Reference

How wintomato Handles Your Personal Data

At wintomato, your personal data belongs to you — we collect only what we need to run your account, process your UPI or Paytm deposits, and keep your…

Data collected only as neededUPI & Paytm transaction privacyRight to access your dataRight to request deletionClear contact path for queries
wintomato How wintomato Handles Your Personal Data
PRIVACY CONTACT PATHS

Reach Us About Your Data

If you have a question about how we handle your personal data, want to request a copy of what we hold, or need to ask us to delete something, our privacy team is reachable through the channels below. We aim to respond to all data-related requests within 72 hours of receipt.

Team online

Email Privacy Team

Send your data request or privacy question to our dedicated address and we will confirm receipt within one business day. Include your registered account email so we can locate your record quickly.

Live Chat Support

Open the chat widget from any page on wintomato and ask to be connected with the privacy desk. Our support team is available around the clock to log your request and escalate it internally.

Help Centre Ticket

Log a formal ticket through the Help Centre under the 'My Account & Data' category. Tickets are tracked with a reference number so you can follow progress without needing to re-explain your query.

DATA HANDLING STANDARDS

How We Protect and Manage Your Information

We apply several layers of technical and organisational controls to keep your account data safe, from the way cookies are scoped to how long we retain withdrawal records.

Data Collection Minimisation

We collect your name, email, date of birth and payment identifiers when you open an account. No additional personal fields are requested unless they are required to complete a specific transaction or comply with a legal obligation in your region.

Cookie Scope and Control

We use session cookies to keep you logged in and analytics cookies to understand how the lobby is navigated. You can adjust cookie preferences from the footer settings link at any time; withdrawing consent for analytics cookies does not affect your account access.

Account Security Practices

Your password is stored as a salted hash — our team cannot read it. We send an email alert whenever a new device logs into your account, and two-factor authentication is available from account settings to add a second verification step.

Payment Data Handling

When you pay via UPI or Paytm, the transaction token is passed directly to the payment processor over an encrypted connection. We store a masked reference for your transaction history but never hold your full UPI ID or Paytm PIN on our servers.

Retention and Deletion

We keep account records for as long as your account is active and for a defined period after closure as required by applicable law. Once that period expires, personal identifiers are deleted from live systems; anonymised aggregate data may be retained for internal reporting.

Requesting Changes to Your Data

You can request a copy of the personal data we hold, ask us to correct inaccurate details, or request deletion by contacting the privacy team via email or the Help Centre. We confirm the outcome of every request in writing within the timeframe required by applicable law.

Common Questions About Your Privacy at wintomato

Below are the questions we receive most often about data collection, storage, your rights and how to exercise them. If your question is not covered here, reach out through any of the contact paths listed above and our privacy team will respond within 72 hours.

We collect your name, email address, date of birth and a contact number. Once you add a payment method we also store a masked reference linked to your UPI or Paytm identifier — never the full credential — to display your transaction history inside the account.

Your data is used to process deposits and withdrawals, authenticate your login sessions, send account-related notifications, and generate anonymised analytics that help us improve the lobby. We do not use your data to sell advertising to third parties.

Yes. Send a data-access request to our privacy team via email or the Help Centre. We will compile a structured summary of your personal data and deliver it to your registered email address within the timeframe required by applicable law in your region.

Submit a deletion request through the Help Centre under 'My Account & Data' or email the privacy team directly. We will remove personal identifiers from live systems once any legally required retention period has passed, and we will confirm completion in writing.

We share data only with payment processors like UPI rails, Paytm and PhonePe — and only the fields needed to complete your transaction. We do not sell personal data. We may disclose data if required to do so by law or a valid regulatory authority.

When you close your account we retain certain records for the period required under applicable law in your jurisdiction. After that period your personal identifiers are deleted from live databases. Anonymised transaction aggregates used for internal reporting do not contain anything that identifies you.

Minor details like a contact number can be changed directly inside account settings. For changes to your registered name or date of birth, contact the privacy team with supporting documentation and we will update the record and confirm the change by email.