LEGAL REFERENCE

Your Privacy & Data Protection at to303

We built to303 around your account security and data privacy. Every payment through QRIS, DANA, OVO or GoPay is encrypted. Your personal information stays private, your lobby access...

QRISDANAOVOGoPay
View Game Library Read FAQ
to303 Your Privacy & Data Protection at to303

Our Privacy Posture

to303 collects and processes personal data—including your name, email, payment details and gaming activity—to operate your account, process transactions via QRIS, DANA, OVO and GoPay, and comply with local regulations in supported Indonesia regions. We use encryption and secure servers to protect all stored information. Your data is never sold to third parties. We retain account records only as long as necessary

for account management, legal compliance and dispute resolution. In supported regions, you may request access to or deletion of your personal data in accordance with applicable law.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

PLAYER SUPPORT

Privacy Questions & Account Help

Email Support Reach our privacy team at [email protected] with any data request, account security concern or data deletion inquiry. We respond within 48 hours.
Live Chat Start a chat in your account dashboard to discuss privacy settings, payment security or data handling. Our team is available during business hours.
Account Settings Update your privacy preferences, view your connected payment methods and manage notification settings directly from your profile page in seconds.
REVIEW SIGNALS

Privacy & Security Standards Behind to303

Data Encryption

All account data and payment transactions are encrypted using industry-standard SSL/TLS protocols. Your QRIS, DANA, OVO and GoPay details travel through secured channels.

PCI Compliance

We meet Payment Card Industry standards to safeguard payment information. Financial data is tokenized and never stored in plain text on our servers.

Regular Audits

Our infrastructure undergoes independent security audits and penetration testing to identify and close vulnerabilities before they become risks.

Privacy Training

Every team member handling your data completes annual privacy and security training. We enforce strict access controls and data handling protocols.

Incident Response

If a breach occurs, we notify affected users within 24 hours and provide guidance on account recovery and fraud prevention steps.

Third-Party Vetting

Any partner or vendor we work with—from payment processors to hosting providers—signs data protection agreements and meets our security benchmarks.

How Our Privacy Policy Compares

Data Retention
We keep account and transaction records only as long as needed for operations and legal compliance—typically 5-7 years depending on transaction type and local law.
Third-Party Sharing
Your personal data is never sold or rented to marketers, brokers or advertisers. We share only with payment processors and legal authorities when required.
Cookie & Tracking Policy
We use essential cookies for account security and session management. Optional cookies track your preferences and improve the lobby experience.
Children & Accounts
to303 is for players aged 18 and above. We do not knowingly collect data from minors. Suspected child accounts are closed immediately.
Geographic Scope
This policy applies to all to303 accounts in supported Indonesia regions and extends to your data wherever it is processed or stored.
Policy Updates
We notify you of material privacy changes via email and in-account banner. Your continued use of to303 constitutes acceptance of updated terms.
User Rights
In supported regions, you have the right to access, correct, delete or port your personal data. Submit requests to [email protected].
AT A GLANCE

What Privacy Means Inside Your to303 Account

Secure Login Two-factor authentication, encrypted passwords and session timeouts keep your account...
Payment Privacy QRIS, DANA, OVO and GoPay transactions are tokenized—your real bank...
Transaction History Your complete account history—deposits, withdrawals, gameplay and payouts—is visible to...
No Data Brokers We don't sell gaming behavior, betting patterns or contact information...
Account Deletion Request permanent account closure and data removal at any time...
Privacy Controls Manage email frequency, notification types and marketing opt-out from your...

Privacy & Data Protection Questions

We collect your name, email, phone number, date of birth, payment method details (QRIS, DANA, OVO, GoPay tokens), IP address, device information and gameplay history. This data is used solely for account operations, fraud prevention and legal compliance.

We retain your transaction records for 5–7 years to meet financial and regulatory obligations in supported Indonesia regions. Personal contact details are deleted within 30 days of closure, unless we must retain them for legal holds or disputes.

No. Payment tokens are encrypted and stored in PCI-compliant vaults managed by third-party processors. We never store your actual bank credentials. Each transaction uses tokenization so your real account details remain private.

Yes. Log into your account and go to Settings > Data Export to download your profile, transaction history and gameplay records in a portable format. You can also request this via [email protected].

We monitor our systems 24/7 for threats. If a breach occurs, we notify affected users within 24 hours, advise you on password reset, and provide fraud-monitoring support. We also file incident reports with relevant authorities.

Absolutely not. We never sell, rent or share your personal data with marketers, data brokers or advertisers. We share data only with payment processors and legal authorities when required by law.

Email [email protected] with 'Account Deletion Request' in the subject line. Provide your account username or email. We'll verify your identity and permanently erase your personal records within 30 days, keeping only legally mandated compliance archives.