catoPrivacy Policy

This page describes what we collect when you use cato and how we keep that data protected. We collect your email, phone number, identity documents, and payment information to verify your account and process deposits via DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, and e-wallet. We do not sell your data to third parties, and we encrypt all sensitive information in transit and at rest.

Our cato platform operates in supported jurisdictions only. Your data may be stored on servers located outside your region, subject to applicable data-protection law. We maintain industry-standard security practices and conduct regular audits to ensure compliance with privacy standards.

Below we outline our data collection, storage, usage, third-party sharing, your rights, cookies, and how to contact us regarding privacy concerns.

What Data We Collect on cato

We collect the following information when you register and use cato:

  • Account registration data: email address, phone number, password hash, username.
  • Identity verification documents: KTP, passport, or driver's license photos; we use OCR to extract name, date of birth, and ID number for anti-money-laundering compliance.
  • Payment information: your registered DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, or e-wallet account details; we do not store full credit-card numbers but retain transaction references and settlement statuses.
  • Behavioral data: your betting history, game selections, deposits, withdrawals, login times, and device information (IP address, user agent, operating system).
  • Communication records: emails, live-chat transcripts, and support tickets you send to our team.

We collect this data for account verification, fraud prevention, settlement reconciliation, customer support, and regulatory compliance. We do not use your data for marketing unless you explicitly opt in; opt-out is available in your account settings at any time.

Your data is encrypted in transit and at rest

We transmit all sensitive data over HTTPS and store encryption keys separately from databases. Your identity documents and payment details are encrypted with AES-256.

How We Use Your Data

Our cato platform uses your data for the following purposes:

  • Account verification: We verify your identity and phone number to prevent account takeover and meet anti-money-laundering requirements.
  • Payment processing: We share your account details with mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, and local payment processors only to confirm deposits and process withdrawals. We do not retain copies of full payment credentials.
  • Fraud prevention: We analyze your betting patterns, login locations, and device data to detect unauthorized access and suspicious activity.
  • Customer support: We use your communication history to respond to inquiries and resolve disputes on cato.
  • Regulatory compliance: We retain transaction logs and identity documents to comply with anti-money-laundering and tax-reporting obligations in supported jurisdictions.
  • Service improvement: We analyze aggregated behavioral data (without personal identifiers) to improve game performance, payment flows, and platform stability on cato.

We do not use your data to profile you for betting recommendations or to predict your behavior for marketing. We do not sell your data to advertisers, data brokers, or third-party marketers.

Third-Party Processors and Data Sharing

Our cato platform relies on third-party vendors to operate securely. We share data only as necessary:

  • Payment processors: We send your payment method and transaction amounts to online payment, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, and e-wallet to confirm deposits and initiate withdrawals.
  • Identity verification providers: We submit your identity documents to third-party OCR and liveness-check services to verify your KTP, passport, or driver's license.
  • Cloud hosting providers: We store your data on encrypted cloud servers operated by industry-standard hosting vendors. Our servers may be located outside your jurisdiction.
  • Customer support platforms: We use third-party live-chat and email systems to manage support tickets.
  • Legal and regulatory authorities: We disclose data only when legally required by court order, government agency, or anti-money-laundering regulator.

We do not share your personal data with any processor without a written data-protection agreement. Each processor is contractually obligated to use your data solely for the purpose we specify and to maintain security standards equivalent to our own.

Your Rights and Data Access on cato

You have the following rights regarding your data on cato:

  • Access: You may request a copy of all personal data we hold about you. Submit a request via our support contact (see below); we will provide your data within 30 days.
  • Correction: If your data is inaccurate, contact us to update your email, phone, or address in your cato account settings.
  • Deletion: You may request deletion of your account and associated data. We will delete your account and personal identifiers within 30 days, but we retain transaction logs for regulatory compliance as required by law.
  • Portability: You may request your data in a portable format (CSV or JSON). We will provide this within 30 days.
  • Opt-out of marketing: You may disable promotional emails and push notifications in your cato account settings at any time.

To exercise any of these rights, contact our support team at the address provided below. We will verify your identity before processing your request.

Note: We retain transaction data and identity documents for regulatory compliance. Even after account deletion, we may keep logs for anti-money-laundering and tax-reporting obligations.

Cookies and Tracking Technology

Our cato platform uses cookies to maintain your login session, remember your preferences, and analyze site performance. We do not use cookies for tracking across unrelated websites.

  • Session cookies: These temporary cookies expire when you close your browser. They keep you logged in during your cato visit.
  • Preference cookies: We store your display language, notification settings, and bookmarked markets in a cookie so they persist across sessions.
  • Analytics cookies: We use basic analytics (page views, click patterns) to improve cato performance. These cookies do not contain personal identifiers.

You may disable cookies in your browser settings; however, doing so may impair your ability to log in and use cato. We do not use third-party tracking pixels or retargeting cookies.

Data Retention and Jurisdiction

We retain your data as follows:

  • Account registration data: Retained while your account is active; deleted within 30 days of account closure, except as required for regulatory compliance.
  • Identity documents: Retained for five years to comply with anti-money-laundering and tax-reporting rules.
  • Transaction logs: Retained for seven years for audit trails and dispute resolution.
  • Support communications: Retained for two years after resolution of your support ticket.

Our servers may be located outside your jurisdiction. Your data may therefore be subject to foreign data-protection laws. By using cato, you consent to data transfer to supported jurisdictions and storage on international servers. If you do not accept these terms, do not register on cato.

Security on cato

We employ industry-standard security practices:

  • Encryption: All data in transit is encrypted with TLS 1.2 or higher. Data at rest is encrypted with AES-256.
  • Access controls: Only authorized staff can access your personal data; access is logged and audited.
  • Authentication: We support two-factor authentication (SMS and authenticator apps) on cato to protect your account.
  • Penetration testing: We conduct regular security audits and penetration tests to identify and remediate vulnerabilities.

Despite our best efforts, no system is completely secure. If we discover a data breach affecting cato, we will notify affected users and relevant authorities within the timeframe required by law.

Contact Us Regarding Privacy

If you have questions about our privacy practices on cato, wish to exercise your data rights, or report a privacy concern, contact us:

  • Email: [email protected]
  • Live chat: Available via your cato account dashboard during support hours.
  • Postal address: Available upon request via support contact.

We will respond to privacy inquiries within 14 days. If you are unsatisfied with our response, you may file a complaint with your local data-protection authority.

Policy Changes

We may update this privacy policy to reflect changes in our practices or applicable law. We will post changes on this page and update the "last modified" date. Continued use of cato after changes constitute your acceptance of the updated policy. If you do not agree to changes, you may request account closure.

Our cato privacy practices are designed to protect your data while enabling secure deposits, withdrawals, Liga 1 betting, live-dealer play, and esports markets in supported jurisdictions. Your privacy is a core commitment we make to every account holder on our platform.