LEGAL REFERENCE

Your Data Stays Yours

We built premantoto around your privacy. Every account detail, payment transaction and gaming session is encrypted and protected under strict data governance. Your trust is how we operate.

Encrypted DataQRIS ProtectedAccount SecurePayment PrivateIndonesia Compliant
premantoto Your Data Stays Yours

Privacy Policy Overview

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

24/7 SUPPORT

Privacy Questions & Support

Email Support Contact our privacy team at [email protected] with any...
Account Settings Manage your personal information, communication preferences and data...
Data Access Request Request a copy of all personal data we...
TRUST MARKERS

Privacy Standards We Follow

Encryption Standard

All data transmissions use TLS 1.2 or higher. Payment details are tokenised and never stored in plain text on our servers.

Regular Audits

We conduct quarterly security audits and penetration testing to identify and close vulnerabilities before they affect your account.

Staff Training

Every team member handling customer data completes annual privacy and data protection training to maintain our security posture.

Incident Response

If a data breach occurs, we notify affected users within 72 hours and provide guidance on protective steps you can take immediately.

Third-Party Vetting

Payment processors, hosting providers and analytics partners sign data processing agreements and undergo security reviews before integration.

Retention Policy

We retain account data only as long as needed for service delivery and legal compliance. Closed accounts are purged after 12 months.

What Sets Our Privacy Approach Apart

No Data Brokerage
We never sell, rent or share your personal information with marketing firms, data brokers or unrelated third parties for profit.
Transparent Logging
You can view a log of every login, payment and account change from your security dashboard. Full visibility into your account activity.
Payment Isolation
DANA, OVO, GoPay and QRIS transactions are processed through PCI-DSS compliant gateways separate from your account profile data.
Minimal Collection
We ask only for information necessary to verify your identity, process payments and deliver customer support. No unnecessary fields.
User-Controlled Retention
You can request permanent deletion of your account and associated data at any time. We process deletions within 30 days.
Cookie Transparency
Our cookie banner explains exactly what tracking occurs. You can disable non-essential cookies without losing core account functionality.
Regional Compliance
We follow data residency rules for Indonesia and supported regions, ensuring your information stays within appropriate legal jurisdictions.

How We Protect Your Account

Two-Factor Authentication

Enable 2FA via SMS or authenticator app to add a second verification layer. Your account requires both your password and a time-based code.

Session Timeout

Inactive sessions automatically log out after 30 minutes to prevent unauthorised access if you step away from your device.

Device Recognition

We flag login attempts from new devices and ask for additional verification. Recognise your devices to streamline future logins.

Payment Verification

Large withdrawals trigger a confirmation email or SMS before processing. You control the threshold for when extra verification kicks in.

Fraud Monitoring

Our system detects unusual patterns like rapid location changes or multiple failed logins and alerts you immediately if suspicious activity occurs.

Password Security

We enforce strong password requirements and never store passwords in plain text. Reset your password anytime from account settings.

Privacy Policy Questions

We collect your name, email, phone number, date of birth and payment details to verify your identity and process transactions. We also log your IP address, device type and login timestamps for security purposes.

After account closure, we retain minimal data for 12 months to comply with financial regulations and resolve disputes. After that period, all personal information is permanently deleted from our systems.

Yes. Submit a data access request via email or your account settings. We'll compile all information we hold about you and deliver it within 14 days in a portable format.

We share only the minimum required to process your payment: transaction amount, your account ID and confirmation status. Payment providers never receive your full account details or gaming history.

We notify all affected users within 72 hours with details of what was compromised and steps you should take. We also report to relevant authorities and provide free credit monitoring where applicable.

Login records are retained for 24 months for security audits. Transaction history is kept for 7 years to comply with financial reporting requirements in supported regions.

Yes. You can disable non-essential cookies from our cookie banner without losing access to your account or core features. Essential cookies for security and payment processing cannot be disabled.