LEGAL REFERENCE

How We Handle Your Account Data

This is our privacy policy in plain English. We wrote it so you know exactly what we collect when you open an account with wisdomtoto login, why we...

Plain-English PolicyIndonesia ScopeAccount Data OnlyUpdated & DatedReader-Friendly
Account access Read FAQ
wisdomtoto login How We Handle Your Account Data

Our Privacy Posture & Jurisdiction Notes

We collect the minimum your account needs: your sign-in identifiers, the device you log in from, and the e-wallet handle you nominate for cashier flows. Your data is processed where local law permits, with storage tied to supported regions for Indonesia. We never sell your details to third parties, and we share only with payment processors and identity checks required to keep

the lobby compliant. You can request access, correction or removal of your record at any time by writing to our privacy desk. This policy applies across desktop and mobile sessions, and is reviewed each quarter so the wording matches what actually happens behind your account.

Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.

SUPPORT

Privacy Contact Paths

Reach our privacy team directly through any of these channels. We answer data questions separately from cashier or lobby tickets so your request lands with the right desk.

Privacy Email Write to our dedicated privacy mailbox for data access, correction or deletion requests. We acknowledge within one business day and resolve standard requests inside seven days where local law permits.
In-Account Form Sign in and open the privacy form from your account menu. It pre-fills your reference so we can match the request to your record without you sharing extra identifiers in plain text.
Live Chat Desk Our chat agents triage privacy questions and escalate them to the data team. Use chat if you need to confirm whether a session, device or e-wallet handle is still tied to your account.
TRUST MARKERS

How We Review This Policy

Quarterly Review

Our compliance desk re-reads this page every quarter against current Indonesia data practice. If wording drifts from what the system...

Named Owner

A named privacy lead signs off every revision. That person is reachable through the privacy mailbox, and escalations don't get...

Plain Language

We strip legalese where we can. If a clause has to stay technical for jurisdiction reasons, we add a short...

Change Log

Every edit to this policy is logged with a date and a one-line summary. You can scan the log before...

Processor List

We name the categories of processors who touch your data — cashier rails, identity checks, fraud screens — so you...

Reader Feedback

If a clause reads ambiguously, tell us. We've rewritten paragraphs based on reader notes before, and we credit that feedback...

Consistency Across Our Policy Pages

Terms of UseOur terms govern account conduct; this privacy page governs data. Where they overlap on identity checks, both pages use the same wording so you don't read two different versions of the same rule.
Cookie NoticeThe cookie notice handles browser storage specifically. This policy references it but doesn't duplicate the table of cookies, keeping each page focused on its own scope.
AML StatementAnti-money-laundering checks are described in the AML page. We cross-link rather than repeat, so updates to AML wording don't fall out of sync with privacy.
KYC NotesIdentity verification steps live in the KYC notes. This policy explains what happens to those documents after the check completes and how long they stay on file.
Cashier PageThe cashier page covers payment mechanics. This page covers what we record about your DANA, OVO, GoPay or QRIS handle and why.
Account ClosureClosure flow is documented separately, and this policy explains what data is purged versus retained for legal hold once the account closes.
Complaints PathThe complaints page sets out escalation. Privacy complaints follow the same path but route to the data lead first, as noted in both pages.
SERVICE CONTEXT

What This Policy Page Covers

These are the sections you'll find on this page and what each one is for. Use them as anchors when you come back to check a specific clause rather than re-reading the whole text.

01
Data Categories A clear list of the data we collect: account credentials, session metadata, device fingerprint, and the e-wallet handle you use at the cashier. Nothing collected is hidden from this list.
02
Retention Windows How long each category stays on file, broken down by purpose. Active account data persists while you sign in; closed-account data is held only for the legal window required in supported regions.
03
Your Rights Access, correction, deletion, portability and objection rights are spelled out with the exact route to exercise each one. No buried forms — every right has a named contact path.
04
Sharing Map Categories of third parties who process data on our behalf, why they need it, and the legal basis under which we share. You can ask for the current named list at any time.
05
Security Posture The technical and organisational measures we apply to your record, described in practical terms — encryption at rest, restricted access, and audited logs for staff who touch account data.
06
Change Log A dated record of every revision to this page, with a one-line note on what shifted, so returning readers can scan for changes without re-reading the whole policy.

Privacy Questions We Get Asked

We collect your sign-in identifier, a password hash, the device you register from, and the e-wallet handle you nominate for the cashier. Anything beyond that is collected only when a specific feature needs it.

Yes, but only the fields needed to settle a cashier instruction with DANA, OVO, GoPay or QRIS. We don't pass behavioural data to processors, and the sharing is logged on your account record.

Active session data is purged shortly after closure. Identity and transaction records are held for the legal retention window required in supported regions, then deleted on schedule and removed from active systems.

Yes. Send an access request through the privacy mailbox or the in-account form. We acknowledge within one business day and return your record inside the statutory window where local law permits.

Use the in-account form for routine fields like contact details. For identity-document corrections, write to the privacy desk with the corrected document attached and we'll update the record and confirm in writing.

Only with your opt-in. You can withdraw consent from your account preferences at any time, and the change applies on the next session — no follow-up message from us is needed to confirm.

Every revision is dated and summarised in the change log on this page. Material changes are also surfaced as an in-account notice the next time you sign in, so you don't miss them.