gastoto Casino & Sportsbook Data Care

This page describes what data we collect when you use gastoto, how we protect it, and what rights you have over your information. We at gastoto take privacy seriously—your personal details, payment information, and account activity are encrypted and stored securely.

When you register with us, upload ID documents for verification, deposit funds, or place a wager, you share information with gastoto. We use that information to confirm your identity, prevent fraud, process payments, and comply with local regulations. We do not sell your data to third parties or use it for marketing without your consent.

If you have questions about how we handle your data or want to request access, correction, or deletion, contact our support team. We respond within 5 business days to data requests and aim to resolve privacy concerns promptly.

What We Collect When You Join gastoto

We collect information in several ways. When you register, we ask for your name, email address, phone number, and date of birth. These are necessary to create your account and send you important notifications. We also ask for your country and region—this helps us confirm that access to gastoto is permitted where you are located.

Before your first withdrawal, we require Know Your Customer (KYC) verification. We ask you to upload a government photo ID (Indonesian KTP, passport, or driving permit) and a selfie holding your ID. We use these documents only to verify your identity and comply with anti-money-laundering rules. We do not share your ID with anyone except as legally required.

When you deposit or withdraw funds on gastoto, we collect transaction data—amount, payment method, date, time, and outcome (success or failure). This information helps us track your account activity, detect fraud, and settle disputes. Payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, and banks like mobile banking, local payment, online payment, e-wallet) handle your banking details separately; we never store your full card numbers or banking credentials.

We at gastoto encrypt all data in transit and at rest. Your information is protected by the same security standards as major banking platforms.

gastoto security policy

Game Activity and Betting History

We record all activity on gastoto—which games you play, when you play them, your bet amounts, and outcomes. For live-dealer tables, we store video recordings and hand histories. For slots, we log the random-number generator seed and result of each spin. For sportsbook bets, we keep the fixture, odds, bet type, and settlement details.

This data serves three purposes: (1) to settle disputes if you question a payout, (2) to detect and prevent fraud, and (3) to comply with regulatory audits. We keep game records for at least 5 years. You can request your full game history at any time by contacting support.

Device and Connection Information

When you access gastoto, we log your IP address, device type (phone, tablet, computer), operating system, and browser. We use this information to detect unauthorized access, prevent account takeover, and optimize our app for your device. We also track which features you use most—for example, whether you prefer live tables or football betting—to improve our service.

We do not track your location in real time, but we note your country and timezone to verify that you are accessing gastoto from a region where it is permitted. If you appear to be logging in from a restricted jurisdiction, we may suspend your account pending review.

How We Protect Your Data on gastoto

We at gastoto use industry-standard encryption (TLS 1.3) to protect all data traveling between your device and our servers. All passwords are hashed using bcrypt, a cryptographic algorithm that prevents us from ever reading your password in plain text. If our database is breached, attackers cannot recover passwords without cracking each hash individually—a process that takes months or years.

Our servers are located in secure data centers with physical access controls, surveillance, and backup power systems. We perform regular security audits and penetration testing to identify vulnerabilities. If we discover a vulnerability, we patch it immediately and notify affected users.

We offer optional two-factor authentication (2FA) for additional account security. When 2FA is enabled, logging in or requesting a withdrawal requires a code sent to your phone. This means even if someone learns your password, they cannot access your account without your phone.

Personal data
Name, email, phone, date of birth, address—encrypted at rest and in transit on gastoto servers.
Identity documents
ID photos and selfies stored in secure vaults, accessed only by KYC and compliance teams.
Payment information
Transaction history stored on gastoto; banking credentials handled by payment processors, not us.
Game activity
Bets, spins, hand histories, odds, outcomes—logged permanently for dispute resolution and audits.

Third-Party Processors and Data Sharing

We at gastoto do not sell your personal data. However, we share information with trusted third parties to operate the platform. Payment processors (mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment) receive transaction data to process deposits and withdrawals. KYC vendors verify your identity documents on our behalf. Game providers (software studios behind Aviator, Sweet Bonanza, Gates of Olympus, Fortune Tiger, Mahjong Ways) receive anonymized play data (game session length, bet size, outcome) but not your personal identity.

We may disclose your data if legally required—for example, if law enforcement requests information via court order or if a regulator audits our books. We do not comply with requests without legal authority, and we notify you of legal requests when permitted.

Your Rights Over Your Data on gastoto

We at gastoto recognize your right to control your data. You may request (1) access to all data we hold about you, (2) correction of inaccurate information, (3) deletion of your data, or (4) a portable copy of your data in machine-readable format.

To exercise these rights, contact our support team with your request. We process access and portability requests within 5 business days. Correction requests are handled immediately if the change is straightforward (e.g., fixing a misspelled name). Deletion requests take 30 days to process and result in permanent account closure; any remaining balance is forfeited.

If you believe we have mishandled your data or violated your privacy rights, you have the right to lodge a complaint with local data protection authorities. We encourage you to contact us first so we can attempt to resolve the issue directly.

Data Retention and Account Closure

We retain your data for as long as your gastoto account is active and for at least 5 years after closure to comply with regulatory requirements. After 5 years, we delete your personal information (name, email, address) but may retain anonymized activity records for analytics and fraud prevention.

If your account is suspended due to violation of terms, we retain all data indefinitely to support dispute resolution and prevent account recovery by the violating user. If your account is closed at your request, we follow standard retention timelines (5 years minimum).

Cookies and Tracking on gastoto

Our website uses cookies to remember your login session, language preference, and account status. Cookies are small text files stored on your device; they allow you to stay logged in without re-entering your password on every page visit. We do not use cookies to track you across other websites.

Our mobile app does not use cookies but stores similar information locally on your device. Both cookies and app storage use secure encryption so that attackers cannot access your session tokens even if they gain access to your device storage.

We use analytics tools (such as server-side logging) to understand how users navigate gastoto. These tools tell us which pages are visited most, how long users spend on each feature, and where they encounter problems. We use this information to improve the app and website. Analytics data is anonymized and does not identify you personally.

Data Across Regions and Jurisdictions

gastoto servers may sit outside your country. If you are in Jakarta, Surabaya, Bandung, Medan, or Semarang and your data is stored on servers in another country, your data is still subject to this privacy policy and protected by encryption. We do not move data outside secure, compliant infrastructure.

Different countries have different data protection laws. By using gastoto, you consent to your data being processed according to this policy, which meets or exceeds most regional privacy standards. If local law prohibits data transfer, we store your information locally and comply with that law.

Terms of Use

Account rules, deposits, withdrawals, disputes

Legal
Legal Notice

Regulatory compliance and disclosures

Compliance
FAQ

Common questions and support

Help
About gastoto

Our platform and operations

Info
Open Account

Create your gastoto account

Action

Contact Us About Your Data

If you have questions about our privacy practices, want to access your data, or believe we have mishandled your information, contact our support team. We offer English and Indonesian language support via in-app chat, email, or phone. Response times are typically 1–2 hours during business hours and up to 24 hours during off-peak.

Our team handles data requests with priority. We verify your identity (using your account login and email confirmation) before providing sensitive information. This protects you from imposters requesting your data.

We review this privacy policy regularly and update it as our practices evolve or regulations change. Updates are posted to this page with an updated date. If changes are significant, we notify you via email. Your continued use of gastoto after updates constitutes acceptance of the new policy.

  • We encrypt all data in transit and at rest using industry-standard security.
  • We do not sell your personal information to third parties.
  • You have the right to access, correct, or delete your data at any time.
  • We retain data for at least 5 years to comply with regulatory requirements.
  • Our payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) handle your banking details separately from gastoto.

This privacy policy is part of our commitment to transparency and user protection. We at gastoto believe privacy is a fundamental right, and we work hard to earn your trust every day. Thank you for using gastoto.