sapitoto Platform Privacy Notice
This page describes what we collect when you use sapitoto and how we keep that data protected. We take your privacy seriously and operate under clear principles: we collect only the information necessary to run our platform, we do not sell your data to third parties, and we give you control over your account and personal details.
Our platform operates in supported jurisdictions where local law permits. When you create an account on sapitoto, we gather details required for account verification, payment processing, and fraud prevention. We also track your gameplay and transactions for compliance with our own policies and applicable regulations.
This policy applies to all users of sapitoto across our website, mobile app, and any connected services. If you have questions about how we handle your data, this page covers our practices in detail.
What Data We Collect on sapitoto
We collect information in several categories. First, account registration: we ask for your name, email address, date of birth, phone number, and residential address. This information is required for account creation and identity verification. Second, payment information: when you deposit via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer, we receive transaction records that include the amount, timestamp, and payment method identifier — but not your full banking credentials. Those are processed directly by the payment provider, not stored on sapitoto servers.
Third, gameplay data: we log every action you take on sapitoto — which games you play, bet amounts, results, session duration, and your balance. This data helps us detect fraud, process payouts, and understand how our platform is used. We also collect your IP address, device type, operating system, and browser type for security and technical optimization.
Key takeaways
- We collect account registration data (name, email, address) for verification
- Payment information comes from your chosen provider, not directly from you
- We log all gameplay activity and balance changes for fraud detection and compliance
- We track device and network information to protect your account
- We do not sell your data to advertising or marketing companies
Fourth, communications data: if you contact our support team via email or chat, we keep records of those conversations. This helps us resolve issues and improve our customer service. Fifth, cookies and tracking: when you visit sapitoto, our servers place cookies on your device. These cookies store your session ID (so you stay logged in), your language preference, and usage statistics. We do not use cookies for behavioral advertising or third-party tracking.
We may also receive data from third parties. If you sign up using a social login (where available), the provider shares basic profile information with us. If you participate in promotional campaigns, we may receive referral data from the referring user's account. Payment processors send us transaction confirmations and fraud alerts.
Our sapitoto Data Practices and Your Rights
We store your data on servers located outside your jurisdiction — primarily in data centres in Southeast Asia and Europe. These servers meet industry security standards including encryption, firewalls, and access controls. We do not share your personal information with third parties for marketing, advertising, or unrelated business purposes.
We do share data when legally required — for example, if a court order demands account information, or if we detect fraud that requires reporting to authorities. We also share limited data with payment processors and fraud-detection services to complete transactions and prevent abuse. These third parties are bound by confidentiality agreements.
Your rights on sapitoto are straightforward. You can request a copy of all personal data we hold about you. You can update your account details (name, email, address, phone) in your account settings. You can request deletion of your account, though we may retain transaction records as required by law. You can withdraw consent from marketing communications if we ever send them. To exercise any of these rights, contact our support team.
We retain your data for as long as your account is active, plus a period afterward to comply with anti-money-laundering and fraud-prevention regulations. After that retention period, we delete or anonymize your information. Transaction records may be kept longer if required by law.
Our sapitoto platform uses industry-standard security practices. Your password is hashed (not stored in plain text), and sensitive communications use encryption. We monitor accounts for suspicious activity — unusual login locations, rapid withdrawal requests, or large balance changes — and flag these for review. If we detect a potential breach, we notify affected users without unreasonable delay.
If you have privacy concerns or wish to report a data misuse incident, you can contact sapitoto support directly. We take all reports seriously and investigate within our capability. For users in jurisdictions with data protection authorities (such as Indonesia's Office of the Commissioner for Personal Data Protection), you have the right to lodge a complaint with that authority if you believe we have violated your privacy rights.
This privacy policy may change if our practices evolve or if law changes. We will notify you of material updates by posting a revised version on this page and updating the effective date. Your continued use of sapitoto after such changes constitutes acceptance of the updated policy.