Privacy Policy

LuckyWins Casino

By visiting or interacting with LuckyWins Casino, you accept the conditions outlined in this privacy policy. This statement, along with our General Terms and Conditions, describes our approaches to collecting, managing, storing, and securing your personal data. Most recently revised on February 06, 2026 (Version 2.0.2), it aligns with the General Data Protection Regulation (GDPR – Regulation (EU) 2016/679) and applicable regulations. Updates may occur periodically; we aim to alert you to substantial modifications, but we suggest visiting this page often. Continued engagement with the platform confirms your approval of the most recent update. If you object or choose not to provide essential information, please do not register or access our features. The service is limited to users who are at least 18 years old; we do not deliberately obtain data from those under this age.

Start Playing Now 🎰

About Us

Our website, www.luckywinscasino-au.com, referred to as “LuckyWins Casino,” “we,” “us,” or “our,” is owned and run by Dama N.V., a firm established under Curaçao laws (registration 152125, address: Scharlooweg 39, Willemstad, Curaçao). We operate under an E-gaming license (No. OGL/2023/174/0082) granted by the Curaçao Gaming Control Board. As the entity controlling data, we must legally process particular personal information to support gaming activities, oversee transactions, and offer supplementary assistance.

We prioritize privacy and have named a Data Protection Officer (DPO) to supervise compliance and function as your central resource for privacy-related matters. Reach out to them at [email protected] regarding questions, exercising rights, or issues. Routine help is accessible through [email protected], live chat, or your profile settings.

Information We Collect

We acquire information directly from you and through automated means during your site activities. This encompasses:

  • Identification and communication details submitted during signup, validations, deposits, withdrawals, offers, concerns, or exchanges: full name, username, date of birth, gender, email, phone, residence address, nationality, and verification documents.
  • Financial and operational records: payment details, deposit and withdrawal histories, sources of funds and wealth materials, and accompanying verifications.
  • Technical and behavioral indicators: IP address, browser characteristics, operating system, login and logout durations, pages accessed, time allocated, gaming behaviors, device specifics, and cookie-sourced data.
  • Responsible gaming and analytical elements: assessment replies, playing habits, bonuses activated, controls established, and summarized usage data.
  • Contributions from external sources: results from identity and age confirmations, AML evaluators, credit organizations, linked Group sites, and promotional associates.

We might integrate data if you maintain accounts on different Group properties.

How We Use Your Information

We process your data for precise, authorized reasons, including:

  • Executing contractual duties: setting up and administering accounts, supplying games, handling finances, supporting customers, and completing operations.
  • Adhering to legal standards: carrying out KYC and AML reviews, mitigating fraud, money laundering, and terrorism financing, complying with gambling statutes, and promoting secure gaming practices.
  • Maintaining and upgrading the service: resolving problems, examining trends, performing studies, customizing interfaces, and improving capabilities.
  • Marketing notifications: delivering updates, specials, and suggestions about our or partnered services, exclusively with your permission.
  • Risk oversight: evaluating for fraud identification, bonus exploitation deterrence, responsible gaming appraisals, and risk designations (with manual review for critical determinations).

We could generate compiled or anonymized collections for analytical aims that avoid individual recognition.

Lawful Basis for Processing

Our processing depends on:

  • Contract fulfillment (e.g., account establishment, gaming, financial transfers).
  • Legal responsibilities (e.g., AML and KYC protocols, licensing requirements, gaming safeguards).
  • Legitimate concerns (e.g., fraud aversion, platform protection, operational advancements), as long as they do not infringe on your rights.
  • Consent (e.g., promotional content, select personalization efforts).

Sharing Your Data

We neither sell nor rent personal details. Sharing is restricted to essential cases with rigorous supervision:

  • Within the Dama N.V. Group for service provision, fraud/AML/responsible gaming adherence, and approved cross-marketing.
  • Personnel and designated representatives (committed to nondisclosure agreements) including compliance staff, fraud specialists, assistance groups, and VIP coordinators.
  • Suppliers: game makers, payment facilitators (e.g., Trustly, Paysafe), marketing collaborators, hosting and analytics providers, validation and AML resources, and messaging systems.
  • Regulatory bodies: in response to legal requirements, judicial directives, supervisory inquiries, or to safeguard interests and security.
  • In organizational changes: mergers, acquisitions, and similar (with advance notification when possible).

External entities adhere to processing contracts that assure protection equivalent to GDPR standards.

International Transfers

Some processors or recipients may be situated outside the EEA. We apply measures such as EU-sanctioned standard clauses to uphold sufficient safeguarding.

Data Retention

We retain personal information solely as needed for intended purposes, compliance, or business functions. AML regulations commonly necessitate preserving registration and transaction data for at least five years following the final interaction or account termination. Unidentified forms may be maintained extendedly for research and enhancements.

Your Rights

Under data protection rules, you possess rights such as:

  • Accessing your details (complimentary copy).
  • Amending inaccuracies or incompletenesses.
  • Requesting deletion (except where retention is mandated).
  • Suspending processing under specific conditions.
  • Opposing handling grounded in legitimate interests.
  • Demanding data transfer (when relevant).
  • Retracting consent for consented processes.
  • Submitting complaints to supervisory entities.

To activate these, connect with the DPO. We strive for responses within one month, including identity checks. Elaborate requests may necessitate extra time, with notifications provided.

Automated Decision-Making

We typically steer clear of entirely automated decisions with substantial consequences. When profiling is involved (e.g., risk evaluation), ultimate judgments incorporate human involvement.

Data Security

We deploy solid technological and procedural protections to defend your information from unauthorized intrusion, loss, or exploitation. Accounts demand unique identifiers, with optional two-factor verification. You are accountable for preserving the confidentiality of your credentials.

This policy highlights our pledge to open and compliant data practices. For additional support, consult our help team or the DPO.