Privacy Policy | WinCraft

1. Introduction

The operator of the wincraftlogin.org platform is committed to protecting players’ personal data. This policy explains in detail how we collect, process, store, and safeguard personal data in compliance with the EU General Data Protection Regulation (GDPR – 2016/679/EU) and applicable laws.

2. Data Controller and Contact

• Data Controller: Casiworx N.V.
  
• Registered Office: Groot Kwartierweg 10, Curaçao
  
• Company Registration Number: 163922
  
• Data Processor Partner: Xenith Ltd., Cyprus
  
• Contact (Data Protection): [email protected]
  

3. Categories of Data Processed

3.1. Data provided at registration

• Full name
  
• Date of birth
  
• Email address
  
• Country of residence
  
• Login IP address
  

3.2. Data generated during use

• Deposit and withdrawal information
  
• KYC documents (ID, recent proof of address)
  
• Gaming activity (bet amounts, frequency, types of games)
  
• Browser and device identifiers (technical logs)
  
• Customer support communications (chat, email)
  
• Cookies and behavioral statistics
  

4. Purposes of Data Processing

• Creating, verifying, and maintaining user accounts
  
• Processing and accounting of transactions
  
• Compliance with KYC/AML legal obligations
  
• Managing promotions and bonuses (with consent)
  
• Statistical analysis and service optimization (aggregated/anonymous)
  
• Fraud and abuse prevention, security checks
  
• Customer support and complaint handling
  

5. Legal Basis of Processing

• Contract performance (registration, service provision)
  
• Legal obligation (KYC, AML, accounting)
  
• Consent (e.g., marketing communication)
  
• Legitimate interest (system security, fraud prevention, service improvement)
  

6. Retention Periods and Deletion

Data Type	Retention Period
Account and registration data	5 years after account termination
Transaction logs	At least 7 years (accounting rules)
KYC documents	5 years after verification
Customer support communications	2 years
Cookie/behavioral data	Maximum 12 months

After the retention period, data is deleted or anonymized.

7. Data Transfers and Recipients

Personal data is only shared for specific purposes and to the extent necessary:

• Payment providers (card, crypto processors)
  
• KYC providers (identity, document verification)
  
• IT operators and hosting (infrastructure, maintenance)
  
• Marketing partners (only with explicit consent)
  
• Authorities (upon lawful request or obligation)
  

All partners are bound by data processing agreements. For transfers outside the EEA, appropriate safeguards are applied (e.g., EU Standard Contractual Clauses).

8. Data Subject Rights

You are entitled to the following rights:

• Access to processed data
  
• Rectification of inaccurate data
  
• Erasure (“right to be forgotten”), where applicable
  
• Restriction of processing (temporary suspension)
  
• Data portability (in machine-readable format)
  
• Objection to processing based on legitimate interests
  
• Filing a complaint with a supervisory authority
  

For exercising rights: [email protected]
Response deadline: 30 days.

9. Cookies and Similar Technologies

wincraftlogin.org uses cookies and tracking technologies to operate and improve the service.

• Necessary cookies: core functions (login, security)
  
• Functional cookies: remember preferences
  
• Analytical cookies: anonymous traffic statistics
  
• Marketing cookies: promotions and targeting (with consent)
  

Cookie preferences can be changed or withdrawn at any time in the browser.

10. Protection of Minors

The service is not available to persons under 18.

• Age declaration required at registration
  
• KYC mandatory before withdrawals
  
• In case of suspected minors, accounts are immediately blocked
  
• Recommended parental tools: Qustodio, Norton Family, NetNanny
  

11. Data Security

• SSL/TLS encryption for all data transmission
  
• Firewalls and intrusion detection
  
• Access-restricted, logged databases
  
• Two-factor admin access
  
• Regular audits and backups
  

12. Automated Decision-Making

Certain processes are automated (fraud risk checks, bonus use monitoring, multiple registrations detection, limit notifications). Legally binding decisions are only made after human review.

13. Complaints and Remedies

If you believe your data has been processed unlawfully, please contact: [email protected].
You may also file a complaint with the competent supervisory authority (e.g., NAIH – Hungary) or seek judicial remedy.

14. Contact

• Data protection inquiries: [email protected]
  
• Live chat: available in Hungarian as well
  
• Office: Groot Kwartierweg 10, Curaçao
  

15. Amendments

The Provider reserves the right to amend this policy. Changes take effect upon publication on the website. The current version is always available at /privacy-policy.