LEGAL REFERENCE

How vicitoto Handles Your Account Data

This is the privacy policy for vicitoto, written for you in plain language. We explain what we collect when you open an account, how we store it, and...

Plain-language policyIndonesia-focusedAccount data onlyUpdated regularlyYour choices kept
Enter Game Lobby Read FAQ
vicitoto How vicitoto Handles Your Account Data

Our Privacy Posture and Your Rights

We collect the details you give us at sign-up — your name, contact, date of birth and the e-wallet handle you fund with — plus session data your browser shares automatically. Where local law permits, we keep this for as long as your account stays open and for the retention windows our payment partners require. You can ask us to correct, export

or close your record at any time, and we will respond inside the supported regions' statutory windows. Third-party processors only see the slice of data they need to clear a deposit or verify a login. We do not sell your information, and we do not pass it to advertisers outside our brand.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

HELP CHANNELS

Privacy Contact Paths

Privacy Inbox Email our privacy desk directly when you want a copy of your record, a correction, or a full account closure. We acknowledge inside one business day and resolve within the statutory window.
Live Chat Open the chat bubble in the lobby and ask for the privacy team. The agent will route your request to the right reviewer and log a ticket reference you can quote later.
Written Request Prefer paper? Send a signed letter to our registered address with your account ID. We treat postal privacy requests with the same urgency as email and reply through your chosen channel.
TRUST MARKERS

How We Review This Policy

Legal Sign-Off

Every revision passes our retained Indonesian counsel before it goes live. They check wording against current data-protection statutes and flag anything that could mislead you about how your account record is held.

Quarterly Refresh

We re-read this page four times a year, even when nothing has changed, so the date stamp you see at the foot reflects a genuine review and not a forgotten draft from last season.

Named Owner

Our data protection lead owns this document personally. One human, one inbox, one signature on the audit trail — not a rotating team that lets accountability slip between desks.

Processor Audits

Payment partners handling DANA, OVO, GoPay and QRIS pass an annual security review before they touch your data. We drop any vendor that cannot show current certification.

Breach Protocol

If something goes wrong, we tell you. Our notification chain reaches affected account holders within 72 hours, with a clear note on what happened and what we have already done about it.

Plain Language

We write in the same voice you hear across the lobby. No buried clauses, no font tricks, no twelve-page appendices designed to wear you down before you reach the part that matters.

Consistency Across Our Policy Pages

Same DefinitionsThe terms used here — account data, session data, processor — match exactly what you read on our terms page and cookie page. One glossary across the brand.
Same Retention LogicWhether you read about deposits, withdrawals or marketing preferences, the retention windows quoted line up. We do not say 12 months in one place and 24 in another.
Same Contact DeskPrivacy questions, terms questions and complaints all reach the same compliance inbox. You never get bounced between addresses to chase a single answer.
Same Update CadenceOur cookie notice, terms and this privacy page move together on the quarterly review cycle so the dates at the foot of each document stay aligned.
Same Jurisdiction WordingWhere this page says supported regions, the terms page uses the identical phrase. No subtle drift that could confuse you about where the brand actually operates.
Same Rights LanguageAccess, correction, export, closure — listed the same way and in the same order on every legal page so you can scan once and recognise the pattern.
Same VoiceYou hear vicitoto speaking, not a pasted template. The tone of this policy matches the lobby copy you already know.
QUICK SIGNAL

What This Policy Page Includes

01
Clear Section Headers Every part of the policy carries a header you can jump to from the top of the page. Scan, find the bit you care about, read that paragraph and move on without scrolling the whole document.
02
Last-Updated Stamp At the foot of the page sits the date of the most recent review. If the stamp is older than three months, our quarterly cycle is overdue and you should ping the privacy desk.
03
Inline Definitions Where a term could be read two ways, we define it on the spot rather than sending you to a glossary. Account data, processor and session log are explained where they first appear.
04
Rights Checklist A short, scannable block lists the five rights you keep over your record so you can confirm at a glance what you are entitled to ask us for.
05
Contact Block The privacy inbox, chat route and postal address sit together near the foot of the page. One place to look when you decide to act on something you have just read.
06
Version History We keep prior versions of this policy on file. Ask the privacy desk and we will send you the wording that was live on any given date during your account's lifetime.

Privacy Questions You Might Have

Your name, date of birth, contact details, the e-wallet handle you fund with, and a session log of your logins. We hold nothing beyond what the account flow and supported-region rules require.

Yes. Email the privacy inbox from the address tied to your account and we will send you a structured export inside the statutory window. There is no charge for the first request in any year.

Retention runs as long as Indonesian financial and gaming rules require us to evidence prior activity. Once that window expires, your record is purged from active systems and from processor backups on their next cycle.

No. Your data stays inside our brand and the payment processors clearing your DANA, OVO, GoPay or QRIS movement. We do not sell mailing lists and we do not feed external ad networks.

Material changes trigger an in-lobby notice the next time you sign in, plus an email to the address on file. Minor wording fixes are logged in version history without a separate alert.

Our named data protection lead reviews every complaint personally, with our retained counsel looped in when the question touches statute. You get a written reply, not a templated auto-response, inside the response window.

Absolutely. Toggle marketing off in your account preferences and we stop sending promotional mail immediately. Service messages tied to deposits, withdrawals and security stay on because they are not marketing.