manistoto Casino & Sportsbook Data Care

This page describes what we collect when you use manistoto and how we keep that data protected. We encrypt all sessions using TLS 1.3, store credentials in hashed form, and never share your account details with third parties except as required by law. When you open an account on manistoto, you entrust us with personal and financial information; we take that responsibility seriously and document our practices transparently.

Our data handling follows Indonesian anti-money-laundering regulations and international payment-card standards (PCI DSS). We collect only the information needed to operate manistoto—verify your identity, process deposits and withdrawals, resolve disputes, and prevent fraud. We do not sell your data. We do not track you across unrelated websites. We retain your data only as long as necessary under applicable law.

You have the right to access, correct, and request deletion of your personal data. You can exercise these rights by contacting our support team or using the data-access form on your manistoto account dashboard.

What Data We Collect on manistoto

We collect your email address, password (hashed), full name, date of birth, and government ID number when you open a manistoto account. We store your phone number if you provide it for account recovery. We log your IP address, device type, and browser fingerprint for session management and fraud detection. If you enable two-factor authentication, we store your backup codes in encrypted form.

When you deposit or withdraw, we record the amount, payment method (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or your mobile banking, local payment, online payment, e-wallet bank details), and timestamp. We collect proof-of-address documents (utility bill, bank statement) during Know-Your-Customer (KYC) verification. We do not store your full bank account number; we tokenize it for recurring transactions.

We log every bet you place, every game you play, and every settlement. This includes game type, bet amount, outcome, timestamp, and payout. We retain this data for audit purposes and dispute resolution. We also record your chat messages with our support team, help articles you access, and any disputes you file.

How We Use Your Information

We use your personal data to operate manistoto: verify your identity for account opening and withdrawal, process deposits and withdrawals, calculate your account balance, settle your bets, detect fraud, and respond to your support requests. We may contact you by email if we detect unusual account activity (login from a new location, withdrawal to a new payment method, rapid bet spikes) to confirm the activity was authorized.

We use your data to comply with law. Indonesian law requires us to implement Know-Your-Customer procedures and maintain records of financial transactions. If we receive a law-enforcement request for your account data or activity, we comply with legal process and do not notify you unless legally permitted to do so.

Analytics & Improvement: We analyze aggregate, non-identifiable data to improve manistoto's performance and user experience. We do not use personal data for profiling or behavioural targeting.

Payment Data & PCI Compliance

We process all payments through PCI DSS-compliant processors. Your bank account numbers, card numbers (if applicable), and transaction history pass through encrypted channels. We do not store unencrypted card numbers; we tokenize them so recurring payments work without re-entering your bank details each time.

Payment processors used by manistoto—those handling mobile banking, local payment, online payment, e-wallet, mobile banking, and local payment transactions, as well as online payment, e-wallet, mobile banking, and local payment transfers—are governed by their own privacy policies. We do not control how they handle your data beyond requiring encryption and data minimization. When you initiate a deposit, you are redirected to the payment provider's interface; we see only the transaction result, not your credentials.

We encrypt all connections to manistoto using TLS 1.3. Your session credentials are hashed; your payment tokens are encrypted. We do not retain plaintext passwords or card numbers.

manistoto Data Security Team

International Data Transfer & Server Location

Our servers may sit outside your jurisdiction. When you use manistoto from Jakarta, Surabaya, Bandung, Medan, Semarang, or elsewhere in Indonesia, your data is encrypted in transit and may be processed on servers located outside Indonesia. We ensure that all processors, regardless of location, comply with data-protection standards no less stringent than Indonesian law.

By creating a manistoto account, you consent to international data transfer under these protections.

Your Rights & Data Access

We give you the right to access all personal data we hold about you. You can request a data export from your manistoto account dashboard or by emailing our support team. We provide your export within 30 days in a portable, machine-readable format (typically JSON or CSV).

You have the right to correct inaccurate data. If your name, address, or email is wrong, update it from your account settings or request correction from support. You have the right to request deletion of your data, subject to legal retention requirements (we may need to keep financial records for six years under Indonesian law). Deletion requests are processed within 30 days unless legal or contractual obligations require us to retain the data longer.

Cookies & Tracking Technology

We use cookies to maintain your manistoto session. A "session cookie" keeps you logged in so you do not need to re-enter your password on each page load. This cookie is deleted when you close your browser. We do not set persistent cookies that track you across multiple websites or sessions beyond necessary security functions.

We use basic analytics (page views, click patterns, error logs) to identify performance issues and improve manistoto's interface. This analytics data is aggregated and non-identifiable; we do not link it to your account without explicit consent. We do not use advertising cookies, retargeting pixels, or cross-site tracking.

Data Retention & Deletion

We retain your account data (email, name, ID, balance history) for as long as your account is active and for six years after account closure (to comply with financial-record regulations). We retain game logs and bet history for seven years to support dispute resolution and regulatory compliance. We retain KYC documents for six years after your last transaction.

Chat logs with support are retained for two years. If you request account deletion and have no outstanding balance, we delete your data after the legal retention period expires, except where we must retain records under law.

Data Breach Notification

If we discover a data breach affecting your account, we notify you by email without unreasonable delay. We also notify relevant regulatory authorities if required by law. We investigate breaches promptly, determine the scope of compromised data, and take corrective action.

Third-Party Services & Subprocessors

We use third-party services only where necessary: payment processors (for DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, and bank transfers), cloud hosting providers, email delivery services, and customer-support software. Each subprocessor handles only the data necessary for their function and is contractually bound to protect it.

Contact Us About Your Data

To access, correct, or delete your personal data on manistoto, contact our Data Privacy team at support or use the data-access form on your account dashboard. Include your account email and a mobile bankingef description of your request. We respond within 30 days.

If you have concerns about how we handle your data, you may file a complaint with Indonesia's Personal Data Protection Authority (OTPD) or your local data-protection regulator. We cooperate fully with regulatory inquiries.

Changes to This Privacy Policy

We may update this policy as our practices change or law requires. Material changes are notified by email or in-app notification. Your continued use of manistoto after notice constitutes acceptance. We archive historical versions of this policy in our Knowledge Base for reference. This policy is effective as of the date stated in your account settings.