Rujukan Laman

How totonuto Handles Your Personal Data

This Privacy Policy explains exactly what personal data totonuto collects when you open an account, how we store it, and the rights you hold over it.

Data collected at account openingTouch 'n Go, GrabPay, Boost dan FPX transaction recordsYour right to access and delete dataMalaysia-jurisdiction data handlingDirect contact path for privacy requests

Explore Lobby Read FAQ

What Data We Collect and Why

totonuto Service availability depends on jurisdiction. It is the user's responsibility to check local law before access.

When you open a totonuto account, we collect the information needed to verify your identity, process deposits and withdrawals, and keep your account secure. This includes your name, email address, contact number, and payment references tied to Touch 'n Go, GrabPay, Boost dan FPX or FPX

1
transactions. We also log device identifiers and session data to protect your account from unauthorised access. How this data is handled depends on the local laws applicable in your jurisdiction — we process and store it only where local law permits. We do not sell your
2
personal data to third parties. Retention periods follow applicable Malaysian data-protection requirements, and we delete data promptly once it is no longer required for the purpose it was collected.

Service availability depends on jurisdiction. It is the user's responsibility to check local law before access.

PRIVACY CONTACT PATHS

Reach Our Privacy Team Directly

If you want to access, correct or request deletion of your personal data, our privacy team is reachable through three direct channels. We aim to acknowledge your request within one business day and resolve it within fourteen days, subject to identity verification requirements under Malaysian law.

Team online

Email Privacy Request

Send your data access, correction or deletion request to our privacy inbox at totonuto.com. Include your registered email and account ID so we can locate your records and respond accurately within the stated timeframe.

Live Chat Support

Open the live chat window on totonuto.com and select the Privacy category. Our agents are available around the clock to log your request, escalate it to the data-handling team and give you a reference number to track progress.

Written Correspondence

For formal written requests, you may submit a signed letter via our contact form on totonuto.com. This channel is particularly suited to legal-notice requirements under applicable data-protection legislation in Malaysia.

HOW WE PROTECT YOU

Data Handling, Cookies and Account Security

Below you will find a specific breakdown of the six practices we follow to keep your data safe and your privacy rights intact.

Encrypted Data Storage

All personal data you submit at account creation or during a withdrawal request is stored using industry-standard encryption. Database access is restricted to authorised personnel only, and access logs are audited on a regular schedule to detect any anomalies.

Cookie Policy and Controls

totonuto uses session cookies to keep you logged in and analytics cookies to understand how pages are used. You can manage or withdraw cookie consent at any time through the cookie-preference panel available in your account settings.

Payment Data Handling

References from Touch 'n Go, GrabPay, Boost dan FPX transactions are retained only for the period required to reconcile your account balance and comply with financial-record obligations under Malaysian law, then securely deleted.

Account Security Measures

Two-factor authentication is available on every totonuto account. We also monitor for unusual login locations and will notify you by email if a sign-in occurs from a device or region we have not seen before on your account.

Data Retention Schedule

We hold your account data for as long as your account remains active and for the legally required period after closure. Once that window passes, data is deleted from our systems — we do not archive it indefinitely or repurpose it for marketing without your consent.

Your Rights and How to Exercise Them

You have the right to request a copy of your data, ask for corrections, and request erasure where no legal obligation requires retention. Submit any such request through the privacy contact paths listed on this page, and we will respond within fourteen business days.

Common Questions About Your Privacy Rights

These questions cover the scenarios our account holders ask about most when it comes to personal data, cookies and privacy requests on totonuto. If your question is not answered here, reach out through the contact paths listed above.

We collect your name, email address, contact number and the payment references generated by your chosen method — Touch 'n Go, GrabPay, Boost dan FPX or FPX. Device identifiers and session logs are also recorded to protect your account from unauthorised access.

We retain your data for the legally required period under applicable Malaysian regulations after account closure. Once that retention window expires, your records are permanently deleted from our systems and are not repurposed for any other use.

Yes. Submit a data-access request via our privacy email inbox or live chat channel on totonuto.com. Include your registered email and account ID. We aim to deliver your data copy within fourteen business days of verifying your identity.

Send a deletion request through email, live chat or written correspondence as outlined on this page. Where no legal obligation requires us to keep the data, we will erase it and confirm the deletion to you within fourteen business days.

We do not sell your personal data. We share data only with service providers necessary to operate your account — such as payment processors for Touch 'n Go and GrabPay — and only under data-processing agreements that bind them to the same standards we follow.

Open the cookie-preference panel in your account settings at any time. You can withdraw consent for analytics cookies while keeping session cookies active, or opt out of all non-essential cookies. Changes take effect immediately on your next page load.

Our privacy team oversees all data-handling practices. Eligibility to hold an account and how local data-protection law applies to you depends on your jurisdiction — access is available only where local law permits, and we apply the relevant legal standard accordingly.

How totonuto Handles Your Personal Data

Reach Our Privacy Team Directly

Email Privacy Request

Live Chat Support

Written Correspondence

Data Handling, Cookies and Account Security

Encrypted Data Storage

Cookie Policy and Controls

Payment Data Handling

Account Security Measures

Data Retention Schedule

Your Rights and How to Exercise Them

Common Questions About Your Privacy Rights

01 What personal data does totonuto collect when I open an account?

02 How long does totonuto keep my data after I close my account?

03 Can I request a copy of the personal data totonuto holds about me?

04 How do I ask totonuto to delete my data?

05 Does totonuto share my data with third parties?

06 How can I manage or withdraw my cookie consent on totonuto?

07 Who is responsible for data protection at totonuto, and how is eligibility determined?

Related Pages