Reference

Your Rights and Our Legal Commitments

cosmictoto operates under a clear legal framework designed to protect your account, your data, and your transaction records — where local law permits.

Account Data ProtectionIndonesia Jurisdiction ClauseDANA, OVO, GoPay & QRIS CoveredCookie Policy IncludedContact Rights Outlined
cosmictoto Your Rights and Our Legal Commitments
CONTACT CHANNELS

How to Reach Us on Legal Matters

If you have a question about your rights, want to request your stored data, or need to dispute a policy decision, our dedicated legal-response team is reachable through three direct channels.

Live Chat Reach us through the live chat window inside your account dashboard — available daily 08:00–23:00 WIB, including for formal data-access and policy queries.
Email Support Send a written legal request to our support email. We acknowledge formal data or policy requests within one business day and resolve them within two business days.
Account Help Centre Log in, navigate to Account Settings, then select 'Legal & Privacy' to submit a structured data-request or policy dispute form directly tied to your account ID.
SECURITY AND ACCOUNTABILITY

How cosmictoto Handles Your Data and Account

Our security and data practices are built around six pillars that cover everything from how cookies work on your device to how long we hold withdrawal verification records.

Data Collection Scope

We collect your name, contact details, payment method identifiers (DANA, OVO, GoPay, QRIS) and device fingerprint at registration. No additional data is collected without your explicit action inside the account.

Cookie Policy

Our site uses session cookies for login state and analytics cookies to measure page performance. You can manage or withdraw cookie consent at any time via the cookie banner on your first visit or inside browser settings.

Account Security

Every account is protected by two-factor authentication via SMS OTP. Your password is stored as a salted hash — our staff cannot read it. Suspicious login attempts trigger an automatic account lock and email alert.

Data Retention Period

Transaction records including DANA, OVO, GoPay and QRIS deposits and withdrawals are retained for 12 months minimum. Account profile data is held for the duration of your active account plus 6 months after closure.

Your Right to Access

You may request a full export of your personal data at any time. Submit the request via Account Settings under 'Legal & Privacy' or by emailing support; we fulfil exports within five business days.

Requesting Changes or Deletion

To correct inaccurate data or request account deletion, contact us via live chat or email with your account ID. Deletion requests are processed within 14 business days, subject to mandatory retention obligations.

Answers to Your Legal Policy Questions

These are the questions we hear most often about our legal policy, account rights and data practices. Each answer is specific to how cosmictoto operates for account holders in Indonesia — not a generic template response.

Yes. The availability of certain account features and services depends on local law in your region of Indonesia. We apply jurisdiction-based access controls automatically, and your account dashboard will reflect what is currently permitted where you are.

We store your registration details, login history, payment method identifiers for DANA, OVO, GoPay and QRIS, and transaction timestamps. This data is held securely and is accessible to you on request through the Account Settings panel.

Log in, go to Account Settings, and select 'Legal & Privacy', then choose 'Request Data Export'. Alternatively, email our support team with your account ID. We fulfil all export requests within five business days of verification.

Yes. Submit a deletion request via live chat or email. We process account closures within 14 business days. Some transaction records may be retained longer where mandatory legal retention rules apply under applicable Indonesian regulations.

Payment identifiers are encrypted at rest and in transit. We share them only with our payment-processing partners for transaction clearing. We do not store full wallet credentials — only anonymised transaction reference IDs are kept in our records.

You have the right to raise a formal complaint via our support email or live chat. We acknowledge written complaints within one business day and provide a resolution response within five business days, with full documentation of our findings.

Session cookies keep you logged in during your visit and are deleted when you close your browser. Analytics cookies collect anonymised usage data only. You can disable non-essential cookies at any time through the cookie consent banner or your browser settings.