Rely on This Policy
This page is reviewed on a fixed cadence so it never falls behind the way we actually run accounts.
Reviewed Quarterly
Our compliance team re-reads this policy every quarter against the live account flow, the cashier, and the marketing console, so...
Authored In-House
The policy is written by the team that owns the account database, not outsourced. If a clause says we delete...
Versioned Publicly
Each revision carries a date stamp at the foot of the page and a short note on what changed, so...
Indonesia-Aligned
Wording follows Indonesian data-handling expectations and references the retention periods local financial supervisors expect from a cashier that touches DANA...
Processor Audited
Every external processor we name — hosting, fraud screening, payment routing — sits under a written agreement we audit annually...
Plain-Language Pledge
We avoid legalese where we can. If a clause genuinely needs a defined term, we define it in the same...
SIDE BY SIDE
Consistency Across Our Policy Pages
This privacy policy lines up with the other legal pages on totosakti so nothing contradicts.
Cookie Notice
The cookie notice describes the browser-side trackers; this policy describes the server-side record. Together they cover the full data picture without overlap or gaps.
Cashier Disclosures
Payment-page disclosures about DANA, OVO, GoPay and QRIS handling repeat the processor list named in this policy, with the same retention windows and the same opt-out path.
Marketing Preferences
The marketing toggle inside your account uses the exact opt-in definition from this page, so flipping it off here removes you from every channel referenced.
Account Closure
Closure flow honours the deletion timelines stated here. Once you confirm closure, the same windows apply whether you triggered it from the app, chat or email.
Data Export
The export bundle you can request matches the field list disclosed in this policy — no hidden columns, no missing rows, structured the way the policy describes.
Incident Notice
If we ever need to send a breach notice, the contact route, timeline and content follow the commitments in this policy rather than a separate ad-hoc process.
QUICK SIGNAL
What Shapes This Policy Page
A few visible elements define how this policy reads on screen — they are here to make the document usable, not decorative.
01
Section Anchors
Sticky anchors on the side let you jump to retention, processor list, your rights, or the contact desk without scrolling the whole page, which matters on a phone screen.
02
Date Stamp
A clear last-updated date sits at the foot of the page beside a short changelog line, so you always know which version of the policy you are currently reading.
03
Plain-English Summary
A short summary box at the head of each clause restates the legal language in one sentence, helping you scan the policy quickly before reading the full paragraph.
04
Definitions Inline
Defined terms are styled inline rather than dumped in a glossary, so the meaning of words like processor or retention sits right next to the clause that uses them.
05
Contact Block
A persistent contact block on the right rail repeats the privacy desk channels, so you never have to scroll back to the support section to find where to write.
06
Mobile Reflow
On phones the policy reflows into a single column with collapsible clauses, keeping the document readable without horizontal scrolling or pinch-zooming.
Privacy Questions You May Have
We collect your account handle, contact channel, device fingerprint and the payment references you pick at the cashier. We do not collect data we do not need to run the lobby and your account record.
Active records stay while your account is open. After closure we hold transaction logs for the period Indonesian financial rules require, then the record expires automatically through our scheduled deletion script.
Yes. Open a request through the privacy desk with your account handle. Standard exports return inside the window stated in the policy, and confirmed deletion requests run on the same schedule.
Only with named processors — hosting, fraud screening and payment routing for DANA, OVO, GoPay and QRIS. Each one is bound by a written agreement that mirrors the limits we set in this policy.
Flip the marketing toggle off inside your account preferences. The change takes effect immediately across email and chat channels and does not affect your ability to log in or use the lobby.
We update the date stamp at the foot of the page and post a short changelog line. Material changes also trigger a notice inside your account before the new version takes effect.
Use the privacy email for everyday requests, or the registered postal address for formal legal notices. Always include your account handle so we can match the request to your record quickly.