Privacy Policy | WinCraft

This privacy policy provides transparent and detailed information to users of the website win-craft-casino.org regarding the collection, processing, storage, and protection of their personal data. The policy is in line with the European Union’s General Data Protection Regulation (GDPR 2016/679/EU) and relevant international standards.

1. Data Controller Information

  • Name: Casiworx N.V.
  • Registered address: Groot Kwartierweg 10, Curaçao
  • Company number: 163922
  • Data processing responsible entity: Xenith Ltd., Cyprus
  • Contact: [email protected]

2. What Data Do We Collect?

During registration:

    • Full name
    • Email address
    • Date of birth
    • Citizenship and country of residence
    • Login IP address

    During platform use:

    • Gaming activity (bets placed, frequency)
    • Transaction data: deposits, withdrawals, account balance changes
    • Device identifiers (browser, operating system, language)
    • Customer service communications (chat, email)
    • KYC documents: ID, proof of address, bank statement

    3. Purpose of Data Processing

      • Creating and maintaining user accounts
      • Executing payment operations
      • Complying with KYC and AML regulations
      • Providing promotions, bonuses, and marketing communications
      • Ensuring technical operation and preventing abuse
      • Analyzing gaming statistics
      • Handling complaints and customer support

      4. Data Storage and Deletion

        Data TypeStorage Duration
        Account dataAs long as the account is active
        KYC documents5 years (legal requirement)
        Transaction records7 years
        Chat/email communications2 years
        Cookies and technical data12 months

        After these periods expire, the data is automatically deleted or anonymized.

        5. Data Sharing

        Personal data is only shared with the following third parties:

          • Payment providers (e.g., banks, crypto wallets)
          • KYC partners for document verification
          • Technical partners (hosting, monitoring services)
          • Authorities upon legal request or requirement

          All data processors are bound by written agreements in accordance with Article 28 of the GDPR.

          6. User Rights

          As a user, you have the following rights:

            • Right of access: You may request information about data processing
            • Right to rectification: Correction of inaccurate data
            • Right to erasure (“right to be forgotten”) in specific cases
            • Right to data portability to another service provider
            • Right to object to data processing based on legitimate interest
            • Right to restrict processing temporarily

            To exercise your rights, contact: [email protected]
            Response time: within 30 days.

            7. Cookies and Trackers

            The website uses cookies for functionality, analytics, and marketing purposes.

            Types of cookies:

              • Essential cookies: login, navigation
              • Statistical cookies: analyze visitor behavior
              • Marketing cookies: personalized offers
              • Third-party cookies: Google Analytics, Hotjar, etc.

              Cookie settings can be adjusted at any time via your browser.

              8. Protection of Minors

              The service is not available to individuals under 18.

                • Age verification occurs at registration
                • KYC verification is mandatory before withdrawal
                • The platform blocks underage access attempts

                Recommended parental tools: Qustodio, NetNanny, Norton Family

                9. Security Measures

                The provider employs physical, technical, and organizational measures to protect data:

                  • SSL/TLS encrypted communication
                  • Restricted access to internal systems
                  • Two-factor authentication for admin access
                  • Continuous security logging
                  • Regular audits and vulnerability checks

                  10. Automated Decision-Making

                  The platform may use automated systems to:

                    • Detect suspicious activity
                    • Monitor bonus usage
                    • Identify duplicate registrations
                    • Perform general statistical analysis

                    No legally binding decision is made without human oversight.

                    11. Legal Remedies and Complaints

                    If you believe your data has been misused, you may:

                      • File a written complaint with the data controller
                      • Report to the Curaçao Data Protection Authority
                      • Pursue legal action in your country of residence

                      All complaints are handled confidentially and free of charge.

                      12. Contact

                      For privacy-related questions, requests or complaints:

                      • Email: [email protected]
                      • Live Chat: available 24/7
                      • Data Protection Officer: available via email upon request

                      13. Policy Updates

                      The Provider reserves the right to modify this privacy policy. Changes take effect immediately upon publication. The latest version is always available on the website.