mimpitotoPrivacy Policy

This page describes what we collect when you use mimpitoto and how we keep that data protected. When you create an account, deposit funds via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer (mobile banking, local payment, online payment, e-wallet), or place bets on Liga 1 matches, Piala AFF tournaments, or live-dealer tables, you share information with us. We take your privacy seriously and comply with applicable data-protection regulations in the jurisdictions where we operate.

Our privacy commitments are straightforward: we collect only the data we need to verify your identity, process your payments, settle your bets, and provide support. We do not sell your personal information to third parties. We do not use your gaming activity for marketing to other companies. We encrypt sensitive data and segregate it from our operational systems. We allow you to request, correct, or delete your data subject to legal obligations.

The following sections explain our collection practices, how third parties (payment processors, streaming providers, game suppliers) access your data, your rights, and how to contact us with privacy concerns.

What we collect and why

We collect your name, date of birth, address, phone number, and email address to verify your identity before you can place real-money bets on mimpitoto. This is a regulatory requirement—we must confirm you are of legal age and that the account belongs to you. We also collect your payment details (bank account numbers, wallet identifiers, QRIS linked accounts) to process deposits and withdrawals.

When you use mimpitoto, we log your betting activity: which games you played, how much you wagered, which outcomes won or lost, your account balance, and timestamps. This data is stored on our servers and is used to settle bets, prevent fraud, and respond to disputes. We also collect technical information: your IP address, device type, browser version, and connection speed. This helps us diagnose app crashes, optimize our streaming performance, and detect unusual account access patterns.

We do not intentionally collect biometric data, location data, or health information on mimpitoto. If your device permits, we may request access to your device contacts or camera for two-factor authentication or customer-support video calls, but these are optional features you can decline.

Third parties who access your data on mimpitoto

Our payment processors (the acquiring banks and wallet providers that handle e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, and direct transfers) receive your name, account details, and transaction amounts. These processors are bound by their own privacy policies and payment-card industry standards.

Our live-dealer studio partners (who broadcast blackjack, roulette, baccarat, and Dragon Tiger tables) may see your username and stake amounts to monitor fair play and prevent collusion. They do not see your name, address, or payment details.

Our game suppliers (who provide Aviator, Sweet Bonanza, Gates of Olympus, Fortune Tiger, and Mahjong Ways) receive aggregate data about gameplay patterns to optimize game mechanics and detect fraud. Individual player names are pseudonymized before being shared.

Our customer-support platform logs conversations between you and our team. These logs are stored on secure servers and are accessible only to our support staff and management. If you contact us via live chat about account issues during periods around Idul Fitri, Idul Adha, Imlek, or Nyepi, your messages are retained for dispute resolution and compliance.

Your data on mimpitoto may be processed outside your jurisdiction

Our servers and those of our payment processors and studio partners may be located outside Indonesia. By using mimpitoto, you consent to your data being transferred, stored, and processed across borders in accordance with applicable law.

Cookies and tracking on mimpitoto

We use cookies to maintain your login session, remember your preferred language, and track your navigation within the mimpitoto app or website. These are first-party cookies set by our servers, not by third parties. They do not track you across other websites. You can delete cookies in your browser settings, but this may log you out of mimpitoto.

We do not use cookies to profile your gambling behaviour for targeted advertising. We do not track your activity on external websites. Our analytics data (which pages you visit, how long you spend on each, which games you open) is aggregated and anonymised so we cannot connect it back to you individually.

Your rights and our mimpitoto data practices

You have the right to request, correct, or delete your personal data held by mimpitoto, subject to legal and regulatory constraints. For example, we may need to retain your betting history for tax or anti-fraud purposes even if you request deletion. Contact our live-chat support team to begin a data request. We will respond within 30 days with details of what we hold and what we can modify.

You have the right to withdraw consent for optional data collection—for instance, opting out of marketing emails or declining device-access permissions. These choices do not affect your ability to use mimpitoto's core features (gaming, sportsbook, deposits, and withdrawals).

We retain your account data as long as your mimpitoto account is active, plus a retention period of two years afterward for regulatory compliance. After that, we securely delete or anonymise your data, except where law requires us to retain records longer.

Identity verification: We collect your name, date of birth, and address to comply with regulatory requirements and prevent fraud.
Payment data: We share your bank account or wallet details with payment processors to settle deposits and withdrawals.
Betting activity: We log all wagers, outcomes, and balance changes on mimpitoto to settle bets and prevent fraud.
Technical data: We collect IP address, device info, and connection speed to optimise app performance and security.

Security measures on mimpitoto

We encrypt your password using one-way hashing so that even our staff cannot see it. All data transmitted between your device and our servers uses TLS encryption (HTTPS). Your payment details are processed through PCI-compliant payment gateways, not stored on our servers. Your account wallet is segregated from our operating funds—it is held in trust and belongs to you.

We conduct regular security audits and penetration testing. If we discover a data breach, we will notify affected users and relevant regulators within the timeframes required by law. We maintain cyber-insurance to cover potential incidents.

Changes to this policy

We may update this privacy policy as our practices or applicable laws change. We will notify you via email of material changes and will ask for your consent if required. Your continued use of mimpitoto after an update means you accept the new terms.

Contact us about privacy

If you have questions about how we handle your data on mimpitoto, or if you wish to exercise your data rights, contact our support team via live chat. They can direct your request to our data-protection officer or compliance team. You can also reach us during business hours through our support channels in Jakarta, Surabaya, Bandung, Medan, and Semarang. Our services are available only where local law permits, and you are responsible for ensuring your access complies with your jurisdiction's regulations.