Privacy Policy 1win India

This Privacy Policy applies to all Websites that we own and operate and all services we provide, including our online and mobile services and products. For this Policy, we will call them our ‘Websites’ and ‘Services’.

When we say ‘Personal Data’ we mean identifiable information about you, like your name, email, address, telephone number, payment account details, payment information, support queries, betting history, chat comments and so on. If you can’t be identified (for example, when Personal Data has been aggregated and anonymized), then this Policy does not apply.

We may need to update this Policy from time to time. Where a change is significant, we will make sure we let you know – usually by posting a notification on the Websites or sending you an email.

When you visit our Websites or use our Services we collect and process your Personal Data. The ways we collect it can be broadly categorized into the following:

When you visit or use some parts of our Websites and/or Services we might ask you to provide Personal Data to us. For example, we ask for your contact information or certain documents upon registration, during verification and anti-money laundering procedures or an anti-fraud check, or when you contact us with questions or request support.

We collect some information about you automatically when you visit our Websites or use our Services, like your IP address, operating system, device type and settings, browser type and settings, crash reports, system activity, and the date, time, and referrer URL of your request. This information is useful for us as it helps us get a better understanding of how you are using our Websites and Services so that we can continue to provide the best experience possible. For example, using information from your browser we can figure out which language you speak.

Some of this information is collected using cookies, similar tracking technologies and third-party tools like Google Analytics.

We also collect details of the transactions you carry out with us and your account activity. Information we get from third parties

Sometimes we might collect Personal Data about you from other sources, such as publicly available materials or trusted third parties like our payment providers. We use this information to supplement the Personal Data we hold about you, to better inform, personalize and improve our Services, and to validate the Personal Data you provide.

Where we collect Personal Data, we will only process it when we have the legal basis for the processing set out in applicable data protection laws. Such legal bases are:

We may process your Personal Data where it is necessary for the performance of a contract. For example, when you register on the Website you enter into agreements with us or when we take steps related to a contract, in particular, facilitation of transactions that take place on the Websites. A legal obligation

 

Various laws and regulations impose certain obligations on us. To comply with them we have to process your Personal Data, for example, to comply with anti-money laundering legislation, responsible gaming regulations and the conditions of our gambling license.

Your Personal Data may be processed when we, other companies in our group of companies or third parties have a business or commercial reason to process your Personal Data.

Your consent in certain limited cases we process your Personal Data based on your consent, for example, when it is required for direct marketing purposes.

Use of your Personal Data (Legal Basis):

  • To operate our Websites, ensure our Websites and Services work as intended and deliver Services you have requested (Performance of a contract Legitimate interest)
  • To determine if you may use certain Services, including when we check your age, geographic location, identity or self-exclusion status, and to set up and operate your account (Performance of a contract, Legitimate interest)
  • To perform legal duties, responsibilities, and obligations, to comply with any laws and regulations that apply to us and with the conditions of our gambling license, and prevent illegal activities, including money laundering and match-fixing (Legal obligation)
  • To support you, including assisting with the resolution of technical or payment issues or other issues relating to the Websites or Services (Performance of a contract)
  • To enhance our Websites and Services, test and develop new features and carry out technical analysis of our Websites and Services so that we can optimize your user experience and provide you with more efficient tools (Legitimate interest)
  • To prevent, detect and report a crime, protect you, other users and us, for example, by ensuring network and information security, mitigating security risks, detecting and preventing any fraudulent or malicious activity, and make sure that everyone is using our Websites and Services fairly and following the agreements (Legal obligation, Legitimate interest, Performance of a contract)
  • To analyze and aggregate data, to prepare statistics, in particular, to produce aggregated and anonymized analytics and reports, which we may use internally or share publicly or with third parties (Legitimate interest)
  • To facilitate, manage and confirm financial transactions (Performance of a contract, Legitimate interest)
  • To analyze your fraud risk and verify your credentials using third parties, including financial institutions, identification verification agencies and credit reference agencies (Legal obligation, Performance of a contract, Legitimate interest)
  • To assess your gambling activity for responsible gaming purposes (Legal obligation, Legitimate interest, Performance of a contract)
  • To monitor betting activity and manage our risk and odds (Legitimate interest, Performance of a contract)
  • To exercise our rights set out in the agreements or other agreements with you (Performance of a contract)
  • To disclose information to companies in our group of companies following a restructure or for internal administrative purposes (Legitimate interest)
  • To manage our relationship and communicate with you. This may include:
    operational communications, like changes to our Websites and Services, information about new features, bonuses and promotions, security updates, or assistance with using our Websites and Services, marketing communications, and providing you with the information you have requested from us or information we are required to send to you (Performance of a contract, Legitimate interest, Your consent)

There will be times when we need to share your Personal Data with third parties. We will disclose your Personal Data to:

  • Other companies in our group of companies;
  • Third-party service providers and partners who assist us in the provision of Websites and Services which you have requested, for example, to those who support the delivery of or provide functionality on Websites or for Services, or market or promote our Websites and Services;
  • Regulators, law enforcement agencies, government bodies, courts, fraud prevention agencies, licensing bodies, eSports self-governing bodies or other third parties, where we think it is necessary to comply with applicable laws or regulations or to exercise, establish or defend our legal rights (where possible and appropriate, we will notify you of this type of disclosure);
  • Affiliates and other persons that introduce you to us;
  • Other persons where we have your consent.

When we process and share data, it may be transferred to, and processed in, countries other than your country. These countries may have laws different from what you are used to. Where Personal Data are processed in another country, we put safeguards in place to ensure your Personal Data remains protected.

For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. Where your Personal Data is transferred outside the EEA, it will be transferred to countries where we have compliant transfer mechanisms in place to protect your Personal Data, in particular, by implementing the European Commission’s Standard Contractual Clauses to the contracts with the entities the data is transferred to.

We are committed to protecting your Personal Data and have appropriate technical and organizational measures in place, including:

  • Data encryption. We encrypt all data that goes between you and us using industry-standard TLS (Transport Layer Security), protecting your personal and financial data. Your data is also encrypted when it is stored on our servers, and encrypted when we transfer it between data centers for backup and replication.
  • Limited access. We restrict access to personal information to our employees, contractors, and agents who need that information to process it.
  • Network protection. Multiple layers of security controls protect access to and within our environment, including firewalls, intrusion protection systems and network segregation. Our security services are configured, monitored and maintained according to industry best practices. We partner with industry-leading security vendors to leverage their expertise and global threat intelligence to protect our systems.
  • Secure data centers. Our servers are located within enterprise-grade hosting facilities that employ robust physical security controls to prevent physical access to the servers they house. These controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits. We maintain geographically separated data replicas to minimize the risk of data loss or outages.
  • Security monitoring. Our security team continuously monitors security systems, event logs, notifications and alerts from all systems to identify and manage threats.

Some data you can delete whenever you like, some data is deleted automatically, and some data we retain for longer periods when necessary. When the data is being deleted, we make sure that your data is safely and completely removed from our servers or retained only in anonymized form. Information is retained until you remove it.

We offer a range of services that allow you to correct or delete data associated with or stored in your account. For example, you can:

  • Edit information about yourself,
  • Delete a chat post, or
  • Delete your account entirely.

 

We will keep this data in your account until it is not closed and for a period of five years to allow us to meet our regulatory and legal obligations and defend ourselves against any claims following the closure of your account (when applicable) or your last contact with us.

 

Information retained for extended periods for limited purposes

 

Sometimes business and legal requirements oblige us to retain certain information, for specific purposes, for an extended period. For example, when a person self-excludes from our Services, we will retain the Personal Data of this person for longer periods as required for purposes of responsible gaming.

 

Reasons we might retain some data for longer periods include:

 

  • to protect you, other persons, and us from fraud, abuse, illegal activity and unauthorized access, for example, when suspect someone is committing fraud, is engaged in match-fixing or launders money.
  • to comply with tax, anti-money laundering and other financial regulations, to carry out accounting or facilitate dispute resolution, for example, when we are party to a financial transaction, including when we receive your deposits and make payouts to you.
  • to meet any comply with applicable law, regulation, legal process or enforceable governmental request, or when we are required to enforce the agreements, including investigation of potential violations.
  • to ensure the continuity of our Services to you and other users.
  • If you have directly communicated with us, for example, through a customer support channel or providing feedback or a bug report.

 

We are committed to safeguarding the confidentiality of your personal information or data it collects, uses and/or holds following the applicable data protection laws and regulations and particularly, the provisions of the (country) Data Protection Laws and other applicable International Data Protection Regulations like the General Data Protection regulation of 2016/679 (GDPR) (hereinafter ‘Data Protection Laws’).

You have certain rights relating to your Personal Data:

  • to know what Personal Data we hold about you.
  • to correct or ask us to correct inaccurate Personal Data concerning you.
  • to access your Personal Data and request its copy in a machine-readable format, for example, if you want to back it up.
  • to object to our processing of your Personal Data where we are doing it for our legitimate interests. Please note that we may still process your Personal Data where there are other relevant lawful bases or where we have compelling grounds to continue processing in our interests which are not overridden by your rights, interests or freedoms.
  • to ask us to erase your Personal Data, including to delete your account, solely where (1) it is no longer necessary for us to process it, (2) where you have withdrawn your consent and your consent has been the legal basis for processing, (3) you have exercised your right to object and there are no overriding legitimate grounds for the processing, (4) your Personal Data has been unlawfully processed, (5) or where erasing your Personal Data is required following a legal obligation. Please, note that we will not erase and still will retain data, for instance, when Personal Data needs to be kept for our legitimate interests that override your request, for compliance with a legal obligation, or in case it is needed for the establishment, exercise or defense of legal claims.
  • to ask us to restrict processing of your Personal Data in certain circumstances.
  • to withdraw your previously granted consent where your consent has been required to process the Personal Data. Please note, that we may still process your Personal Data where there are other relevant lawful bases for us to rely on.
  • to object to direct marketing and to any profiling (to the extent that it relates solely to direct marketing). When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication, or send your request to [email protected] to complain to your local data protection authority.

Please note that not all detailed above rights are absolute.

You can exercise your rights at any time by making adjustments to your account or by sending an email to [email protected].

We may require evidence of and be satisfied as to your identity before we take any requested action.

If you are not happy with how we are processing your Personal Data, please let us know by sending an email [email protected]. We will review and investigate your complaint, and try to get back to you within a reasonable time frame.

We use Google Analytics to collect information about the use of this Website. Google Analytics collects information such as how often you visit the Website, what pages you visit when you do so, and what other sites you used before coming to the Website. Google Analytics collects only the IP address assigned to you on the date you visit the Website, rather than your name or other identifying information. We do not combine information collected through the use of Google Analytics with your

Personal Data. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit the Website, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to the Website is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to the Website by disabling cookies on your browser.

If you choose, you can opt-out by turning off cookies in the preferences settings in your web browser. For more information on Google Analytics, please visit http://www.google.com/analytics/. To read more about how Google uses cookies, please visit https://policies.google.com/technologies/cookies.

All critical correspondence between the user and the Website is encrypted with Secure Socket Layer technology (SSL) using a 256-bit key.

Updated: