Privacy Policy | WinCraft

1. Introduction
This Privacy Policy outlines in detail how wincraft-casino.org collects, uses, stores, and protects the personal data provided by visitors and registered users of the website.
wincraft-casino.org processes personal data in accordance with the General Data Protection Regulation of the European Union (GDPR – 2016/679/EU) and other applicable international data protection laws.
By using the website, the user automatically accepts the terms of this policy.

2. Data Controller Information
Controller: Casiworx N.V.
Registered address: Groot Kwartierweg 10, Curaçao
Registration number: 163922
Email: [email protected]
The data controller is responsible for the processing and security of all personal data.

3. What Data We Collect
wincraft-casino.org collects the following personal data:

  • Full name
  • Date of birth
  • Email address
  • Address (country, city, postal code)
  • Phone number (if provided)
  • IP address, browser and device data
  • Deposit and withdrawal information
  • Gameplay statistics
  • Communication with customer support
  • KYC documents (ID, utility bill, etc.)

4. Purpose of Data Processing
The data is processed for the following purposes:

  • Creating and managing user accounts
  • Processing payment and withdrawal transactions
  • Fulfilling KYC and AML obligations
  • Providing promotions and bonus offers
  • Customer support services
  • Statistical analysis of player activity
  • Fulfilling legal requirements
  • Fraud prevention and security checks

5. Data Retention
Data is stored only for as long as necessary:

  • While the user account is active
  • Transaction data: 7 years
  • KYC documents: 5 years
  • Customer support communications: max. 2 years
  • Cookies: max. 12 months
    After expiration, the data is deleted or anonymized.

6. Data Transfers to Third Parties
Data may be shared only with the following partners:

  • Payment providers: banks, crypto processors
  • KYC partners: for identity verification
  • Data security service providers
  • Authorities, where required by law
    All third parties are bound by data processing agreements to ensure GDPR compliance.

7. User Rights
Users have the following rights:

  • Right of access: to know what data we hold
  • Right to rectification: to correct incorrect or outdated data
  • Right to erasure: to request deletion under certain conditions (“right to be forgotten”)
  • Right to restriction: to temporarily suspend processing
  • Right to object: to object to processing for marketing purposes
  • Right to data portability: to request data transfer to another provider
    Requests must be submitted via email: [email protected]
    Response deadline: within 30 days

8. Cookie Management
The website uses cookies.
Types of cookies:

  • Necessary cookies: for basic website functionality
  • Statistical cookies: for usage analysis
  • Marketing cookies: for personalized offers
    Cookies can be managed via the user’s browser settings and customized upon first visit using the pop-up banner.

9. Protection of Minors
The service is available only to users who are 18 or older. Age verification is conducted during registration and prior to withdrawals.
We recommend parents:

  • Use content-filtering software
  • Supervise child accounts
  • Set device-level access restrictions

10. Security Measures
To protect personal data, we apply the following technical and organizational measures:

  • SSL/TLS encryption
  • Access control (only authorized personnel)
  • Backup and data recovery protocols
  • Antivirus and intrusion prevention systems
  • Regular audits and system testing

11. Legal Remedies and Complaints
Users may exercise their legal rights through the following:

  • Direct contact with the data controller
  • Filing a complaint with the Curaçao data protection authority
  • Legal action in case of disputes
    All complaints are treated confidentially and thoroughly investigated.

12. Contact
For any questions or requests regarding data protection, contact us at:
Email: [email protected]
Customer Support: Live chat available 24/7
Data Protection Officer: available upon request

13. Automated Data Processing and Profiling
Some functions on wincraft-casino.org automatically evaluate user behavior. This is used solely for:

  • Personalizing promotions
  • Customizing bonus offers
  • Automatically assigning VIP levels
  • Risk modeling (e.g., detecting excessive gaming behavior)
    The system does not make automated decisions with legal impact — every critical step requires human review.

14. International Data Transfers
As the controller is based in Curaçao, data may be transferred outside the European Economic Area (EEA). In all cases:

  • Data is transmitted through encrypted channels
  • Transfers are governed by GDPR-compliant contractual clauses (SCCs)
  • Transfers are limited to regulatory or technical needs
    The user acknowledges that their data may be processed by international partners, provided the same level of protection is guaranteed.

15. Updates and Changes
This privacy policy may be updated over time due to:

  • Legal changes
  • Introduction of new services
  • Updated security requirements
  • Clarification of data processing practices
    Changes take effect immediately upon publication. It is the user’s responsibility to periodically review the current version.