Privacy Policy
This Privacy Policy governs the collection, use, and protection of personal information by our online gaming platform operating in India. We are committed to maintaining the highest standards of data protection and transparency in accordance with applicable Indian laws, including the Information Technology Act, 2000, and related rules. By accessing our platform and participating in gaming activities, you acknowledge that you have read, understood, and agree to the practices described in this policy. This document outlines how we handle your personal data, your rights as a user, and our obligations as a data controller in the context of online gaming services.
1. Information Collection and Types of Data
We collect various categories of personal information necessary for providing secure and reliable gaming services. The types of data we collect include personal identification information, financial details, technical data, and behavioral information related to your gaming activities on our platform.
Personal identification information encompasses your full name, date of birth, email address, mobile phone number, residential address, and government-issued identification documents such as Aadhaar card, PAN card, or passport details. This information is essential for account verification, compliance with Know Your Customer (KYC) requirements, and ensuring responsible gaming practices.
Financial information includes bank account details, payment card information, transaction history, deposit and withdrawal records, and details of any promotional bonuses or winnings. We collect this data to process payments, prevent fraud, and comply with financial regulations applicable in India.
Technical data comprises your IP address, device information, browser type, operating system, login timestamps, game preferences, and website interaction patterns. This information helps us optimize our platform performance, enhance security measures, and provide personalized gaming experiences.
We also collect behavioral data related to your gaming activities, including game selections, betting patterns, session duration, and communication with our customer support team. This information assists us in identifying potential problem gambling behaviors and implementing appropriate responsible gaming measures.
2. Purposes and Legal Basis for Data Processing
We process your personal data for several legitimate purposes essential to operating our online gaming platform and complying with regulatory requirements in India. Our primary purposes include account management, payment processing, regulatory compliance, security enhancement, and customer service provision.
Account management involves creating and maintaining user profiles, verifying identity documents, processing KYC documentation, and managing account preferences. We rely on contractual necessity as the legal basis for this processing, as it is essential for providing gaming services you have requested.
Payment processing encompasses handling deposits, withdrawals, bonus distributions, and maintaining transaction records. This processing is necessary for contract performance and compliance with financial regulations, including anti-money laundering requirements under the Prevention of Money Laundering Act, 2002.
Regulatory compliance requires us to maintain detailed records, report suspicious activities, implement responsible gaming measures, and cooperate with authorized government agencies. We process data based on legal obligations imposed by Indian gaming regulations and financial laws.
Security enhancement involves monitoring for fraudulent activities, preventing unauthorized access, detecting technical vulnerabilities, and protecting against cyber threats. We process this data based on our legitimate interests in maintaining platform security and protecting user funds.
Marketing communications may be sent based on your consent, which can be withdrawn at any time. We also use data for platform improvements and analytics based on legitimate interests, always ensuring appropriate balancing tests are conducted.
3. Data Sharing and Third-Party Disclosures
We maintain strict controls over data sharing and only disclose personal information to authorized third parties under specific circumstances. Our data sharing practices are designed to ensure continued protection of your privacy while enabling essential business operations and regulatory compliance.
Service providers and business partners receive limited personal data necessary for performing specific functions on our behalf. These include payment processors for handling financial transactions, identity verification services for KYC compliance, customer support platforms for managing user inquiries, and technical service providers for platform maintenance and security.
All third-party service providers are required to sign comprehensive data processing agreements that mandate appropriate security measures, restrict data use to specified purposes, and require deletion of data upon contract termination. We conduct regular audits to ensure compliance with these requirements.
Regulatory authorities may receive personal data when required by law or court orders. This includes compliance with requests from the Reserve Bank of India, Financial Intelligence Unit, Income Tax Department, or other authorized government agencies investigating potential violations of applicable laws.
Corporate transactions such as mergers, acquisitions, or asset transfers may involve sharing user data with potential buyers or partners. In such cases, we ensure that acquiring parties agree to maintain the same level of data protection outlined in this policy.
We never sell personal data to marketing companies or unauthorized third parties. Any data sharing arrangement undergoes thorough legal review to ensure compliance with Indian data protection laws and our privacy commitments.
4. Data Security and Protection Measures
We implement comprehensive security measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security framework combines technical, administrative, and physical safeguards appropriate for the sensitivity of gaming platform data.
Technical security measures include advanced encryption protocols for data transmission and storage, secure socket layer (SSL) certificates for website communications, multi-factor authentication for account access, automated fraud detection systems, and regular security vulnerability assessments conducted by independent cybersecurity experts.
Administrative controls encompass strict access controls limiting employee access to personal data based on job responsibilities, comprehensive staff training on data protection principles, regular security awareness programs, detailed incident response procedures, and mandatory background checks for personnel handling sensitive information.
Physical security measures protect our data centers and office facilities through restricted access controls, surveillance systems, environmental monitoring, and secure storage of physical documents containing personal information.
We maintain detailed security logs and conduct regular internal audits to identify potential vulnerabilities. Our incident response team is prepared to address security breaches promptly, including user notification procedures and regulatory reporting requirements as mandated by Indian cybersecurity frameworks.
Data backup and disaster recovery procedures ensure business continuity while maintaining security standards. All backup systems employ the same encryption and access controls as primary data storage systems.
5. User Rights and Data Subject Requests
You possess several fundamental rights regarding your personal data processed on our platform. We are committed to facilitating the exercise of these rights while balancing our legitimate business interests and regulatory obligations under Indian law.
Access rights enable you to request copies of personal data we hold about you, including account information, transaction history, and communication records. We provide this information in commonly used electronic formats within thirty days of verified requests.
Rectification rights allow you to request corrections to inaccurate or incomplete personal data. You can update most account information directly through your user profile, while more significant changes may require identity verification and documentation.
Data portability rights enable you to receive personal data in structured, machine-readable formats for transfer to other service providers, subject to technical feasibility and legal restrictions related to gaming regulations.
Deletion rights, also known as the right to be forgotten, allow you to request removal of personal data under specific circumstances. However, we may retain certain information to comply with legal obligations, resolve disputes, or maintain security records as required by gaming regulations.
Restriction and objection rights enable you to limit certain types of data processing, particularly for marketing purposes. You can opt out of promotional communications while maintaining essential account-related communications necessary for platform operation.
To exercise these rights, contact our privacy team through designated channels with proper identity verification. We respond to all legitimate requests within required timeframes while explaining any limitations imposed by applicable laws or legitimate business interests.
6. Data Retention and International Transfers
We maintain clear data retention policies that balance user privacy rights with business needs and regulatory requirements. Our retention periods are based on the purpose for which data was collected, legal obligations, and legitimate business interests related to gaming platform operations.
Account information and transaction records are retained for seven years following account closure, as required by Indian financial regulations and anti-money laundering laws. This includes KYC documents, payment history, and gaming activity logs necessary for regulatory compliance and dispute resolution.
Marketing communication preferences and website analytics data are typically retained for three years or until you withdraw consent, whichever occurs first. Technical logs and security monitoring data are retained for two years to ensure platform integrity and investigate potential security incidents.
Customer support communications are retained for five years to maintain service quality and resolve any delayed disputes. Communication records may be retained longer if they relate to ongoing legal proceedings or regulatory investigations.
International data transfers may occur when using third-party service providers located outside India. All such transfers comply with applicable Indian laws governing cross-border data flows, including requirements for adequate protection levels and appropriate safeguards.
We implement specific contractual protections for international transfers, including standard contractual clauses approved by relevant authorities and additional security measures to ensure data protection standards equivalent to those required in India.
This Privacy Policy was last updated on January 15, 2026, and may be revised periodically to reflect changes in our practices, services, or applicable laws. We notify users of material changes through email communications and prominent website notices, providing reasonable time to review modifications before they take effect. Your continued use of our platform following policy updates constitutes acceptance of the revised terms.