This Privacy Policy applies to all platforms and services managed by 1win Casino, encompassing both our online and mobile offerings. For simplicity, these will be collectively referred to as our “Websites” and “Services.” When we refer to “Personal Data,” we mean information that can identify you, such as your name, email, address, phone number, payment details, support queries, betting history, chat comments, and similar data. If the data cannot identify you (for instance, if it has been aggregated and anonymized), this Policy does not apply. We may occasionally revise this Policy. Significant changes will be communicated, typically through notifications on our Websites or via email.
Methods of Collecting Data
When you access our Websites or use our Services, we collect and process your Personal Data through various methods, including:
Information You Provide Directly
When you visit or use certain parts of our Websites and/or Services, you may be asked to provide Personal Data. For example, we might request your contact information or specific documents during registration, verification, anti-money laundering procedures, anti-fraud checks, or when you seek support.
Automatically Collected Information
Some data is collected automatically when you visit our Websites or use our Services. This includes your IP address, operating system, device type and settings, browser type and settings, crash reports, system activity, and the date, time, and referrer URL of your request. This information helps us understand your usage patterns and improve your experience. For instance, browser information can help us determine your language preference. Data is also collected through cookies, similar tracking technologies, and third-party tools like Google Analytics. We also record transaction details and account activities.
Information from Third Parties
Occasionally, we collect Personal Data from other sources, such as publicly available information or trusted third parties like payment providers. This information supplements the Personal Data we hold, enhancing our Services and validating the data you provide.
Legal Bases for Processing Data
We process Personal Data only when legally justified under applicable data protection laws. The legal bases include:
Performance of a Contract
We may process your Personal Data if necessary for fulfilling a contract, such as registration on the Website or facilitating transactions on the Websites.
Legal Obligation
Certain laws and regulations require the processing of your Personal Data to comply with requirements such as anti-money laundering legislation and responsible gaming regulations.
Legitimate Interests
Your Personal Data may be processed when we, our group companies, or third parties have legitimate business interests.
Consent
In specific cases, we process your Personal Data based on your consent, such as for direct marketing purposes.
Uses of Personal Data
We utilize Personal Data to:
- Operate our Websites, ensure they function as intended, and deliver requested Services (Performance of a contract, Legitimate interest).
- Verify eligibility for certain Services, such as age, location, identity, or self-exclusion status, and set up and manage your account (Performance of a contract, Legitimate interest).
- Fulfill legal duties, comply with regulations, and prevent illegal activities (Legal obligation).
- Provide support, including resolving technical or payment issues (Performance of a contract).
- Improve our Websites and Services, test new features, and perform technical analysis for optimization (Legitimate interest).
- Prevent, detect, and report crime, protect users, ensure security, and prevent fraud (Legal obligation, Legitimate interest, Performance of a contract).
- Analyze and aggregate data, prepare statistics, and produce reports (Legitimate interest).
- Manage financial transactions (Performance of a contract, Legitimate interest).
- Assess fraud risk and verify credentials with third parties (Legal obligation, Performance of a contract, Legitimate interest).
- Evaluate gambling activity for responsible gaming (Legal obligation, Legitimate interest, Performance of a contract).
- Monitor betting activity and manage risk and odds (Legitimate interest, Performance of a contract).
- Exercise rights under agreements with you (Performance of a contract).
- Disclose information within our group for internal purposes (Legitimate interest).
- Manage our relationship and communicate with you, including operational communications, marketing, and required information (Performance of a contract, Legitimate interest, Consent).
Sharing of Personal Data
We may share your Personal Data with:
- Other companies within our group.
- Third-party service providers and partners supporting our Websites and Services.
- Regulators, law enforcement, government bodies, courts, fraud prevention agencies, licensing bodies, and other third parties to comply with laws or defend legal rights.
- Affiliates and introducers.
- Others with your consent.
International Data Transfers
Data processing and sharing may involve transfers to countries with different laws. Safeguards are implemented to protect your Personal Data during these transfers. For EEA residents, data may be transferred outside the EEA, with compliant transfer mechanisms in place, such as the European Commission’s Standard Contractual Clauses.
Security Measures
We are committed to protecting your Personal Data through various measures, including:
- Data Encryption: All data between you and us is encrypted using TLS, protecting personal and financial information. Data is also encrypted when stored and transferred between data centers.
- Limited Access: Access to personal information is restricted to necessary personnel.
- Network Protection: Multiple security layers protect our environment, including firewalls and intrusion protection systems. We partner with industry-leading security vendors for global threat intelligence.
- Secure Data Centers: Servers are housed in facilities with robust physical security controls, including 24/7 monitoring and regular audits.
- Security Monitoring: Continuous monitoring of security systems and alerts to manage threats.
Data Retention
Data retention varies:
- Deletable Data: You can delete certain data, such as by editing your profile or deleting your account.
- Automatic Deletion: Some data is deleted automatically.
- Retained Data: Data may be retained longer to meet legal obligations or for business reasons, such as protecting against fraud or complying with financial regulations.
Your Rights
You have rights regarding your Personal Data, including:
- Knowing what data we hold.
- Correcting inaccurate data.
- Accessing and requesting a copy of your data.
- Objecting to processing based on legitimate interests.
- Requesting data erasure in certain circumstances.
- Restricting processing in specific situations.
- Withdrawing consent where applicable.
- Objecting to direct marketing and related profiling.
- Complaining to your local data protection authority. You can exercise these rights by adjusting your account settings or contacting [email protected]. Proof of identity may be required for certain actions.
Use of Google Analytics
We use Google Analytics to gather information about Website usage. Google Analytics collects data such as visit frequency, visited pages, and referring sites. It collects only the IP address assigned on the visit date. Information from Google Analytics is not combined with Personal Data. You can prevent Google Analytics from recognizing you on future visits by disabling cookies in your browser. For more details, visit Google Analytics and Google’s cookie policy.
SSL Encryption
All critical communications between users and the Website are encrypted using SSL with a 256-bit key.