Terms of Service
Defines the account contract; this privacy page describes the data side of that same contract.
This page is our privacy promise to you, written in language you can actually read on a phone. We explain what we collect when you open an account...
When you open an account with us, we collect the basics needed to verify you and run your sessions: name, contact details, date of birth, and the wallet handle you use to move funds. We store this where local law permits and only keep it as long as your account is active or our records duty requires. We share data with payment
partners and identity-check providers strictly to process your transactions and protect your balance. You can request a copy, a correction, or a deletion of your record by writing to our privacy desk, and we'll respond within the window Indonesian regulation expects.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
We don't write this policy once and forget it. Here's who looks at it, how often, and what they check before any new version goes live on hanomantoto.
Our retained Indonesian counsel reads this page every quarter against current data rules. Any wording that drifts from the live legislation gets flagged, rewritten, and dated before the new version replaces this one.
A named data protection lead inside hanomantoto signs off on every change. They hold the master log of what we collect, where it sits, and which staff roles can read which fields.
Each payment and verification partner we use is audited yearly for how they store the data we pass them. If a vendor fails the check, we cut the integration before renewing.
Account credentials and wallet identifiers move through TLS in transit and are encrypted at rest. Internal tooling masks sensitive fields by default so staff see only what their role strictly needs.
If a security event touches your record, we contact you through the email on file and through the in-lobby banner. Our notification window follows the tighter of regulator deadlines or 72 hours.
Every policy revision is archived with a date stamp. You can request prior versions through the privacy inbox if you need to compare what was in force when you opened your account.
Our privacy policy lines up with the other legal documents on hanomantoto so you don't get conflicting answers. Here's how the pieces fit together.
Defines the account contract; this privacy page describes the data side of that same contract.
Lists each cookie category; we cross-reference it here so consent choices stay aligned.
Explains identity checks; this policy covers how those verification documents are stored and retired.
Sets monitoring duties; we disclose here which transaction signals are retained for that purpose.
Covers DANA, OVO, GoPay and QRIS flows; we mirror the data-sharing language used there.
Routes disputes; privacy complaints follow the same intake form with a separate review queue.
Describes shutdown steps; this policy states what data survives closure and for how long.
The privacy layout you're reading isn't generic boilerplate. These are the design choices we made to keep policy reading actually readable on the phone you're holding.