LEGAL REFERENCE

Your Privacy Matters to Us

We built amantoto around your trust. This privacy policy shows exactly how we handle your account details, payment information and personal data across every part of our platform...

Data ProtectionPayment SecurityAccount PrivacyTransparent PracticesYour Control
Account access Read FAQ
amantoto Your Privacy Matters to Us

How We Protect Your Information

amantoto operates under Indonesian regulations and international data protection standards. When you join us, we collect only what's needed to verify your identity, process your DANA, OVO, GoPay and QRIS transactions, and keep your account secure. Your personal data stays encrypted and is never shared with third parties without your consent, except where local law requires it. We use industry-standard security protocols

to protect everything from your login credentials to your transaction history. Your privacy choices are always yours to make.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

24/7 SUPPORT

Questions About Your Privacy

Privacy Team Reach our dedicated privacy support team directly. We respond to data requests, privacy concerns and account security questions within 24 hours of contact.
Account Settings Manage your privacy preferences anytime. Control what data we collect, how we use it and what communications you receive from amantoto.
Data Access Requests Request a copy of all personal data we hold about you. We'll compile and deliver your complete data file within the timeframe required by Indonesian law.
WHY VISITORS TRUST US

Why Your Data Is Safe With Us

Encryption Standard

All data transmitted between your device and our servers uses 256-bit SSL encryption, the same standard banks use to protect...

Regular Security Audits

We conduct independent security reviews quarterly to identify and fix vulnerabilities before they become risks to your account.

Compliance Framework

Our privacy practices align with GDPR standards and Indonesian data protection law, ensuring your rights are respected regardless of where...

Payment Data Isolation

Your DANA, OVO, GoPay and QRIS details are processed through PCI-DSS compliant payment gateways and never stored on our main...

No Third-Party Selling

We never sell your personal information to advertisers, data brokers or marketing firms. Your data stays yours and ours alone.

Transparent Logging

Every access to your account data is logged and auditable. You can request a full activity report showing who accessed...

BENCHMARKED

How Our Policy Stands Up

01

Data Minimization

We ask for only the information needed to verify your identity and process payments. No unnecessary fields, no hidden data collection.

02

Retention Limits

Personal data is kept only as long as needed for account management and legal compliance. After that, it's securely deleted.

03

User Rights

You can access, correct, download or delete your data anytime. We process these requests without delay or unnecessary friction.

04

Breach Notification

If a security incident affects your data, we notify you within 72 hours with details of what happened and what we're doing about it.

05

Cookie Transparency

We tell you exactly what cookies we use, why we use them and how long they stay on your device. You control which ones to accept.

06

Third-Party Clarity

Any service provider we work with — payment processors, hosting providers, analytics tools — is listed with their data handling practices.

07

Policy Updates

When we change this policy, we notify you in advance and explain what's different. You're never surprised by new privacy terms.

SERVICE CONTEXT

What Defines Our Privacy Approach

Account Verification We verify your identity once during signup using secure methods...
Session Security Your login sessions are protected by multi-layer authentication. If suspicious...
Transaction Privacy Every DANA, OVO, GoPay and QRIS transaction is encrypted end-to-end...
Location Data We collect your location only to comply with regional restrictions...
Communication Consent We only send you emails, SMS or push notifications about...
Deletion Rights Close your account anytime and request permanent deletion of your...

Privacy Questions Answered

We collect your name, email, phone number, date of birth and address during signup. For payments via DANA, OVO, GoPay or QRIS, we also collect transaction data. We never ask for unnecessary information and only use what's needed to verify your identity and process your account.

We delete your personal data within 30 days of account closure, except where Indonesian law requires us to retain records for tax or compliance purposes. Transaction history may be kept longer for audit trails, but it's anonymized and separated from your identity.

Yes. Contact our privacy team and request a data access report. We'll compile everything we hold about you — account details, transaction history, login records and communication logs — and deliver it within 14 days in a readable format.

Your DANA, OVO, GoPay and QRIS details are processed through PCI-DSS certified payment gateways and never stored on our servers. We use 256-bit encryption for all transactions and conduct quarterly security audits to ensure your payment data stays protected.

We never sell your data to advertisers or marketing firms. We only share information with payment processors, hosting providers and compliance authorities where required by law. Every third party we work with is bound by strict confidentiality agreements.

We notify you within 72 hours of discovering any security incident. We'll explain what data was affected, what we're doing to fix it and what steps you should take to protect your account. We also report the breach to relevant authorities as required by law.

Absolutely. You can unsubscribe from promotional emails, SMS and push notifications anytime through your account settings. We'll only send you messages about account security, transaction confirmations and updates you've explicitly requested.