inatohelPrivacy Policy

This page describes what we collect when you use inatohel and how we keep that data protected. Our privacy practices centre on account security, fraud prevention, and compliance with anti-money-laundering law. We collect only the information necessary to verify your identity, process your deposits and withdrawals, settle your game outcomes, and respond to your support requests.

We do not sell your personal data to marketers or data brokers. We share information only with payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet), game software providers, and law-enforcement agencies when legally required. Your data is encrypted at rest and in transit. You can request deletion of your account and all associated information at any time.

Read this policy in full before you register. If you have questions about how we handle your data, contact our support team — we respond in English during business hours.

What data we collect on inatohel

When you register on inatohel, we collect your full name, email address, mobile phone number, date of birth, and residential address. We verify your email and phone by sending one-time codes — you must enter both to confirm account ownership.

Before you can deposit or play for real money, we require identity verification. You upload a clear photograph of your government-issued ID (national ID card, passport, or driving licence). We inspect the document to confirm it is genuine and matches your registered name and address. This step is mandatory under anti-money-laundering (AML) law and prevents fraud.

Once your account is active, we collect transaction data: every deposit, withdrawal, game play, and market selection is logged with timestamp and amount. We also collect your IP address and device type (mobile phone, tablet, desktop) each time you log in. This helps us detect suspicious access patterns (e.g., logins from different countries within minutes) and protect your account from unauthorised use.

If you contact our support team, we store your message and our response. We keep these records for two years to resolve disputes and improve our support quality. Payment method details (your bank account number, e-wallet account) are stored encrypted and are never shared with third parties except our payment processors.

Account data: Name, email, phone, date of birth, address, government ID number and document image.
Transaction data: All deposits, withdrawals, game plays, market selections, timestamps, and amounts.
Device and login data: IP address, device type, browser type, and login timestamps for security and fraud detection.
Payment method data: Bank account numbers, e-wallet details, encrypted and shared only with our payment processors.

How we use your data on inatohel

We use your data to verify your identity and comply with anti-money-laundering law. Every account must pass identity verification before cash play is allowed. We cross-reference your ID details with government databases and fraud-detection services to confirm you are who you claim to be.

Your transaction data allows us to process deposits and withdrawals. When you request a payout, our compliance team reviews your transaction history to confirm your withdrawal amount matches your available balance and that your account is in good standing. This review protects both you and us from fraud.

We use device and login data to detect account takeover attempts. If your account logs in from Jakarta one hour and then from Surabaya the next, or from a new device at an unusual time, our system flags it for review. If we detect suspicious activity, we may require re-verification before allowing withdrawals.

We use your contact data (email, phone) to send account notifications: login alerts, deposit confirmations, settlement notices, and support responses. We also use it to contact you if we detect a security issue with your account. You can adjust notification preferences in your account settings, but security alerts are always sent.

Third-party processors and data sharing on inatohel

Our payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, and Indonesian banks mobile banking, local payment, online payment, e-wallet) receive your account number and transaction amount when you deposit or withdraw. We do not share your full personal details with them — only the minimum required to process payment. They handle payment security under their own privacy policies.

Our game software providers (live-dealer studios, slot game providers) do not receive your personal data. They see only your account ID and game outcomes. They do not know your name, address, phone, or payment method.

We may disclose your data to law-enforcement, tax authorities, or financial regulators if legally required (subpoena, court order, or AML investigation). We will notify you of such requests whenever legally permitted. We do not share your data with marketing firms, advertisers, or data brokers. We do not sell contact lists or sell your information to third parties for any reason.

Our servers may sit outside your jurisdiction. Your data may be processed in data centres in countries other than Indonesia. By using inatohel, you consent to this international data transfer. We maintain the same security and privacy standards regardless of server location.

How we secure your data and how long we keep it

All inatohel data is encrypted during transmission (HTTPS) and at rest (AES-256 encryption). Your password is hashed using industry-standard algorithms — we do not store your password in plain text. Payment method details are encrypted and stored in a secure vault separate from your account profile.

We maintain access logs. Every time someone on our team accesses your account data, it is recorded. Only staff members with a business need (support agents, compliance reviewers, technical engineers) can view your information. We audit these logs quarterly for unauthorised access.

We retain your account data as long as your account is active. Once you request account deletion, we purge all personal information within 30 days, with two exceptions: (1) transaction records are kept for six years for AML and tax compliance, and (2) support messages are kept for two years to resolve disputes. If you have an active withdrawal or pending dispute, we retain relevant data until those matters are resolved.

Cookies and tracking: We use essential cookies to keep you logged in and to remember your preferences (language, notification settings). We do not use third-party tracking cookies or sell your browsing data to advertisers. You can disable non-essential cookies in your browser settings without affecting core inatohel functionality.

Your rights regarding data on inatohel

You have the right to request a copy of all your personal data. Contact our support team with your account email, and we will send you a full data export within 10 business days. The export includes your profile, transaction history, and all support messages.

You have the right to correct inaccurate data. If your registered address, name, or phone number is wrong, update it in your account settings. For government ID details, contact support — we may need to re-verify if critical information changes.

You have the right to request deletion of your account. Once you request deletion, your account is closed and all personal data is purged within 30 days (except transaction records retained for compliance). You cannot undo deletion, so ensure you have withdrawn any remaining funds before requesting it.

You also have the right to lodge a complaint with your local data-protection authority if you believe we have mishandled your information. In Indonesia, you can contact the relevant local regulator. We cooperate fully with official investigations.

Updates to our privacy policy and how to contact us

We may update this privacy policy at any time. When we make material changes (e.g., new data retention rules, new processors), we notify all users via email. Your continued use of inatohel after such notification means you accept the updated policy. Minor clarifications (grammar fixes, reordering of sections) do not require notification.

If you have questions about how we handle your data, contact our support team through in-app chat or email. We respond in English during business hours (Monday to Friday, 9am to 6pm local time). For urgent privacy concerns (suspected data breach, unauthorised access), email support immediately — we investigate all such reports within 24 hours.

We at inatohel take your privacy seriously. Your data security and compliance with anti-money-laundering law are our top priorities. By using our platform, you trust us with sensitive information — we honour that trust by maintaining strict security, minimal data collection, and transparent practices.