Your Data Stays Yours
We built hermantoto around your privacy. Every account detail, every transaction through DANA, OVO, GoPay or QRIS, and every session you spend in our lobby is protected by...
How We Collect and Use Your Information
When you open an account with hermantoto, we collect your name, email, phone number and payment details to verify your identity and process deposits through DANA, OVO, GoPay and QRIS. We use this information to deliver your lobby access, process withdrawals, detect fraud and comply with local regulations in supported regions. We do not sell your data to third parties. Your payment
history remains between you and us. We may contact you about account security, promotional updates you've opted into, or service changes that affect your experience.
Service availability is jurisdiction-dependent. Users are responsible for checking local law before access.
Questions About Your Privacy
Email Support
Reach our privacy team at [email protected] with any questions about how we handle your personal data, account security or payment information.
Live Chat
Open the chat widget in your account dashboard to speak with our support team about privacy concerns, data requests or account protection in real time.
Account Settings
Manage your privacy preferences, communication opt-outs and data visibility directly in your account settings under Privacy & Security.
How We Protect Your Trust
SSL Encryption
All data transmitted between your device and our servers uses 256-bit SSL encryption, the same standard banks use to protect financial transactions.
Payment Compliance
We comply with PCI DSS standards for payment card security and maintain separate encrypted vaults for DANA, OVO, GoPay and QRIS transaction records.
Regular Audits
Our security infrastructure undergoes quarterly third-party audits to verify encryption, access controls and data isolation remain current and effective.
Limited Access
Only authorized staff with verified roles can access your personal data, and all access is logged and monitored for suspicious activity.
Data Retention
We retain your account data only as long as your account is active or as required by local law in supported regions. You can request deletion anytime.
Incident Response
If a security incident affects your data, we notify you within 24 hours with details of what happened and steps we've taken to prevent recurrence.