bentoto Casino & Sportsbook Data Care

This page describes what we collect when you use bentoto and how we keep that data protected. We at bentoto operate an online entertainment service offering sportsbook markets (Liga 1, Piala AFF, Champions League), live-dealer tables, slot games, and esports betting. Your account on bentoto requires personal information (email, identity documents, payment details) to function. We collect, store, and process that data according to standard privacy practices, and we do not share or sell your information to third parties for marketing or profit.

Our privacy practices apply to all bentoto users across supported jurisdictions. We acknowledge that our servers and data processors may sit outside your home jurisdiction (Indonesia). We undertake to protect your data with encryption and access controls, but we cannot guarantee absolute security—data breaches, server failures, or government requests may compromise your information. This policy outlines what we collect, how we use it, your rights, and how to contact us with privacy concerns.

What Data We Collect on bentoto

We collect personal information in several categories. During account registration on bentoto, we require your email address, full name, date of birth, and national ID number. We ask for your address (for KYC verification and mail correspondence) and phone number (for account recovery and support contact). We store these details in encrypted form in our user database.

During payment processing, we collect payment method details. If you deposit via DANA, e-wallet, mobile banking, local payment, online payment, or e-wallet, we record transaction ID, amount, timestamp, and destination wallet. If you deposit via mobile banking, local payment, online payment, or e-wallet virtual account, we record the virtual account number, transaction reference, amount, and timestamp. We do not store full credit-card numbers or e-wallet passwords; payment processors (mobile banking, local payment, online payment, etc.) handle credential storage on their own systems.

During gameplay and betting, we log your activity: which games you play (slots, live-dealer, sportsbook), your stakes, outcomes, wins, and losses. We record your session timestamps, IP address, browser / app version, and device type. We use this data to detect fraud, settle disputes, and comply with audit requirements. We retain this activity log for at least three years.

Account data: Email, name, DOB, ID number, address, phone number.
Payment data: Deposit/withdrawal method, transaction ID, amount, timestamp (not full credentials).
Activity data: Games played, stakes, outcomes, session logs, IP, device info.
Support data: Messages you send to our support team, account disputes, and our responses.

How We Use Data on bentoto

We use your account data to verify your identity (KYC), authenticate your login, and process deposits and withdrawals. We use payment data to reconcile transactions with payment processors (e-wallet, mobile banking, local payment virtual account, etc.) and detect duplicate deposits or fraudulent transfers. We use activity data to calculate your balance, settle bet outcomes, and generate account statements.

We analyze gameplay patterns to detect unusual activity (rapid large bets, multiple accounts from one IP, withdrawal patterns inconsistent with prior play) that may indicate fraud, account compromise, or attempts to circumvent our terms. We use aggregated, anonymized activity data (not tied to your name) to understand product usage, optimize game load times, and track server performance. We do not use your personal data for targeted advertising or external marketing.

Info: We may disclose your account data to payment processors, banks, and compliance authorities if required by law or if we detect fraud. We do not sell your data to third parties for any reason.

Third-Party Processors and Data Location

Our bentoto platform relies on third-party services. Payment processors (online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) handle your payment credentials and transaction confirmation. We pass transaction reference numbers and amounts to these processors, but they do not share your full account data back to us. Game-software providers (for slots, live-dealer tables) receive anonymized session logs (game type, stake, outcome, timestamp) but not your personal name or email.

Our data servers may be located outside Indonesia (in cloud-hosting centres in Singapore, Australia, or other regions). Data in transit between your device and our servers is encrypted (TLS/HTTPS). Data at rest in our databases is encrypted. However, we cannot guarantee that data stored in other jurisdictions is protected by Indonesian privacy law—your data may be accessible to authorities in those jurisdictions if they issue legal demands.

Your Rights and Data Management on bentoto

You have the right to request your account data from bentoto at any time. Contact our support team via the footer on bentoto.id with your request; we will provide a copy of your account information (email, ID, address, payment history, activity log) within 14 business days. You can update your email, phone number, and address in account settings. You cannot change your name or ID number once registered (for KYC compliance).

You have the right to request deletion of your account and associated data. Deleting your account closes your bentoto profile and prevents further login. However, we retain transaction logs, activity history, and account data for three years after deletion (or longer if required by law or to settle disputes). We cannot retroactively delete data that has already been shared with payment processors or government authorities.

Cookies and Tracking on bentoto

We use browser cookies and local storage to remember your login session, store your language preference, and track your session ID. These cookies are marked "secure" and "httponly"—they are not accessible to third-party scripts and are not transmitted over unencrypted connections. We do not use tracking cookies for external advertising or cross-site profiling. We do not embed third-party analytics services (Google Analytics, Facebook Pixel) on bentoto.

Our mobile app (Android APK and iOS web-clip) does not use cookies but may store session tokens in your device's secure storage. These tokens are encrypted and tied to your device; if you uninstall the app, the tokens are deleted.

Note: We do not use cookies to track you across other websites. We do not share cookie data with advertisers or analytics firms. You can disable cookies in your browser settings, but this may prevent bentoto from functioning correctly.

Data Breach, Contact, and Updates

If we discover a data breach affecting bentoto user accounts, we will notify affected users via email within 72 hours (or as required by law) with details of the breach, affected data categories, and steps you should take (e.g., reset your password). We will file a breach report with relevant authorities if required by local law.

You can contact our privacy team with questions or concerns about your data on bentoto by sending an email via the support contact form on bentoto.id. Reference "Privacy Inquiry" in the subject line. We will respond within 14 business days. If you move to an unsupported jurisdiction (outside where bentoto operates), your account and data remain in our systems; you cannot place new activity or request withdrawals, but we retain your data per our retention policy.

We may update this privacy policy to reflect changes in our practices, law, or technology. We will publish updates on this page with an updated date. Your continued use of bentoto after an update constitutes acceptance of the new policy. If you do not agree with a material change, you may request account deletion as described above.