Reference

Privacy Policy for Your nxtoto Account

nxtoto Privacy Policy explains how we collect, use and protect the account, wallet and device data you provide when you open an account or enter the lobby.

Account dataWallet statusCookie choicesData requests
nxtoto Privacy Policy for Your nxtoto Account
CONTACT PATHS

Get Privacy Policy Help From Your Account

A clear contact route matters when a data question affects your account or wallet record. We ask you to use the support path shown after login so we can connect your request with the correct account without asking you to post personal data in a public channel. Include the subject, account identifier and the action you want us to take.

Team online

Account data desk

Use the account support path to ask which registration details we hold, why they are needed, or how to correct a phone number. We may ask you to complete an account check before discussing private records or changing access data.

Wallet record desk

For DANA, OVO, GoPay, QRIS, bank transfer or virtual account records, send the payment reference through the logged-in support route. We use that reference to locate status data without requesting your wallet PIN or password.

Privacy request desk

Ask us to access, correct or remove eligible personal data through the privacy contact route in your account. State the request clearly, and we will explain any identity check or legal reason that affects the response.

ACCOUNT SAFETY

What We Do With Your Data

Privacy is handled through practical controls rather than broad promises. We keep the policy tied to the steps you take, from opening an account through checking a wallet status or returning to…

Account records

We use your registration details, verification result and account history to provide access, respond to account requests and investigate suspicious sign-in events. We limit internal access to people or systems that need the record for these defined tasks.

Payment references

A DANA, OVO, GoPay or QRIS transaction can create a reference, amount and status record linked to your account. Bank transfer and virtual account records follow the same matching purpose, while wallet passwords and PINs stay outside our requested data.

Cookies and devices

Cookies can keep a session active, remember selected settings and help identify abnormal access. We may record browser type, operating system, IP address and security events when you move between a phone, tablet or desktop.

Account protection

Before we disclose private account data or change a key account field, we may ask you to complete a phone or account verification step. This helps prevent a person with only a payment reference from taking control of your access.

Retention periods

We retain records only for as long as needed for the stated service, account protection, dispute handling or legal duties that apply where local law permits. When a record is no longer needed, we remove it or separate it from direct account identity.

Changes and contact

You can ask for a copy, correction or eligible deletion of personal data through the privacy contact path. We may retain a restricted record when removal would prevent fraud checks, resolve a payment dispute or conflict with a legal duty.

Privacy Policy Answers for Your Account

These Privacy Policy answers address the searches we expect before you open an account or connect an Indonesian wallet. If your situation is not covered, use the logged-in support route and describe the data record or account step involved.

It covers account registration, phone verification, login events, device signals, cookies, game activity records and payment references. It also explains how we handle requests to access, correct or remove eligible data when access depends on local law.

No. We may receive a DANA or QRIS transaction reference, status and related account matching data, but we do not ask for your wallet password or PIN. Send payment questions through the logged-in support path rather than a public message.

Device type, browser, operating system, approximate network location and login events help us keep a session working and identify unusual access. For example, a sudden move from your usual phone to a desktop can trigger an account check.

Yes, you can request access through the privacy contact route in your account. Tell us which record you want, such as registration data, cookie settings or a GoPay transaction reference. We may verify account ownership before releasing private data.

Send a correction request through the logged-in account support path and identify the field that is wrong. We may ask you to complete phone verification before changing contact or access data, particularly when the request could affect your account security.

You may request deletion of eligible personal data through the privacy contact route. We first check identity and explain any records that must remain for payment disputes, security investigations or legal duties where local law permits.

Retention depends on the record and the purpose for keeping it. Login events, account checks and DANA, OVO, GoPay, QRIS or bank references may remain while needed for account protection, dispute handling or applicable legal duties.