Win With Every Move!
Happy Spins. Happy Days!
Every step of the way, your personal information is carefully protected. For example, account registration, transactions, and communications are all protected by encrypted SSL channels. No one who isn't authorised can see any of the information you give, including proof of identity and payment information. Under UKGC and MGA rules, data collection is only allowed for account management, fraud prevention, and following the law. We never share information with people or organisations that aren't connected to us without your permission, except when the law requires it or when financial institutions need to verify your identity. User control is our top priority. You can ask our support team to correct or delete your data at any time. Requests for self-exclusion are honoured right away, which is in line with strict rules. We only use your personal information for things like checking your age, processing payments, sending you promotional offers that are specific to your profile, and keeping an eye out for suspicious activity. Cookies and other tracking technologies are only useful for improving the customisation of the interface, the user experience, and the detection of fraud. Data is kept only as long as the law says it has to be. After you close your player profile, it will be archived for up to five years. After that, it will be automatically and permanently deleted.
We get user information directly from registration forms, payment processes, and interactive features. You need to give your full name, address, date of birth, preferred language, email address, phone number, and username. To stop fraud, you need to provide your bank account or card information along with proof of your identity for financial transactions. Data is kept for processing transactions, helping customers, following the law, and verifying players. To keep user accounts safe and find unauthorised access, every session is monitored for device details like IP addresses, browser type, operating system, and access logs with timestamps. Cookies and local storage keep track of session continuity and user preferences without giving sensitive information to anyone other than verified technology providers. Tracking player interactions with promotional campaigns and loyalty programs lets you tailor bonuses and marketing content to each player, making their experience the best it can be. Communication records, including live chat, emails, and in-account messages, are archived for dispute resolution and to enhance service quality. No information is shared with marketing partners without explicit opt-in consent via user profile settings. The data collection methodology aligns with regulatory standards including GDPR, and account holders retain access to their data along with rights to modify or request removal through the customer care portal. Encryption protocols are utilized for transfer and storage of all personal and payment information to guarantee confidentiality.
All financial data is transmitted using Transport Layer Security (TLS) 1.2 or higher. Sensitive information, like credit card numbers and bank account numbers, is never stored or shown in plain text.
Card payments must meet the Payment Card Industry Data Security Standard (PCI DSS). Audits are done on systems on a regular basis to limit access to only authorised staff who handle transaction processing.
Card information is never kept on local servers. Data is instead tokenised and kept by certified third-party processors. This stops people from getting it without permission or using it for their own purposes.
Multi-factor analytics automatically check transactions for unusual behaviour. If someone is doing something suspicious, like quickly depositing or withdrawing money from several accounts, the account will be put on hold until the user's identity can be confirmed.
Protecting personal access is achieved through a combination of advanced protocols and recommended practices. All participant profiles are shielded via an encrypted login system; passwords are stored using industry-recognized hashing algorithms, which means they cannot be retrieved or read by unauthorized personnel. Multi-factor authentication is required when you first sign up and any time you change devices. This requires entering a password and a second code sent by SMS or email, which greatly lowers the risk of unauthorised access. There are strict rules about session timeouts. If a user doesn't do anything for 15 minutes, the platform will automatically close the current session and require them to log in again. This stops people from using your account on shared or public devices. Participants can choose their own security questions and see what they've been up to recently from their dashboard. Unusual behaviour, like logging in from a new location or trying to access something multiple times without success, sends instant alerts to both registered email and SMS.
| Description of the security feature | Details |
|---|---|
| Hashing Passwords | All passwords transformed with SHA-256 before storage |
| Multi-Factor Authentication | Secondary verification required at login and during sensitive changes |
| Session Timeout | Automatic logout after 15 minutes of inactivity |
| Unusual Activity Alerts | Immediate notification upon detection of suspicious behavior |
Users are advised to create unpredictable passphrases combining upper and lowercase letters, numbers, and symbols, and to avoid sharing credentials with any third parties. All messages about changes to your account come only from official support channels, which never ask for passwords or payment information over the phone or by email. If you get an email that seems strange, use the contact form in the user dashboard to report it right away. The participant dashboard has rules for changing passwords; it's best to do it every four months. Also, every user can see and manage the devices that are allowed to access their profile, which means they can remove access tokens that they don't recognise at any time. Access to support is encrypted, and customer service reps can only talk to you after following set procedures to make sure your account information is always kept private.
For things to run smoothly and be in compliance, it's important to work with outside service providers. Payment processors, fraud prevention agencies, KYC vendors, analytics platforms, and regulatory authorities may be able to see certain information. Before any data is sent, the legal basis for each disclosure is carefully checked. Processors only get the information they need. For instance, verification partners may only get customer identification data like name, date of birth, and government-issued ID numbers to confirm that the customer is who they say they are. Payment gateways get transaction details, but not full card numbers, to settle the transaction. Cybersecurity companies can look at IP addresses and device information to find strange behaviour. We carefully check out every outside partner and make sure they follow a strict data processing agreement. These contracts say that personal information must be encrypted while being sent and stored, that access to it must be controlled by technology, and that it must be thrown away right away after processing. All third parties are not allowed by contract to keep, sell, or use data that is not related to the purpose for which it was given. Regular audits are performed to verify compliance with these requirements. Sharing information with government or regulatory bodies only happens when it is required by law, such as for tax reporting or anti-money laundering checks. We never give advertisers or partners who aren't necessary any personal information. People who want to know more about data recipients can ask for a full list of active vendors. Data sharing is never done without a good business or legal reason, and people who don't want to share their data are always respected. If you want to ask about or object to a specific disclosure, please contact customer support.
Keeping accurate and relevant records is important for meeting regulatory requirements and making sure that users have a good experience. Clear rules tell us how to control, store, and delete information. Here are the main rules for keeping things:
As long as members use the platform, their account profiles stay active. We keep transaction logs and payment records for at least five years, as required by Anti-Money Laundering (AML) rules and other financial laws. Inactive accounts are safely stored for up to seven years from the last time someone logged in or did something financial, unless the law says they have to be kept for longer. For five years after an account is closed, engagement and gameplay histories are kept for auditing and resolving disputes.
Personal information is deleted right away after a verified withdrawal request, as long as it meets all legal and financial requirements. All identifying information is either anonymised or securely deleted after the required retention periods have passed. Records that are marked for regulatory investigations or self-exclusion are kept until the problem is completely fixed, regardless of the usual time frames.
Users can ask to export their stored records from the client dashboard at any time before the data is deleted, as long as they use secure communication channels. All requests must be verified for identity and will be handled within one month.
Automated systems keep an eye on things and find duplicate information. This makes sure that reviews are done on a regular basis without fail. Dedicated compliance teams look at edge cases and do manual checks when there are special circumstances or legal orders.
Data that is kept is encrypted and protected with both physical and digital security measures throughout its lifecycle, which lowers the chance of unauthorised access. Strict rules about who can access staff areas are in place, and there are regular inspections and audit trails. If you need more information about how to handle records, you can contact the Data Protection Officer through the secure links on the official website.
Players have certain rights when it comes to their personal information. People can get a detailed report of all the personal records that are kept on file if they ask for one. This includes, but is not limited to, information about your registration, your transaction history, your device, and your communication with customer support. All registered users can change their data. You can fix any wrong or old information by going to your account settings or getting in touch with the support team. Changes that have been confirmed are made right away to keep the data accurate. People can ask for their personal records to be erased, but they have to follow the rules set by financial or legal authorities. Requests to delete information are handled within 30 days, unless the law requires that the information be kept for anti-money laundering, tax, or dispute resolution purposes. Users can stop or limit the processing of their data for direct marketing, profiling, or analytics that aren't necessary. Users can change their marketing preferences at any time and opt-out settings are available in their profiles. Withdrawing consent does not change the legality of processing that was done with prior consent. Data portability is possible for the right kinds of information. Users who qualify can get a machine-readable copy of their basic profile and transaction records to use with other service providers or to keep for themselves. All requests are verified to protect user privacy, and they are carried out for free, unless they are too many or too often, as allowed by law. You can find all the information you need about how to make a request in the right account section or on the customer care portal.
If you're worried about how your personal information is being handled or want to use your legal rights to access stored information, there are special support channels you can use. To get a quick and safe answer, please do the following:
To get access to, correct, delete, or limit data processing, send an email to the Data Compliance Officer at [email protected]. Include your registered username, a clear explanation of your request, and any supporting documents you may need, such as proof of identity (only if the law requires it).
Go to your profile and click on "My Data." Then, use the "Personal Data Requests" tool. You can see the status of your request in real time and get old responses.
Use the in-app messaging to get in touch with authorised support staff for urgent issues that have to do with privacy or data management. Data management staff are the only ones who can see and log chats. You will get a response to all of your questions about data within one business day. Requests are only handled within the time limits set by GDPR or any other relevant local law. To stop people from doing things they shouldn't, sensitive changes like deleting or moving records need to be verified. If you think your request wasn't handled properly, you can also report it to a supervisory data authority. They will give you all the information you need if you ask.
Bonus
for first deposit
1000AUD + 250 FS
Switch Language
