kliktotoPrivacy Policy

This page describes what data we collect when you use kliktoto and how we keep that data protected, encrypted, and used only for account operations and legal compliance. We operate under the principle that your personal information belongs to you, and we do not share it with third parties except where legally required or to process your deposits and withdrawals.

Our privacy practices apply to all users accessing kliktoto from any supported jurisdiction—whether you use our Android APK, access via iOS Safari, or log in from desktop. We encrypt all data in transit and at rest on our servers. We do not sell your information or use it for marketing purposes without explicit permission.

If you have questions about how we handle your data, how long we retain it, or what rights you have over your information, our support team responds in English and can clarify any aspect of this policy.

What Data We Collect on kliktoto

We collect information necessary to operate your account, process your payments, and comply with legal obligations. When you register with kliktoto, we collect your full name, date of birth, email address, and phone number. This information is used solely for account identification, password recovery, and KYC verification.

During KYC verification, we request identity documents—a government-issued ID, and sometimes a selfie or proof of address. We upload these documents to encrypted storage and retain them according to legal record-keeping requirements. We do not use these documents for any purpose other than confirming your identity and verifying your eligibility to use our platform.

We also collect your transaction history—deposits, withdrawals, game activity, and settlement records. This data helps us verify your account, prevent fraud, and provide you with account statements. We store transaction records indefinitely for compliance with financial and gaming regulations that apply to our jurisdiction.

Account Data

Name, email, phone, date of birth. Used for account recovery and verification. Retained for as long as your account is active, plus legal retention periods thereafter.

KYC Documents

Identity documents, selfies, proof of address. Encrypted and stored separately from account data. Retained according to legal requirements, typically 5-7 years.

Transaction Records

Deposits, withdrawals, gameplay, settlements. Kept indefinitely for fraud prevention, dispute resolution, and regulatory compliance.

Device and Session Data

IP address, device type, session timestamps. Used to detect suspicious activity and prevent unauthorized account access. Retained for up to 90 days.

How We Use Your Data on kliktoto

We use your personal data exclusively to: (1) create and manage your account; (2) process your deposits via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfers (mobile banking, local payment, online payment, e-wallet); (3) verify your identity through KYC; (4) settle game outcomes and withdrawals; (5) detect and prevent fraud; (6) respond to legal requests from regulators or law enforcement; and (7) communicate with you about account status or service changes.

We do not use your data for marketing, advertising, or profiling. We do not sell your information to third parties. We do not use cookies to track your behavior across other websites. Our analytics are limited to understanding platform performance and user experience—we do not create user profiles or sell insights to advertisers.

Data Security and Encryption on kliktoto

We encrypt all data in transit using HTTPS (TLS 1.2 or higher). Your password is never stored in plain text—we store only an encrypted hash. Session tokens are time-limited and regenerated on each login. If you enable two-factor authentication (2FA), we send a code to your phone or email for additional security; this code is valid only once and expires within minutes.

Our servers are hosted in data centres with access controls, redundancy, and monitoring. We do not guarantee that our data centre is located within Indonesia or within your jurisdiction. Your data may be processed outside your country of residence, but it remains protected by the same encryption and access controls regardless of physical location.

If you suspect unauthorized access to your account, change your password immediately. You can do this by clicking "Forgot password" on the login page; we send a reset link to your registered email, valid for 24 hours. Once you set a new password, all prior sessions are terminated and you must log in again.

Your Rights Regarding Data on kliktoto

You have the right to request access to your personal data, to correct inaccurate information, and to request deletion of your data subject to legal retention requirements. You also have the right to close your account at any time. Closing your account does not delete your historical transaction records (which we retain for legal compliance), but it prevents future deposits and gameplay.

To exercise any of these rights, contact our support team in English. We will respond to data-access requests within 30 days. If we are unable to fulfill a request due to legal obligations, we will explain the reason and provide information about your options.

Cookies and Tracking on kliktoto

We use minimal cookies—only to maintain your login session and store your account preferences (e.g., notification settings, language choice). We do not use cookies for tracking, analytics, or advertising purposes. Your browser may store a session cookie when you log in; this cookie is deleted when you log out or after a set period of inactivity.

We do not use third-party analytics tools that track your behavior. We do not set cookies across multiple domains or websites. If you disable cookies in your browser, you may experience issues logging in or maintaining a session on kliktoto.

Data Retention and Deletion Policy on kliktoto

We retain your account data (name, email, phone) for as long as your account is active. If you close your account, we retain identifying information for up to two years to prevent account fraud and support legal inquiries. We retain transaction records indefinitely for compliance with financial regulations.

KYC documents and identity verification files are retained according to anti-money-laundering regulations, typically 5-7 years after account closure. Device and session data (IP address, timestamps) are retained for 90 days, then automatically deleted. You cannot request deletion of transaction records because they are required by law to remain in our systems.

Changes to Our Privacy Policy

We may update this policy at any time by publishing a revised version on kliktoto. We will announce material changes via email to registered users at least 14 days before the change takes effect. Your continued use of our platform after the effective date constitutes acceptance of the updated policy. If you do not accept new terms, you may close your account.

Contact Us About Privacy on kliktoto

If you have questions about our privacy practices, data handling, or wish to exercise your rights regarding your personal information, contact our support team. We respond in English and typically provide a response within one business day. You may also contact your local data-protection authority if you have concerns about how we handle your data or believe we are not complying with applicable privacy law.

We at kliktoto remain committed to protecting your information and operating transparently about how we use your data. Your trust is fundamental to our platform, and we take data security seriously in every jurisdiction where we operate.