This Privacy Policy explains:
● which personal data we collect;
● the legal grounds for processing;
● how and why we use the data;
● how long we keep it;
● with whom we share it;
● the safeguards we apply; and
● the rights available to you.
By accessing or using the Services, you confirm that you have read and understood this Policy and agree to its terms.
Full name, date of birth, nationality, government-issued ID, username, password, selfie or live-photo for identity verification.
E-mail address, telephone number, postal address, language, currency and marketing preferences.
Deposit and withdrawal addresses, blockchain hashes, payment-method proofs, source-of-funds documents, wager logs, wins, losses, bonuses and balances.
IP address, device and browser type, operating system, time-zone, session timestamps, click-stream, referral URLs, cookies and similar identifiers.
Deposit and withdraw patterns, session length, limit settings, self-exclusion status, in-game chat transcripts.
Customer-service tickets, e-mails, live-chat logs, call recordings (where lawful), AML/KYC notes, dispute and charge-back files.
Slot.win does not knowingly collect data from anyone under 18 years of age (see “Children” below).
Depending on jurisdiction, Slot.win relies on one or more of the following grounds:
● Contractual necessity – operating your gaming account and delivering the Services.
● Legal obligation – compliance with AML/CTF, gambling-licence, tax and bookkeeping requirements.
● Legitimate interests – safeguarding network and game integrity, preventing fraud, improving products and—subject to opt-out—marketing similar services.
● Consent – non-essential cookies, promotional messaging and other processing that requires prior consent.
● Vital or public interest – protecting minors and vulnerable persons.
● Registering, authenticating and administering player accounts.
● Conducting mandatory KYC and ongoing AML checks.
● Processing deposits, wagers, winnings, withdrawals, bonuses and refunds.
● Detecting and preventing fraud, cheating, multi-accounting and collusion.
● Providing customer support and resolving complaints.
● Personalising language, currency and, where lawful, promotional content.
● Performing statistical analysis and responsible-gaming monitoring.
● Meeting legal or regulatory requirements and enforcing our Terms of Service.
Personal data is shared only on a need-to-know basis and under appropriate safeguards with:
● trusted service providers (hosting, identity-verification, payment processors, marketing platforms) under written data-processing agreements;
● regulators, courts or law-enforcement when required by law or licence;
● sanctions-screening and financial-intelligence bodies to satisfy AML duties;
● professional advisers (auditors, insurers, legal counsel) under confidentiality;
● successors in the event of merger, acquisition, reorganisation or asset sale, provided they honour this Policy.
Slot.win does not sell or rent personal data.
When data is transferred outside the country of origin, Slot.win applies recognised safeguards such as Standard Contractual Clauses, encryption and strict access controls to ensure an adequate level of protection.
We retain personal data for the lifetime of the player relationship and subsequently for the period mandated by AML, gambling, tax and accounting regulations—typically five to ten years. Information held solely on the basis of consent or legitimate interest is erased or anonymised once that basis no longer applies, unless needed to establish, exercise or defend legal claims.
Slot.win uses:
● essential cookies for authentication and security;
● preference cookies to remember language and currency;
● analytics cookies to measure performance and detect errors;
● marketing cookies only where lawful consent is provided.
Non-essential cookies can be managed through our cookie banner or via browser settings; blocking them may affect site functionality. Details appear in our Cookie Notice.
Slot.win employs TLS encryption, encryption at rest, segregated networks, firewalls, DDoS mitigation, multi-factor admin access, regular penetration testing and mandatory staff training. Nonetheless, no system is infallible; users must maintain strong, unique passwords and enable two-factor authentication where available.
Our Services are not directed to, and must not be used by, anyone under 18 years of age (or the higher age of majority in their jurisdiction).
We do not knowingly solicit, collect or retain personal data from minors.
If we discover that a minor has submitted personal information or opened an account, we will promptly delete that data and permanently close the account.
Parents or legal guardians who believe we may have inadvertently collected such information should contact us at [email protected] so that we can take immediate action.
Subject to local law, you may:
● request access to personal data we hold about you;
● request correction of inaccurate or incomplete data;
● request deletion where legal conditions are met;
● request restriction or object to certain processing activities;
● receive data you provided in a portable format;
● withdraw consent at any time for processing based solely on consent;
● lodge a complaint with a supervisory authority — our lead authority for GDPR purposes is the Office of the Data Protection Commissioner, Costa Rica.
To exercise any right, contact [email protected] from your registered e-mail. We may request proof of identity. A response will be issued within one month, subject to extensions or legal exemptions.
We may revise this Policy periodically. The updated text will appear on the Site with a new Effective Date; where required, we will also notify you by e-mail or in-account message. Continued use of the Services after the Effective Date constitutes acceptance of the revised Policy.
Questions or concerns about this Policy or our data-handling practices should be directed to:
By email: [email protected]
