Reference

How kentoto Handles Your Personal Data

At kentoto, your personal data is collected only for the purposes of running your account, processing payments through DANA, OVO, GoPay and QRIS, and keeping your session secure…

Data collected only for account useDANA, OVO, GoPay & QRIS payment data securedYour rights: access, correct, deleteNo third-party selling of your dataContact our privacy team anytime
kentoto How kentoto Handles Your Personal Data
PRIVACY CONTACT PATHS

How to Reach Our Privacy Team

If you have questions about how we store or use your personal data, or if you want to submit a data access request, our privacy support team is available seven days a…

Live Chat Reach our privacy support team directly via live chat on the kentoto website. Available daily from 08:00 to 23:00 WIB for account data questions, deletion requests and policy clarifications.
Email Support Send your data access or correction request to our privacy email. We aim to respond within 48 hours and confirm every request in writing so you have a record of the action taken.
Account Dashboard Log into your kentoto account, navigate to Settings, then Privacy to review your stored data, update your contact details or initiate a data deletion request without needing to contact support.
DATA HANDLING PRACTICES

Six Ways We Protect Your Privacy

Our approach to data protection is built on specific operational controls, not abstract promises.

Encrypted Payment Data

Every transaction processed via DANA, OVO, GoPay or QRIS is encrypted in transit using TLS and stored with AES-256 encryption at rest. Your payment tokens are never exposed to third-party marketing systems.

Cookie Transparency

We use session cookies to keep you logged in and analytics cookies to understand how you navigate the platform. You can manage cookie preferences in your browser settings at any time without losing your account access.

Account Security Controls

Two-factor authentication is available for all accounts under Settings > Security. We log every login attempt with timestamp and device ID, and we alert you by email if a new device accesses your account.

Data Retention Schedule

Account registration data is kept for the duration of your active account plus a statutory post-closure period as required by applicable law. Transaction records are retained for audit compliance; session logs are purged after 90 days.

No Data Selling

We do not sell, rent or trade your personal data to third parties for marketing purposes. Data is shared only with payment processors such as DANA and OVO strictly to complete your requested transactions.

Your Right to Request Changes

You may request access to your personal data, correction of inaccuracies, or full deletion of your account data at any time via email or your account dashboard. We confirm every completed request in writing within 48 hours.

Your Privacy Questions Answered

Below are the questions we receive most often about how kentoto handles personal data, what rights you hold over your information, and how to act on those rights. If your question is not covered here, our privacy team is reachable via live chat or email between 08:00 and 23:00 WIB daily.

We collect your name, email address, phone number and a password hash when you register. After that, we record transaction data from your DANA, OVO, GoPay or QRIS payments, along with device identifiers and session logs for security purposes.

We share data only with payment processors — DANA, OVO, GoPay and QRIS — to complete transactions you initiate. We do not sell or share your personal information with unaffiliated marketing companies or data brokers under any circumstances.

Registration and transaction records are retained for a statutory post-closure period as required by applicable law, typically for audit and compliance purposes. Session and behavioural logs are deleted within 90 days of your account closure.

Email our privacy team or submit a request via Settings > Privacy in your account dashboard. We will compile and deliver your data record within 48 hours of receiving your verified request and send written confirmation once it is complete.

Yes. Submit a deletion request through your account dashboard or by email. We will remove your personal data from active systems and confirm the action in writing. Note that certain transaction records may be retained where local law requires it.

Payment data is encrypted in transit via TLS and stored with AES-256 encryption. Your QRIS tokens and OVO wallet references are never passed to third-party advertising systems — they remain inside the payment processing pipeline only.

Contact our live chat team immediately between 08:00 and 23:00 WIB. We will review the login log on your account, flag any unrecognised device sessions and guide you through a secure password reset and two-factor authentication setup.