Privacy Policy | WinCraft
This notice aims to transparently present how the operator of wincraftcasino-hu.org (hereinafter: Website or Service) collects, processes, and protects the personal data of visitors and users. All data processing complies with the EU General Data Protection Regulation (GDPR) and applicable Hungarian law.
1. Data Controller and Contact Information
Data Controller:
Casiworx N.V.
Registered office: Groot Kwartierweg 10, Livestrong Building, Curaçao
Company registration number: 163922
Data Processor (payment processing):
Xenith Ltd., Chytron 30, 2nd floor, Office A22, 1075 Nicosia, Cyprus, HE 450395
Data Protection Contact: [email protected]
Customer Support: [email protected]
You may request further information about data processing at any time via the above contacts.
2. Purposes and Legal Bases of Processing
| Purpose | Typical Data | Legal Basis (GDPR) |
|---|---|---|
| Registration, account management | name, email, password, date of birth | Art. 6(1)(b) – contract |
| Payments, withdrawals | transaction and billing data | Art. 6(1)(b), 6(1)(c) – contract, legal obligation |
| KYC/AML identification | ID document, proof of address | Art. 6(1)(c) – legal obligation |
| Security, fraud prevention | IP, device identifiers, logs | Art. 6(1)(f) – legitimate interest |
| Marketing and promotion | email, preferences | Art. 6(1)(a) – consent |
| Statistics, service development | usage and performance data | Art. 6(1)(f) – legitimate interest |
Where processing is based on consent, you may withdraw it at any time – withdrawal does not affect the lawfulness of processing carried out previously.
3. Categories of Data Processed
- Identification data: full name, date of birth, address (for KYC).
- Contact details: email address, optional phone number.
- Account data: username, password (encrypted), preferences.
- Technical data: IP address, browser/OS, device identifiers, log files.
- Transaction data: deposits/withdrawals, wallet movements.
- KYC documents: ID, proof of address.
- Communication: customer support correspondence, chat logs.
The data processed depends on the functions used; without the minimum required data, certain services cannot be provided.
4. Cookies and Similar Technologies
The Website uses the following categories of cookies:
- Necessary cookies: basic functions (login, session management).
- Functional cookies: settings (e.g., language, preferences).
- Analytical cookies: traffic and behavior statistics (e.g., Analytics/Matomo).
- Marketing cookies: campaign measurement and targeting (with consent).
You may modify or withdraw cookie consent at any time via the cookie banner or your browser settings. Disabling necessary cookies may affect the Website’s operation.
5. Storage and Retention Periods
| Data Type | Retention |
|---|---|
| Account and contractual data | 5 years from account closure |
| Transaction/billing data | 7–8 years (per accounting law) |
| KYC documents | 5 years from verification |
| Customer support communications | 2 years |
| Technical logs, IP | up to 12 months |
| Marketing consent | until withdrawal |
After expiry, data is deleted or irreversibly anonymized.
6. Data Transfers and Processors
Personal data may only be transferred to third parties for specific purposes:
- Payment providers (cards, crypto processors) for transaction handling
- KYC partners for identification and compliance
- IT/hosting and security partners for operation
- Marketing partners only with consent
- Authorities/courts as required by law
All partners operate under GDPR-compliant processing agreements and access only the data necessary for their tasks.
7. International Data Transfers
Data may be transferred outside the EEA. In such cases, appropriate safeguards are applied (EU adequacy decision, Standard Contractual Clauses, encrypted transmission) to maintain data protection standards.
8. Data Security
We implement multiple layers of measures to protect personal data:
- SSL/TLS encryption for all connections
- Firewalls and intrusion detection
- Access control based on least privilege
- Multi-factor authentication for admin access
- Regular backups and audits
- Employee confidentiality and role-based access
These measures collectively ensure confidentiality, integrity, and availability.
9. Automated Decision-Making
Some processes may be automated (fraud prevention, bonus eligibility checks). You are entitled to:
- request human intervention,
- contest the automated decision,
- express your views.
Requests: [email protected]. All such cases are individually reviewed.
10. Protection of Minors
Our services are not available to persons under 18. Identity verification (KYC) is mandatory before withdrawal. If a minor registers, the account will be deleted, data erased, and further steps taken if necessary.
11. Data Subject Rights
Under the GDPR you have the right to:
- access processed data,
- rectify inaccurate data,
- erasure (“right to be forgotten”) where applicable,
- restriction of processing in certain cases,
- data portability where contract/legal basis applies,
- object to processing based on legitimate interest,
- withdraw consent for marketing.
Requests will be answered within 30 days following identification.
12. Complaints
If you believe your rights have been violated, you may lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH).
Address: 1055 Budapest, Falk Miksa utca 9–11 • Website: naih.hu • Email: [email protected]
You may also contact us directly via the contacts above.
13. Amendments
We reserve the right to update this notice. Amendments take effect on the date of publication on the Website. Please review the current version from time to time.
14. Language Provision
The Hungarian version of this notice is the governing text. In case of discrepancy, the Hungarian version shall prevail.
15. Definitions (Briefly)
- Personal data: any information relating to an identified or identifiable natural person.
- Data subject: the natural person to whom the data relates.
- Data processor: a third party acting on behalf of the service provider.
- Data processing: any operation performed on personal data.
- Consent: voluntary, explicit, and informed declaration of will.
16. Contact
- Data Protection: [email protected]
- Customer Support: [email protected]
(Recommended subject line: “Privacy Inquiry”). We respond to all inquiries as soon as possible, within a maximum of 30 days.
By using the Website, you declare that you have read, understood, and accepted this Privacy Policy. If you disagree with any part of it, please do not use the Service.