Reference

How gerbangtoto Handles Your Personal Data

Your account data — from registration details to transaction records via DANA, OVO, GoPay and QRIS — is collected and stored under clear rules we explain here.

Data collected transparentlyDANA, OVO, GoPay & QRIS transactions logged securelyYour right to access or delete dataCookies explained clearlyContact path available 24/7
gerbangtoto How gerbangtoto Handles Your Personal Data
PRIVACY CONTACT PATHS

How to Reach Us About Your Data

If you want to review, correct or remove personal data held in your gerbangtoto account, our data support team is reachable around the clock.

Live Chat Available 24 hours a day, 7 days a week inside your account dashboard. Start a chat, state your data request clearly and a privacy team agent will pick it up within minutes.
Email Support Send your data access or deletion request to our dedicated privacy email. Include your registered account username and the specific data type you are asking about for faster handling.
WhatsApp Message our WhatsApp support line any time. This channel is suited for quick status checks on an existing data request or for asking which documents are needed to verify your identity.
DATA HANDLING STANDARDS

Six Ways We Protect Your Account Data

Data protection at gerbangtoto is not a single measure — it is a layered set of practices covering how data enters our systems, how long it stays, who can see it and…

Encrypted Storage

All personally identifiable information, including payment references from DANA and OVO, is stored using AES-256 encryption at rest. Backups are encrypted with the same standard and access is role-restricted to authorised personnel only.

Cookie Controls

We use session cookies for login continuity and analytics cookies to understand how pages are used. You can adjust cookie preferences through the settings panel in your browser at any time without affecting your account access.

Account Security Verification

Before any personal data is disclosed or amended, we verify your identity through a two-step process: your registered email confirmation plus a one-time PIN sent to your mobile number on file.

Data Retention Schedule

Payment records tied to QRIS or GoPay transactions are kept for five years as required for financial compliance. Behavioural session logs are deleted after 90 days and marketing preference data is purged 30 days after you withdraw consent.

Third-Party Sharing Policy

We share data with payment processors — DANA, OVO, GoPay, QRIS — only to the extent needed to complete your transaction. We do not share your data with advertising networks or data brokers under any circumstances.

Your Right to Erasure

You may request full deletion of your account data at any time via live chat or email. We will confirm deletion within 14 business days and send written confirmation to your registered email address once the process is complete.

Common Questions About Your Data at gerbangtoto

Below are the questions we hear most often from account holders in Indonesia about how their personal information is handled, stored and protected across all channels including DANA, OVO, GoPay and QRIS transactions.

We collect your full name, email address, mobile number and device identifiers at registration. Once you make a deposit via DANA, OVO, GoPay or QRIS, we also record the transaction reference and payment method for verification and fraud prevention purposes.

Yes. Submit a data access request through live chat or email with your username. We will compile a summary of stored data — account details, session logs, payment records — and send it to your registered email within 48 business hours, where local law permits.

Contact our support team via live chat, email or WhatsApp and state clearly that you want account data erased. After identity verification through your registered email and a one-time PIN, deletion is completed within 14 business days and confirmed in writing.

We share transaction references with DANA, OVO, GoPay and QRIS only to process and confirm your payments. No payment data is passed to advertising networks, data brokers or unaffiliated third parties at any time.

Payment records — including QRIS and GoPay transaction logs — are retained for five years to meet financial record-keeping requirements. Session activity logs are deleted after 90 days. Marketing preference data is removed within 30 days of consent withdrawal.

We use session cookies to keep you logged in and analytics cookies to measure page performance. You can turn off non-essential cookies in your browser settings at any time. Disabling analytics cookies does not affect your ability to deposit or withdraw.

Reach our privacy support team via live chat (available 24/7), email or WhatsApp. Describe the concern and include your account username. We will investigate and respond within 48 business hours with a clear explanation of what happened and what we are doing to fix it.