nasatoto Casino & Sportsbook Data Care

This page describes what we collect when you use nasatoto and how we keep that data protected. We collect minimal personal information—only what is necessary to verify your identity, process your deposits and withdrawals, and comply with anti-money-laundering regulations. We store payment data separately from account data, encrypt sensitive information, and do not sell your personal information to third parties.

Our privacy practices reflect our commitment to transparency. We explain plainly what we collect, why we collect it, who can access it, and how long we retain it. If any aspect of our data handling is unclear, our support team can answer your questions in detail.

By using nasatoto, you consent to the data-collection and storage practices described on this page. If you do not agree with our practices, you have the right to request account closure and data deletion (subject to regulatory retention periods).

What We Collect When You Use nasatoto

We collect data in three categories: account registration, identity verification, and transaction history. During registration on nasatoto, we ask for your email address, a password of your choice, full name, and date of birth. This information is stored in our account database and used to log you in, recover your password if you forget it, and identify you uniquely on our platform.

For identity verification (KYC), we collect a government ID number, ID scan or photograph, proof of address (utility bill or bank statement), and in some cases, a selfie to confirm you match your ID photograph. We store these documents securely and do not share them with external parties. We retain KYC documents for seven years to comply with anti-money-laundering regulations; after that period, we delete them. Our servers may sit outside your jurisdiction (for example, in Singapore or Australia), but your data is encrypted during transmission and at rest.

Account data
Email, password hash, name, date of birth, account creation date, security settings (2FA status), language preference.
Payment data
Bank account numbers, e-wallet IDs, transaction history, withdrawal requests, stored on isolated, encrypted servers separate from account data.
KYC documents
Government ID, address proof, identity photographs, stored encrypted and accessible only to our compliance team for verification purposes.
Session data
Login timestamps, device information, IP address, browser type, geographic location (derived from IP), used to detect fraud and unauthorised access.

When you transact on nasatoto, we record the date, time, amount, payment method (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet), and transaction status (pending, approved, declined, completed). This history is visible in your account dashboard and is used for reconciliation, dispute resolution, and regulatory reporting. We do not store your full payment credentials (e.g., we do not store your e-wallet PIN or bank password)—payment processing is handled by our licensed payment processors.

How We Use Your Data on nasatoto

We use account data to provide our service: logging you in, processing deposits and withdrawals, sending account notifications, and resolving disputes. We use KYC data to verify your identity and comply with regulatory requirements. We use transaction history to monitor for suspicious activity, detect fraud, and provide you with accurate account statements. We use session data (IP address, device type, login patterns) to protect your account from unauthorised access and identify when login attempts come from unusual locations or devices.

We do not use your data for marketing without your explicit consent. We may send you transactional emails (deposit confirmations, withdrawal updates, password resets) without asking, but we will not send promotional emails unless you opt in. You can manage email preferences in your account settings on nasatoto or request to be unsubscribed from any future communications.

Third-Party Processors and Data Sharing

We work with third-party processors to deliver our service: payment gateways (to process mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, and bank virtual-account transfers), cloud hosting providers (for server infrastructure and backup), and compliance vendors (for identity verification and anti-money-laundering screening). These processors have access only to data necessary to perform their function. We do not sell your data to advertisers, brokers, or other commercial entities.

We undertake to keep your personal information secure, compartmentalised, and used only for purposes stated in this policy.

nasatoto data commitment

All third-party processors on our nasatoto chain sign data-processing agreements that bind them to the same confidentiality and security standards we uphold. If a processor experiences a data breach, we notify affected users within the timeframe required by law. We review processor security annually and have the right to audit their practices.

Your Rights and Data Retention on nasatoto

You have the right to access your personal data on nasatoto at any time. Log into your account and your profile displays your registered email, name, date of birth, and transaction history. If you need a copy of all data we hold about you (including KYC documents and server logs), contact our support team and we will provide it within 30 days. This right is called data portability.

You have the right to correct inaccurate data. If your registered name or address is wrong, you can update it in your account settings on nasatoto. If your ID information or KYC documents need correction, contact our support team and our compliance staff will guide you through an update process.

You have the right to request deletion of your personal data, subject to regulatory constraints. If you close your account on nasatoto, we delete most of your data immediately: email, password, profile information, session logs. However, we retain transaction history, KYC documents, and account activity logs for seven years to comply with anti-money-laundering regulations. After seven years, we delete all remaining data permanently.

Cookies and Tracking on nasatoto

We use cookies to keep you logged into nasatoto, remember your language preference, and track whether you have already verified your email. These are functional cookies necessary for our platform to work. We do not use cookies for marketing or behavioural tracking. If you disable cookies in your browser, nasatoto will not function properly, and you will need to log in on every page load.

We do not use analytics services like Google Analytics on nasatoto. We track only our own server logs to monitor platform performance and detect abuse. We do not employ third-party pixel tracking, social-media tracking, or retargeting advertising.

Regional Data Compliance on nasatoto

We operate nasatoto in accordance with applicable data-protection laws across the regions we serve: Indonesia, Singapore, and other supported jurisdictions. Our servers may be geographically distributed; your data may be transmitted to or stored outside your home country. By using nasatoto, you consent to this international transfer of data. All transfers are encrypted and comply with data-protection standards.

If you are in a jurisdiction with data-protection regulations (such as GDPR-equivalent laws), we respect those regulations. You have the right to lodge a complaint with your local data-protection authority if you believe we have violated your privacy rights. Our contact information is provided at the end of this policy so you can reach us before escalating to a regulator.

Contact Us About Your Data on nasatoto

If you have questions about how we handle your data, requests to access, correct, or delete your information, or concerns about our privacy practices, contact our support team. We respond to data-subject requests within 30 days. You can reach us through:

  • Support form on nasatoto (available in your account under Help)
  • Email to our support address (listed in the footer of nasatoto)
  • Postal address (provided in our Legal Notice page)

We take all data-subject requests seriously and treat them with confidentiality. Our response will include explanation of how we process your request and, where applicable, a copy of your data or confirmation of deletion.

Policy Updates on nasatoto

We may update this privacy policy to reflect changes in our practices, technology, or applicable law. We will notify you of material changes by email at your registered address on nasatoto or by posting an update notice on our website. Changes take effect 30 days after notification. Your continued use of nasatoto after that date constitutes acceptance of updated terms. If you disagree with changes, you have 30 days to request account closure.

Collect
Email, name, KYC docs
Encrypt
Payment and account data
Retain
Seven years for compliance
Request
Access or delete anytime

We at nasatoto remain committed to safeguarding your privacy. Our data practices are built on transparency—we tell you what we collect, why, and how long we keep it. We do not share your data with third parties for profit. We encrypt sensitive information and compartmentalise access. If you have any remaining questions about our privacy practices, our support team is available to clarify. Your trust is essential to our service, and we treat your data with the care it deserves.