xrtoto Privacy Policy

This page describes what we collect when you use xrtoto and how we keep that data protected. We at xrtoto take your privacy seriously because account security and data confidentiality are foundational to the trust you place in our platform. Whether you access xrtoto on Android, through an iOS browser, or on desktop, the principles outlined here apply consistently across all our services.

Our privacy commitment is straightforward: we collect only the information necessary to operate our platform, comply with local law, and protect your account. We do not sell your data to third parties for marketing. We do not share your payment details with anyone beyond the payment processors and banks required to settle your transactions. We encrypt sensitive information and limit internal access to authorized personnel only.

This policy is written in plain language so you understand exactly what we do with your information. If you have questions after reading, our support team can clarify any section.

What We Collect and Why

We collect your personal information in stages. During registration, we ask for your email address, full name, date of birth, and phone number. These details allow us to create your xrtoto account, send you important notifications, and comply with identity verification requirements. We do not use this information for marketing unless you explicitly opt in to promotional emails.

When you deposit funds, we collect the payment method you choose—whether that's DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or a bank transfer via mobile banking, local payment, online payment, or e-wallet. We do not store your payment card or e-wallet credentials directly. Instead, we store a reference to your transaction and your payment history so you can track deposits and withdrawals over time. Our payment processors handle the actual credential data according to their own security standards.

For Know-Your-Customer (KYC) compliance, we collect a photograph of your government-issued ID—your national identity card or passport. We store this securely and use it only for verification purposes. We may retain this image for a set period for compliance records, then securely delete it unless local law requires longer retention.

When you play games on xrtoto, we log your gameplay activity, bet amounts, game outcomes, and session timestamps. We use this data to settle payouts correctly, detect fraud, and comply with gaming regulations. We also collect technical data: your device type, operating system version, IP address, and approximate location. This helps us optimize xrtoto for Android and iOS browsers, troubleshoot technical issues, and identify unauthorized access attempts.

Registration data: Email, full name, date of birth, phone. Used for account access and compliance verification only.
Payment history: Deposit and withdrawal records. Retained for audit and settlement purposes; payment credentials never stored by xrtoto.
KYC documents: ID photograph. Used for identity verification; deleted after verification window closes unless law requires retention.
Gameplay data: Bets, outcomes, session logs. Used for settlement, fraud detection, and regulatory compliance.
Technical data: Device type, IP, location, browser version. Used for security, platform optimization, and service delivery.

How We Protect and Share Your Data

Data protection on xrtoto

We encrypt data in transit using industry-standard TLS (Transport Layer Security). At rest, sensitive information like ID photos and deposit records are encrypted using AES-256 encryption. Our servers are protected by firewalls, intrusion-detection systems, and regular security audits. We limit employee access to personal data—only authorized compliance and support staff can view your full record, and they do so only to address your requests or investigate fraud.

We recommend you strengthen your xrtoto account security by enabling two-factor authentication (2FA) when available. This adds an extra verification step when you log in or withdraw funds, significantly reducing the risk of unauthorized access even if your password is compromised.

Third parties and data sharing

We share your data only when necessary: with payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) to settle your transactions; with KYC verification services to confirm your identity; and with compliance authorities if required by law. We do not sell your data to marketing companies, data brokers, or advertisers. Our data-processing agreements with third parties require them to protect your data to the same standard we do.

Our servers may be located outside your jurisdiction. By using xrtoto, you acknowledge that your data may be processed in countries with different privacy laws than your own. However, we apply the same encryption and access controls regardless of server location.

Note: We retain your data only as long as necessary to provide service, comply with law, and resolve disputes. If you request account closure, we securely delete personal data within a standard retention window, except where law requires us to retain records for audit or tax purposes.

Cookies and tracking

We use cookies on xrtoto to store your session token so you stay logged in while browsing. We also use cookies to remember your language preference and gameplay settings. These are functional cookies—they do not track you across other websites. We do not use third-party advertising cookies or trackers. If you disable cookies in your browser, xrtoto may not function properly, so we recommend keeping them enabled.

Your rights and contact

You have the right to access your personal data on xrtoto, request corrections to inaccurate information, and ask us to delete your account and associated data (subject to legal retention obligations). To exercise these rights, contact our support team through the help section of xrtoto or email us directly. We will respond within a standard business window.

If you have a privacy complaint, we encourage you to contact us first so we can address your concern. If you remain unsatisfied and your jurisdiction has a data protection authority, you may lodge a complaint with them.

1

Review your account settings regularlyPrivacy

On xrtoto, check your profile to confirm your registered email and phone number are current. Update them if you change contact details.
2

Use a strong, unique passwordSecurity

Create a xrtoto password that combines uppercase, lowercase, numbers, and symbols. Do not reuse passwords from other accounts.
3

Enable two-factor authenticationProtection

Turn on 2FA in xrtoto settings so you need a second verification step when logging in or withdrawing funds.
4

Log out on shared devicesCaution

If you access xrtoto on a shared phone or computer, always log out when you finish. Do not let your session remain open.

Our privacy practices reflect our commitment to operating xrtoto transparently and ethically. We collect only what we need, protect what we collect, and respect your choices about your data. This policy may be updated from time to time if our practices change or regulations shift. We will notify you of material changes via email or a notice on xrtoto. Your continued use of xrtoto after such changes constitutes acceptance of the updated policy.

Related guides

Legal