Basswin

Privacy Policy

This Privacy Policy outlines how we collect, use, protect, and manage your personal information when you access and use our online gaming platform. We are committed to maintaining the highest standards of data protection in compliance with UK legislation, including the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR). By using our services, you acknowledge that you have read, understood, and agree to the practices described in this policy.

1. General Provisions

As a licensed online gaming operator in the United Kingdom, we take our responsibilities regarding data protection seriously. This policy applies to all personal information collected through our website, mobile applications, customer service interactions, and any other digital platforms we operate. We process your personal data lawfully, fairly, and transparently, ensuring that we only collect information that is necessary for providing our services and complying with regulatory requirements.

Our commitment extends beyond mere compliance with legal obligations. We recognise that trust is fundamental to our relationship with players, and we have implemented comprehensive measures to ensure your personal information remains secure and confidential. This policy is regularly reviewed and updated to reflect changes in legislation, industry best practices, and our operational procedures.

2. Information We Collect

We collect various types of personal information to provide you with a secure and enjoyable gaming experience. The information we gather falls into several categories, each serving specific purposes related to account management, regulatory compliance, and service improvement.

  1. Identity verification data including full name, date of birth, residential address, and government-issued identification documents
  2. Contact information such as email addresses, telephone numbers, and postal addresses
  3. Financial information including payment card details, bank account information, and transaction histories
  4. Gaming activity data encompassing betting patterns, game preferences, session durations, and deposit/withdrawal records
  5. Technical information including IP addresses, device identifiers, browser types, and operating system details
  6. Communication records including live chat transcripts, email correspondence, and customer service call recordings
  7. Marketing preferences and consent records for promotional communications
  8. Responsible gambling indicators including deposit limits, session time limits, and self-exclusion preferences

3. How We Collect Your Information

Personal information is collected through multiple channels during your interaction with our platform. The primary collection occurs during account registration when you voluntarily provide essential details required for identity verification and age confirmation. We also gather information automatically through your use of our services, including gaming activity, transaction data, and technical details about your device and browsing behaviour.

Additional information may be obtained from third-party sources, including payment processors, identity verification services, and fraud prevention agencies. We may also receive information from marketing partners, affiliate networks, and social media platforms where you have consented to data sharing. All third-party data collection is conducted in accordance with applicable privacy laws and industry standards.

4. Legal Basis for Processing

We process your personal data based on several legal grounds established under UK data protection legislation. The primary basis is the performance of our contract with you, which requires identity verification, payment processing, and account management. We also process data to comply with legal obligations, particularly those imposed by the UK Gambling Commission and anti-money laundering regulations.

Legitimate interests form another basis for processing, including fraud prevention, system security, and business analytics. Where we rely on legitimate interests, we have conducted balancing tests to ensure your privacy rights are not overridden. For marketing communications and certain analytical activities, we obtain your explicit consent, which you may withdraw at any time without affecting other services.

5. How We Use Your Information

Your personal information serves multiple purposes essential to operating a licensed gaming platform. We use your data to verify your identity and age, ensuring compliance with legal requirements and preventing underage gambling. Account management functions include processing deposits and withdrawals, maintaining transaction records, and providing customer support services.

We analyse gaming patterns to detect suspicious activity, prevent fraud, and identify potential problem gambling behaviours. This analysis helps us implement appropriate interventions and maintain responsible gambling standards. Your information also supports platform improvement through user experience analysis, game development insights, and security enhancement measures.

  1. Account creation and ongoing management services
  2. Identity verification and age confirmation procedures
  3. Processing financial transactions and maintaining payment records
  4. Detecting and preventing fraudulent activities
  5. Implementing responsible gambling measures and player protection tools
  6. Providing customer support and resolving technical issues
  7. Conducting regulatory reporting and compliance monitoring
  8. Delivering personalised gaming experiences and promotional offers

6. Data Sharing and Third Parties

We share your personal information with carefully selected third parties who assist us in delivering our services and meeting regulatory obligations. These partnerships are governed by strict contractual agreements that ensure appropriate data protection standards are maintained throughout the sharing process.

Payment processors handle transaction data to facilitate deposits and withdrawals, while identity verification services assist with account validation and anti-fraud measures. We share relevant information with the UK Gambling Commission and other regulatory bodies as required by law. Marketing partners may receive limited data to deliver targeted promotions, but only where you have provided explicit consent.

We never sell your personal data to third parties for their own marketing purposes. All data sharing arrangements include robust security provisions, data minimisation principles, and clear limitations on data use. We conduct regular audits of our third-party partners to ensure ongoing compliance with data protection requirements.

7. International Data Transfers

While we primarily operate within the United Kingdom, certain aspects of our service infrastructure may involve international data transfers. These transfers occur when using cloud computing services, payment processing systems, or customer support platforms operated by international providers.

All international transfers are conducted with appropriate safeguards in place, including adequacy decisions, standard contractual clauses, or certification schemes approved by UK data protection authorities. We ensure that any country receiving your data provides an adequate level of protection equivalent to UK standards. You have the right to request information about international transfers affecting your data and to obtain copies of relevant safeguarding measures.

8. Data Security Measures

We implement comprehensive technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. Our security framework includes multiple layers of protection designed to address various threat vectors and vulnerabilities.

  1. Advanced encryption protocols for data transmission and storage
  2. Multi-factor authentication systems for account access
  3. Regular security audits and vulnerability assessments
  4. Employee training programmes on data protection and security practices
  5. Secure data centres with physical access controls and monitoring systems
  6. Intrusion detection and prevention systems
  7. Regular backup procedures and disaster recovery protocols
  8. Incident response plans for potential security breaches

Despite these robust measures, no system is completely immune to security risks. We continuously monitor emerging threats and update our security protocols accordingly. In the unlikely event of a data breach, we have established procedures to minimise impact and notify relevant authorities and affected individuals as required by law.

9. Your Rights and Choices

As a data subject under UK data protection legislation, you possess several important rights regarding your personal information. These rights are designed to give you control over how your data is processed and to ensure transparency in our data handling practices.

You may request access to your personal data, receive information about how it is processed, and obtain copies of the information we hold about you. You have the right to rectify inaccurate data and, in certain circumstances, to request deletion of your personal information. Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of previous processing.

  1. Right of access to your personal data and processing information
  2. Right to rectification of inaccurate or incomplete data
  3. Right to erasure in specific circumstances
  4. Right to restrict processing under certain conditions
  5. Right to data portability for certain types of data
  6. Right to object to processing based on legitimate interests
  7. Right to withdraw consent for consent-based processing
  8. Right to lodge complaints with supervisory authorities

10. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations. Our retention periods are based on regulatory requirements, business needs, and the nature of the information involved.

Account information and transaction records are typically retained for seven years following account closure to comply with anti-money laundering regulations and tax obligations. Marketing consent records are maintained until withdrawn, while technical logs and security data are usually retained for shorter periods unless required for ongoing investigations or legal proceedings.

We regularly review our retention schedules and securely dispose of information that is no longer required. Disposal methods include secure deletion of electronic records and confidential destruction of physical documents. Some information may be retained in anonymised form for statistical and analytical purposes.

11. Policy Updates and Contact Information

This Privacy Policy is subject to periodic review and updates to reflect changes in our practices, legal requirements, or industry standards. We will notify you of significant changes through prominent notices on our website, email communications, or account notifications. Minor administrative updates may be implemented without specific notice, but the policy version date will always reflect the most recent modifications.

Your continued use of our services following policy updates constitutes acceptance of the revised terms. We encourage you to review this policy regularly to stay informed about how we protect your personal information. If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer through the designated channels provided on our website. We are committed to responding to all enquiries promptly and addressing any issues you may have regarding your personal data.