smktotoPrivacy Policy

This page describes what we collect when you use smktoto and how we keep that data protected. We collect personal information when you create an account, verify your identity, deposit funds, place bets on football markets like Liga 1 and Piala AFF, use live-dealer tables, or withdraw winnings. We handle your data according to strict security standards and regional data-protection laws.

Our smktoto platform processes your information to deliver account management, payment processing, legal compliance, and fraud prevention. We encrypt all data in transit and at rest using industry-standard protocols. We do not sell your personal information to third parties, and we limit staff access to data on a need-to-know basis. This policy explains your rights and our obligations as your data processor.

Our services are available only where local law permits. Users are responsible for verifying that access and use comply with their own jurisdiction's regulations.

What Data We Collect on smktoto

We collect personal data necessary to operate your smktoto account and comply with legal obligations. When you sign up, we collect your email address, phone number, and full legal name. During Know Your Customer (KYC) verification, we collect government-issued ID details (national ID number, passport number, expiry date) and proof of address. We store these documents securely in encrypted databases.

When you deposit or withdraw funds via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, or bank transfer (mobile banking, local payment, online payment, e-wallet), we record the transaction details — deposit amount, payment method, timestamp, and your account reference. We do not store your banking credentials; payment processors handle those separately. When you place bets on football fixtures, live-dealer tables, slot games, or esports markets, we log your bet details (stake, odds, outcome) for settlement and compliance records.

We also collect technical information: your IP address, device type, operating system, browser version, and cookies. This helps us provide a secure experience, identify fraud, and troubleshoot technical issues. We track your login history (date, time, device, location) so you can review account access patterns.

How We Use Your Data

We use your personal information for account management — verifying your identity, processing deposits and withdrawals, settling bets, and resolving disputes. We use payment information to send your withdrawals to your original funding method. We use your email and phone to send account notifications, payment confirmations, and support responses.

We use technical data (IP address, device fingerprint, login patterns) to detect and prevent fraud, account takeover, and unauthorized access. We monitor for suspicious activity like rapid fund transfers from new locations or abnormal betting volumes. We use your data to comply with legal requirements — Know Your Customer (KYC) verification, anti-money-laundering (AML) checks, and regulatory reporting in jurisdictions where smktoto operates.

We do not use your data for marketing purposes without your explicit consent. We do not sell or lease your personal information to third parties. We do not use your data to build profiles for targeted advertising. Our use of your data is limited to the purposes above and any other use you explicitly authorize.

Your Data Is Not Sold or Shared for Profit

We do not sell your personal information to advertisers, data brokers, or other commercial entities. We share data only with payment processors and legal authorities when required by law.

Third-Party Data Processors

We work with trusted third parties to deliver smktoto services. Payment processors (handling mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, and bank transfers) receive your transaction data and payment details. These processors are contractually bound to protect your data and use it only for payment processing. Our hosting provider stores our servers and databases; their data centers may be located outside your jurisdiction. We encrypt data before storage so the hosting provider cannot view unencrypted information.

Our KYC verification vendor receives your ID documents and proof of address; they perform identity verification and return a pass/fail result to us. They do not retain your documents after verification. Our live-dealer and slot-game providers receive minimal data — your account ID and bet stakes — needed to process games. We require all third parties to sign data-protection agreements and comply with encryption standards equivalent to our own.

Cookies and Tracking Technologies

We use cookies to remember your login session, store your language preference, and track your navigation within smktoto. Session cookies expire when you close your browser; persistent cookies may remain for up to one year. We use these cookies only to improve your user experience and detect security anomalies. We do not use cookies for third-party tracking or advertising.

You can control cookies via your browser settings — most browsers allow you to block or delete cookies. If you disable cookies, some smktoto features (such as staying logged in) may not work. We respect Do Not Track (DNT) browser signals and do not install tracking pixels or analytics cookies that would violate your DNT preference.

Note: We do not use third-party analytics tools (such as Google Analytics) that would share your browsing data outside smktoto. Our analytics are performed internally on encrypted, anonymized data.

Data Retention and Deletion

We retain your personal data for as long as your smktoto account is active, plus a retention period required by law. KYC documents are typically retained for 5–7 years following account closure for compliance and regulatory purposes. Betting history, payment records, and login logs are retained for 3 years for dispute resolution and fraud investigation. If you request account deletion, we remove your data from active systems but retain records needed for legal compliance and financial audits.

You can request deletion of your data by contacting our support team, subject to legal retention obligations. We will confirm deletion of non-essential data and explain any legal reasons why certain records must be retained. You cannot delete KYC documents during the legal retention window, as these are required for regulatory compliance.

Your Rights and Our Responsibilities on smktoto

You have the right to access your personal data — request a copy of all information we hold about you. You have the right to correct inaccurate data (for example, if your name is misspelled in our system). You have the right to request deletion of data we no longer need, subject to legal retention requirements. You have the right to withdraw consent for data processing we are conducting with your explicit permission.

We are responsible for securing your data using encryption, access controls, and regular security audits. We are responsible for notifying you promptly if your data is breached or misused. We are responsible for processing your requests to access, correct, or delete data within 30 days. We are responsible for maintaining transparent records of how we use your data.

To exercise your rights, contact our support team through official smktoto channels. Provide your account email and the specific right you wish to exercise (access, correction, deletion). We will verify your identity before processing your request and respond with an explanation of our findings. If we deny your request (for example, because data is required by law), we will explain the legal reason.

Data Security Measures

All data transmitted to and from smktoto is encrypted using TLS/SSL protocol — the same standard used by banks. Your personal information is stored in encrypted databases; even if our servers were physically compromised, the data would be unreadable without decryption keys. We limit staff access to data on a need-to-know basis — only support agents and compliance officers can view sensitive information, and all access is logged and audited.

We conduct annual third-party security assessments and penetration testing. We update our security protocols regularly to address emerging threats. If we discover a data breach, we notify affected users and relevant authorities as required by law. We maintain cyber insurance to cover potential data-breach costs.

International Data Transfers

Our servers and payment processors may be located outside your jurisdiction. When your data is transferred internationally, we ensure it remains encrypted and protected to the same standard as if stored locally. We comply with data-transfer regulations in jurisdictions where smktoto operates. If you have concerns about international data storage, you can contact our support team for details on server locations and data-protection measures.

Note: By using smktoto, you consent to international data transfer where necessary to deliver our services (payment processing, hosting, compliance). We encrypt all such transfers.

Contact and Policy Updates

If you have questions about this privacy policy, data handling, or your rights, contact our multilingual support team through official smktoto channels. We will respond within one business day. We update this privacy policy periodically to reflect changes in our data practices or legal requirements. We will notify you via email if material changes occur. Your continued use of smktoto after policy updates indicates your acceptance of the new terms.

Our services are available only where local law permits. Users are responsible for verifying that access and use comply with their own jurisdiction's regulations and data-protection laws. If you have concerns about data handling or believe we have violated your privacy rights, you can file a complaint with your local data-protection authority.