Privacy Policy | WinCraft

  1. Introduction
    This Privacy Policy explains how wincraft-casino.com collects, handles, stores, and protects users’ personal data. WinCraftCasino is committed to protecting user data and fully complies with applicable data protection laws, especially the General Data Protection Regulation of the European Union (GDPR – 2016/679/EU).
    By using the website and registering, users agree to the provisions of this policy.
  2. Data Controller Information
    Controller: Casiworx N.V.
    Address: Groot Kwartierweg 10, Curaçao
    Company registration number: 163922
    Email: [email protected]
    The controller is responsible for processing, securing, and preserving all collected personal data.
  3. What Data Do We Collect?
    wincraft-casino.com collects the following types of data:
  • Full name
  • Date of birth
  • Address (country, city, postal code)
  • Email address
  • Phone number (if provided)
  • IP address, browser and device information
  • Deposit/withdrawal data
  • Gaming activity (bets, session time, winnings)
  • Customer service messages
  • KYC documents (e.g. ID card, utility bill)
  1. Purposes of Data Processing
    The data we collect is used for the following purposes:
  • Creating and managing user accounts
  • Processing deposit and withdrawal transactions
  • Verifying identity (in accordance with KYC, AML rules)
  • Providing bonuses and promotions
  • Customer service communication
  • Analyzing and improving user activity
  • Meeting legal obligations
  • Preventing fraud and money laundering
  1. Sharing Data with Third Parties
    We only share personal data with the following partners:
  • Payment providers (banks, crypto processors)
  • Identity verification partners (KYC)
  • Data security subcontractors
  • Authorities, if required by law
    All partners are bound by contractual agreements ensuring they use your data only as necessary and for the specified purpose.
  1. Data Retention Period
    We retain data only as long as necessary:
  • Registration data: as long as the account is active
  • Withdrawal documents: 7 years after the transaction
  • KYC documents: at least 5 years
  • Customer support communications: up to 2 years
  • Cookie-based data: 12 months
    After the retention period, data is automatically deleted or anonymized.
  1. User Rights
    Under the GDPR, users are entitled to the following rights:
  • Right of access – you can request what data we store about you
  • Right to rectification – request modification or correction of data
  • Right to erasure (“right to be forgotten”) – under certain conditions
  • Right to data portability – transfer data to another provider
  • Right to object – oppose processing of your data
  • Right to restriction – request temporary suspension of processing
    Requests must be submitted in writing to the controller’s email. We respond to all requests within 30 days.
  1. Cookies and Tracking
    The website uses cookies to improve user experience, track traffic, and personalize content.
    Types:
  • Functional cookies – for essential features
  • Analytical cookies – for statistics (e.g. Google Analytics)
  • Marketing cookies – for ad personalization and campaigns
    Accepting cookies is not mandatory, but some features may not work properly without them. You can modify settings anytime in your browser.
  1. Protection of Minors’ Data
    WinCraftCasino is only for users aged 18 or older. Age verification is conducted during registration and before withdrawal. If a user is found to be underage, the account is deleted immediately.
    We recommend parents use filtering software (e.g. NetNanny, Qustodio) to supervise children’s internet activity.
  2. Data Security
    All personal data is stored on secure servers in encrypted databases. Our measures include:
  • SSL/TLS encryption for web connections
  • Physical and software access protection
  • Firewalls and intrusion prevention systems
  • Regular security audits
  • Limited access to data – only authorized staff
  1. Handling of Data Incidents
    If a data incident is detected, we act immediately:
  • The incident is logged
  • Authorities are notified within 72 hours
  • Users are notified if necessary
  • Corrective and preventive actions are implemented
  1. Contact
    For questions, complaints, or requests related to data processing, contact us at:
    Email: [email protected]
    Customer service: live chat – available 24/7
    Data Protection Officer: available upon formal request
  2. Examples of Data Processing Practices
    Example 1 – Registration and KYC
    When a new player registers, initial data validation is automatic. Before a withdrawal, we may request:
  • Copy of ID card or passport
  • Proof of address (e.g. utility bill, bank statement)
  • In some cases, a selfie holding the document
    All uploaded files are processed in a secure environment and stored only as long as required by law.

Example 2 – Abusive Behavior or Misuse
If a player tries to create an account under someone else’s name, we detect this through IP and device ID matching. In such cases:

  • Affected accounts are locked
  • Transactions are temporarily suspended
  • Related data is archived for further investigation
  1. Detailed Cookie Policy
    Cookies are categorized. Settings can be configured in the pop-up bar on login:
  • Essential cookies: for authentication and gameplay
  • Statistical cookies: Google Analytics, Hotjar – collect anonymous data only
  • Marketing cookies: only with consent, for remarketing campaigns
    Enabling cookies is optional. Disabling them won’t prevent registration but may limit functionality.
  1. Parental Control – Practical Tips
    To prevent minors from accessing the casino, we recommend:
  • Use filtering software (e.g. NetNanny, Qustodio, Norton Family)
  • Create a separate user account for your child on devices
  • Block gambling category sites in the browser
  • Regularly check browsing history
  • Do not share your login credentials with your child
    wincraft-casino.com does not target minors with any advertising and enforces age restrictions with all available means.
  1. Legal Remedies
    If you believe your data was mishandled, you may take the following steps:
  • Primary contact: write to [email protected]
  • Submit a complaint: addressed to the Data Protection Officer (DPO)
  • File an official complaint: with Curaçao’s data protection authority
  • Legal action: via court in case of a violation
    All complaints are treated as high priority and are fully investigated.