ciutoto loginPrivacy Policy

This page describes what we collect when you use ciutoto login and how we keep that data protected. We collect only the information necessary to operate your account, process your deposits and withdrawals, comply with local regulations, and improve our service. We do not sell personal data to marketers or data brokers; we do not share your information with third parties except where required by law or to our payment processors.

Our commitment is straightforward: your account data (name, ID, address, email, phone) is encrypted; your payment information is handled by licensed processors; your gaming activity is logged for your own history and account security. Below, we explain what data we collect, how we store it, your rights, and how to contact us if you have questions.

We operate across supported jurisdictions where our service is permitted by local law. Our servers may sit outside your jurisdiction; your data may be processed in multiple countries. By using ciutoto login, you acknowledge that we process your data as described in this policy, subject to applicable regulations. If you disagree with any term, do not create an account.

What data we collect on ciutoto login

We collect your personal information in the following categories:

• Account details: Legal name, date of birth, phone number, email address, username, and password hash.
• Identity verification (KYC): Government-issued ID number and scan, proof of address, and other documents required by local regulation.
• Payment information: Bank account numbers, e-wallet IDs (for DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet), and transaction history.
• Gaming activity: Bets placed, games played, results, balance changes, and login timestamps.
• Technical data: IP address, device type, browser type, and interaction logs (clicks, page views, time spent).
• Communication: Messages you send to our support team and replies we send to you.

We do not require your name to match your official ID perfectly — we accept minor variations. We collect your phone number to enable account recovery and two-factor authentication (optional but recommended). We do not collect your GPS location, camera access, or microphone; our app requests only permissions necessary to display content and process payments.

How we use your data

We use your data for these purposes:

1. Account operation: Creating your account, processing deposits and withdrawals, updating your balance, and sending confirmations.
2. Regulatory compliance: Verifying your identity, detecting fraud, and reporting to authorities if required by law.
3. Customer support: Responding to your inquiries, troubleshooting issues, and handling disputes.
4. Service improvement: Analyzing usage patterns, fixing bugs, and developing new features.
5. Marketing (optional): Sending promotional emails only if you opt in; we do not send unsolicited marketing messages.
6. Security: Monitoring for unauthorized access, detecting suspicious activity, and protecting your account.

We do not use your data to make automated decisions about your account eligibility or betting limits — all account actions are reviewed by our human team. We do not profile you based on gaming preferences or build predictive models of your future behaviour.

Third parties and payment processors

We use third-party payment processors to handle deposits and withdrawals. These processors are licensed financial institutions in Indonesia and the region. We share your bank account number or e-wallet ID only with these processors — no other third party receives your payment details. Our processors apply their own privacy policies; we recommend reviewing them separately.

We may also share data with:

• Fraud detection services: To verify your identity and detect suspicious activity.
• Legal authorities: If required by court order, law enforcement request, or applicable regulation.
• Our service providers: Cloud hosting, email delivery, customer support platforms — all bound by confidentiality agreements.

We do not share your data with advertisers, data brokers, or analytics companies that sell insights to third parties. We do not use your data for purposes beyond those listed above without your explicit consent.

Payment processor

Licensed fintech or bank partner that executes your deposit and withdrawal transactions; receives only payment information necessary for processing.

Data processor

Third-party service (cloud host, email provider) that handles data on our behalf but does not use it for independent purposes.

Legal holder

Authority or court with legal power to request your data; we comply with valid court orders and valid regulatory requests.

How we protect your data on ciutoto login

All communication between your device and our servers is encrypted using HTTPS (TLS 1.2 or higher). Your password is hashed using industry-standard algorithms and is never stored in readable form — not even our administrators can see your original password. Your payment information is encrypted at rest and in transit; access is limited to a small team of trusted staff.

We recommend enabling two-factor authentication (2FA) on your account — once activated, every login requires your password plus a one-time code sent to your phone or email. We store backup codes securely if you need to recover your account without access to your phone. If you suspect unauthorized access to your account, contact us immediately; we can reset your password and review suspicious activity.

Our data centres apply physical security (locked cabinets, access logs, surveillance), network security (firewalls, intrusion detection, DDoS protection), and operational security (access control, encryption keys, audit logs). We conduct regular penetration tests and security audits to identify and fix vulnerabilities. We do not guarantee standard security practices — no system is impenetrable — but we apply industry-standard practices.

Cookies and tracking technology

We use cookies to maintain your login session and store your preferences (language, theme). These cookies are essential to our service; without them, you would need to log in on every page load. We also use analytics cookies to track how users interact with our platform — which pages are visited, how long users spend on them, and which features are most used. These analytics help us improve performance and identify broken links.

You can disable cookies in your browser settings, but doing so may prevent you from using ciutoto login. We do not use third-party tracking pixels or scripts that follow you across the internet. We do not sell analytics data to advertisers or data brokers. Your gaming history is visible only to you and our support team (when you contact us for help).

Your rights regarding your data

You have the following rights:

• Access: You can request a copy of all data we hold about you. We provide this within 30 days.
• Correction: You can request that we correct inaccurate information (e.g., misspelled name, wrong address).
• Deletion: You can request account deletion. We remove your data from active systems within 30 days; backup archives are retained for regulatory compliance and may be kept longer.
• Opt-out: You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in the email or updating your preferences in your account dashboard.
• Portability: You can request that we export your data in a standard format (CSV, JSON) so you can use it elsewhere.

To exercise any of these rights, contact us using the details below. We will verify your identity before processing your request to ensure we do not disclose data to unauthorized parties.

How long we keep your data

We retain your account data (name, email, gaming history) for as long as your account is active. If you delete your account, we remove active data within 30 days; backup copies are retained for up to seven years for regulatory compliance and fraud prevention. We retain transaction records (deposits, withdrawals) for up to ten years to satisfy tax and anti-money-laundering regulations.

Your KYC documents (ID scans, proof of address) are retained for the duration of your account plus up to five years after deletion. We delete marketing cookies after 12 months of inactivity; analytics data is aggregated (anonymized) after 90 days so it cannot be linked to individuals.

How to contact us about privacy

If you have questions about this privacy policy or wish to exercise your rights, contact us:

• Email: Send your request to our data protection team (address in your account dashboard under Support).
• In-app support: Use the Help section of the ciutoto login app to submit your request; our team responds within three business days.
• Mailing address: Available in our About us page.

We will acknowledge your request within two business days and respond fully within 30 days. If your request is complex or requires additional information from you, we will notify you and extend the timeline accordingly.

Updates to this privacy policy

We may update this policy to reflect changes in our practices, technology, or applicable law. We will notify you of material changes by email or by displaying a notice on our platform. Your continued use of ciutoto login after such changes constitutes your acceptance of the updated policy. We recommend reviewing this page periodically to stay informed of how we protect your data.

If you are a resident of Jakarta, Bandung, Surabaya, or Medan, or if you access our service from any other jurisdiction, you may have additional rights under local privacy law. We comply with applicable regulations in your jurisdiction. If there is a conflict between this policy and local law, local law takes precedence.

Our service is available only where local law permits. We do not intentionally collect data from users under the age of majority in their jurisdiction. If we discover that we have collected data from an ineligible user, we delete that data immediately.

Related guides