smptoto Casino & Sportsbook Data Care

This page describes what we collect when you use smptoto and how we keep that data protected. We take your privacy seriously and handle all personal information according to applicable data protection principles. Our commitment is to be transparent about what data we process, why we need it, and how long we retain it.

When you open an account on smptoto, fund your account via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer (mobile banking, local payment, online payment, e-wallet), or place a wager on Liga 1, Piala Indonesia, Piala AFF, Champions League, or any other smptoto offering, you share information with us. We use that information to verify your identity, process your transactions, detect fraud, and provide customer support. We never sell your data to third parties for marketing purposes.

Read on to understand what we collect, who can access it, how we protect it, and what rights you have regarding your information on smptoto.

What We Collect When You Use smptoto

We collect several types of information to operate smptoto and serve you effectively. Your account data includes your name, date of birth, email address, phone number, and residential address. We require this information during account registration and KYC verification to confirm your identity and ensure compliance with applicable regulations in your jurisdiction.

Financial information is collected when you deposit or withdraw funds on smptoto. We record your payment method (whether DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or your mobile banking, local payment, online payment, or e-wallet bank details), transaction amount, date, and time. We use this data to process your payments, reconcile your account balance, and prevent fraud. We do not store your full card or bank credentials—payment processors handle sensitive financial data on our behalf.

Activity data is recorded as you use smptoto. We log which games you access, how long you play, your wager amounts, game outcomes, and any account settings changes. This allows us to customise your experience, troubleshoot technical issues, and maintain platform security. We also collect your device type, browser, IP address, and approximate location (country level) to detect unauthorised access attempts and protect your account.

KYC documents: During account verification, we collect scans of your identity document and proof of address. We retain these files securely in encrypted storage and compare them against government records to verify your identity.

How We Use Your Data on smptoto

We process your information for several lawful purposes. Account administration is our primary use—we need your name, email, and phone to create and manage your smptoto account, send you transaction confirmations, and allow you to recover access if you forget your password. Regulatory compliance requires us to verify your identity through KYC and maintain records of your financial transactions for anti-money-laundering and tax reporting obligations in your jurisdiction.

Payment processing depends on your financial information. When you deposit via mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, or transfer funds from online payment, e-wallet, mobile banking, or local payment, we share the minimum necessary data with our payment partners to complete the transaction. Fraud prevention is critical—we analyse patterns in your wagers, login locations, and device changes to detect suspicious activity and protect your account.

Customer support relies on your contact information and account history. If you reach out with a question about your smptoto balance, withdrawal status, or a technical issue, our support team accesses your account data to help you. We may record support conversations (email, chat, phone) to train staff and resolve disputes fairly.

Account data: Name, date of birth, email, phone, address; collected at registration and verified via KYC.
Payment data: Deposit/withdrawal method, amount, timestamp; processed by payment partners and retained for 7 years per regulation.
Activity data: Games played, wager amounts, outcomes, login history, device info; retained for 3 years.
Support records: Chat logs, emails, call recordings; retained for 2 years to handle disputes and train staff.

Data Security and Third-Party Processors

Our smptoto platform uses industry-standard SSL encryption to protect data in transit. All connections between your device and our servers are encrypted, preventing unauthorised interception. Your password is hashed (one-way encrypted) and never stored in readable form on our systems.

We share your data with carefully selected third parties only when necessary. Payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet partners) receive transaction data to process deposits and withdrawals. KYC verification providers receive your identity documents to confirm your identity against government records. Our customer support platform may store your contact information and chat history. All third parties sign data processing agreements requiring them to protect your information and use it only for agreed purposes.

Our smptoto servers may sit outside your home jurisdiction. By using our platform, you consent to your data being processed and stored in multiple locations as needed to deliver our service. We apply the same security standards regardless of server location.

Your Rights and Data Retention on smptoto

You have the right to request access to your personal data held by smptoto. Send a request to our support team with your account email, and we will provide a copy of the information we hold about you. You may also request that we correct inaccurate information—for example, if your address changes, update it in your account settings or contact support to correct it on our records.

We retain your data for as long as your account remains active, plus a period after closure for regulatory and dispute-resolution purposes. Payment records are retained for seven years per financial regulations. KYC documents are retained for five years. Account activity logs are retained for three years. Support records are retained for two years. If you request account deletion, we will remove your personal data (except payment records required by law) within 30 days.

If you have concerns about how we handle your data, contact our support team. We are available to discuss privacy questions and complaints about data handling. We are based in a jurisdiction with applicable data protection regulations, and we comply with all relevant laws in your home jurisdiction where we operate smptoto services.

Cookies and Tracking on smptoto

Our smptoto platform uses cookies to remember your login status, language preference, and game settings. These cookies are essential to platform function and do not require consent. We also use analytics cookies to understand how users navigate smptoto, which sections are popular, and where technical issues occur. Analytics data is anonymised and does not identify you personally.

You may disable non-essential cookies in your browser settings, but doing so may affect your smptoto experience. Essential session cookies cannot be disabled without preventing login.