nagamastoto Privacy Policy

This page describes what we collect when you use nagamastoto and how we keep that data protected. We collect personal information—your name, email, phone number, date of birth, and identity documents—during account setup and verification. We use this information to verify your identity (KYC compliance), process deposits and withdrawals, communicate account updates, and detect fraud. We never sell your data to marketers or third-party advertisers.

On nagamastoto, your data is encrypted in transit and at rest. Our servers are located outside your jurisdiction but comply with international data-protection standards. We retain personal data only as long as necessary to operate your account and fulfil legal obligations. If you request data deletion, we remove it within thirty days unless we are required by law to keep it longer (e.g., for anti-money-laundering audits).

This policy applies to all users of nagamastoto regardless of access method—Android app, iOS browser, or desktop. We update this policy occasionally; material changes are announced via email or in-app notification at least thirty days in advance. Your continued use of nagamastoto after any change constitutes acceptance of the updated policy.

Data Collection and Use on nagamastoto

We collect personal data in several ways. When you register for nagamastoto, we ask for your email, password, full name, date of birth, and phone number. When you complete KYC verification, we collect a photo of your government-issued ID (Indonesian ID card, passport, or driver license) and a selfie for facial verification. When you make a deposit, we record your payment method and transaction amount. When you place a bet or play a game, we log your activity—stakes, outcomes, timestamps—to detect anomalies and prevent fraud.

We use this data for several purposes. First, account management: we verify your identity to ensure your account is uniquely yours and to comply with anti-money-laundering (AML) regulations. Second, payment processing: we share your name and bank account details with payment partners (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet) only to settle deposits and withdrawals. Third, customer support: we use your email and phone to send account notifications, betting confirmations, and withdrawal updates. Fourth, fraud prevention: we analyze your betting patterns and transaction history to detect suspicious activity and protect your account and our platform.

We also track technical data: your IP address, device type (Android or iOS), app version, browser type, and approximate location (derived from IP geolocation). This data helps us understand platform performance, identify geographic compliance issues, and optimize the user experience. We do not use location data for marketing; it is used solely to enforce jurisdictional restrictions and detect suspicious access patterns (e.g., account login from Jakarta followed by withdrawal attempt from Medan within minutes).

Personal data

Name, email, phone, date of birth, identity document. Encrypted at rest; shared only with payment partners and regulators if required.

Transaction history

Every deposit, withdrawal, and bet is logged with timestamp and outcome. Retained for seven years for AML compliance.

Technical data

IP address, device type, browser type, app version. Used for fraud detection and performance monitoring; not shared with third parties.

Communication logs

Support chat history, emails, SMS. Retained for two years to resolve disputes and improve customer service.

Third-Party Processors and Data Sharing on nagamastoto

We work with third-party service providers to operate nagamastoto. Payment processors (mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, and our bank partners online payment, e-wallet, mobile banking, local payment) receive only the minimum data needed to settle your transactions: your name, account number, and transfer amount. They do not receive your full identity document, betting history, or account password.

We also use cloud hosting providers to store and encrypt our databases. These providers are contractually obligated to treat your data as confidential and to comply with international data-protection standards. We do not share your data with analytic companies, social media platforms, or advertising networks. If we are legally compelled to disclose data (by court order or law enforcement), we inform you of the request unless legally prohibited from doing so.

Your Rights, Cookies, and Contact on nagamastoto

You have the right to request a copy of all personal data we hold about you. Submit a request to [email protected] with your account email, and we provide a downloadable file within thirty days. You also have the right to request deletion of your data, subject to legal retention obligations (e.g., we must keep transaction records for AML compliance). To delete your account on nagamastoto, submit a request via your account settings or email; we delete personal data within thirty days unless we are required to retain it.

We use cookies and local storage on your mobile device or browser to remember your login session, save your language preference, and track your activity on nagamastoto. These are session cookies (cleared when you log out) and persistent cookies (retained for thirty days to speed up future logins). You can disable cookies in your browser settings, but doing so may impair functionality. We do not use tracking cookies to follow your browsing outside nagamastoto.

At nagamastoto, we protect your data as our most valuable responsibility. Encryption, limited sharing, and transparent policies are the foundation of our privacy commitment.

Data Retention and Breach Notification on nagamastoto

We retain personal data for as long as your account is active, plus a minimum of seven years after closure (required for AML audits and dispute resolution). Transaction records are kept for the longest period; your full identity document is deleted two years after account closure unless we are investigating fraud. If you request data deletion before account closure, we flag your record as "deletion requested" and remove non-essential data immediately; essential transaction records are anonymized and retained only for regulatory compliance.

In the event of a data breach, we have a 72-hour notification protocol: we investigate the breach, contain it, notify affected users via email, and file a report with relevant data-protection authorities. Our incident response team is on standby; breaches are treated as critical incidents. We publish breach details on our website and via email once investigation is complete.

If you have questions about this policy or wish to exercise your data rights, contact us at [email protected] or via live chat support. We respond to all privacy inquiries within two business days. Your privacy is central to how we operate nagamastoto; we take your trust seriously and maintain the highest standards of data protection.