kristotoPrivacy Policy
This page describes what we collect when you use kristoto and how we keep that data protected. We at kristoto understand that your privacy matters, and we handle your personal information with care—collecting only what we need for account verification, fraud prevention, and service delivery. Our commitment is transparency: we explain which data we gather, who we share it with, and what rights you have over your own information.
Our privacy practices follow Indonesian data protection principles and apply wherever you access kristoto. If you have questions about how we use your data, contact our privacy team at [email protected] and we will respond within 14 days. This policy updates occasionally, and we notify you of material changes by email or through your kristoto account dashboard.
What Data We Collect on kristoto
We collect data in several categories. First, account information: when you register with kristoto, we ask for your legal name, date of birth, email address, and phone number. We verify this information against government ID (Indonesian KTP, passport, or driver's licence) and a recent utility bill or bank statement showing your address. We store this data securely and use it only for identity verification and fraud detection.
Second, transaction data: we record every deposit, withdrawal, and tournament entry on your kristoto account. These records include the amount, payment method (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer via mobile banking, local payment, online payment, e-wallet), timestamp, and status. We keep transaction logs for compliance and dispute resolution.
Third, activity data: we track which slot games you play (Aviator, Sweet Bonanza, Gates of Olympus, Fortune Tiger, Mahjong Ways), how long you stay logged in, and which sections of kristoto you visit. We do not record your actual game outcomes or bet amounts in personal profiles; we use aggregate activity data to improve platform performance and security.
Fourth, device and connection data: we log your IP address, device type, browser version, and approximate location (city level only, not precise coordinates). This helps us detect unauthorized access attempts and comply with our service terms.
How We Use Your Data
We use your kristoto data for five main purposes. First, account management: we verify your identity, manage your wallet balance, and process deposits and withdrawals. Second, legal and regulatory compliance: we conduct KYC checks, detect money laundering, and respond to court orders. Third, fraud and security: we monitor for suspicious patterns—multiple rapid deposits, coordinated logins from different cities like Jakarta and Surabaya, or unusual tournament betting—to protect your account and our platform.
Fourth, service improvement: we analyze how users interact with kristoto's slot tournaments and sportsbook to fix bugs and add features. We do this using anonymized data whenever possible. Fifth, marketing: we send you promotional emails about upcoming tournaments and seasonal offers around Liga 1 or Piala AFF, but only if you have not opted out. You can disable marketing emails at any time through your kristoto account settings.
Third Parties and Data Processors
We share your data with trusted service providers only when necessary. Our payment processors (mobile banking, local payment, online payment, e-wallet, mobile banking, and bank partners) receive the minimum data needed to process transactions. Our hosting provider stores our servers and databases; our servers may sit outside Indonesia, but all data transfers use encryption. Our compliance team uses external verification services to check government ID and bank statements during KYC; these services do not retain your documents after verification.
We are required by law to share data with government authorities and regulators when we receive a valid legal request. We do not share data voluntarily; we require a court order, warrant, or formal regulatory demand before disclosing personal information to any government body.
Cookies and Tracking
We use cookies on kristoto to remember your login session, remember your language preference, and track how you navigate our platform. These cookies last as long as your session or up to one year, depending on type. We do not use third-party tracking cookies or allow advertisers to place tracking pixels on our site. You can disable cookies in your browser settings, though this may limit some kristoto features.
Your Rights on kristoto
You have the right to access, correct, or delete your personal data. To exercise these rights, contact [email protected] with your account ID and a description of your request. We respond within 14 days. You also have the right to data portability: if you want a copy of your kristoto account data in a standard format, we provide it at no charge. If you believe we have violated your privacy, you can file a complaint with your local data protection authority.
Privacy is not a feature we add—it is foundational to how we operate kristoto.
Data Security and Retention
We protect your kristoto data using industry-standard encryption (TLS 1.3 for data in transit, AES-256 for data at rest). Our systems undergo regular security audits, and we limit access to your data to staff members who need it for their work. We do not keep your data longer than necessary: KYC documents are archived for 7 years to comply with anti-money-laundering law; transaction records are kept for 10 years for financial audit purposes; account activity logs are deleted after 1 year unless needed for an investigation.
If we suffer a data breach, we notify affected users within 72 hours and provide guidance on securing your kristoto account. We have never experienced a breach; we invest continuously in security infrastructure and staff training to keep it that way.
Jurisdiction and Updates
Our kristoto platform operates under jurisdiction-restricted access; we provide services only where applicable local law permits. Your data may be stored, processed, or accessed from outside your home jurisdiction, but we apply the strongest protections available under law. If we update this privacy policy, we notify you by email at least 30 days in advance. Your continued use of kristoto after the effective date means you accept the updated policy. If you do not agree, you have 30 days to close your account before the changes take effect.
For the most current version of this privacy policy, visit this page. For questions, contact [email protected] or use the live chat available during business hours on your kristoto account dashboard.