Privacy Policy

1. Information We Collect (No-KYC Environment)

Given our no-KYC model, we minimize data collection. Information we may collect includes:

Account Information

• Username: unique identifier you choose during registration
• Password: stored using secure hashing (bcrypt/Argon2)
• Email (optional): only if you provide it for recovery or newsletters. Not required for core services.

Transaction Information

• Monero transaction records: amounts, Monero network IDs, timestamps, and associated addresses
• Account balance history: deposits, withdrawals, bets, and winnings
• Transaction purposes: deposits, withdrawals, or internal transfers

Technical Information

• IP addresses: may be anonymized or aggregated for security
• Browser information: type, version, and user agent
• Access logs: pages visited, timestamps, referrers
• Device info: screen resolution, OS (for optimization)
• Session data: ephemeral client-side data for performance

Cookies & Tracking

• Essential cookies for authentication and session management
• Preference cookies for storing UI settings
• Analytics cookies for aggregated, privacy‑respecting usage metrics
• Security cookies for fraud prevention and abuse detection

Game & Betting Data

• Game history records for verification and dispute resolution
• Provably fair seeds and verification data
• Betting patterns analyzed only for security

2. How We Use Your Information

Service Operation

• Providing and maintaining the Service
• Processing Monero transactions (deposits and withdrawals)
• Managing your account and providing customer support
• Facilitating game play and maintaining game integrity

Security & Fraud Prevention

• Monitoring for suspicious activities and potential fraud
• Preventing bonus abuse and multiple account creation
• Detecting automated bot activity
• Protecting against DDoS attacks and other security threats

Service Improvement

• Analyzing usage patterns to improve functionality
• Optimizing website performance and user experience
• Developing new features and games
• Conducting aggregated statistical analysis

Communications

• Sending account-related notifications (if email provided)
• Providing customer support responses
• Delivering optional newsletters or promotional content (with consent)
• Sending security alerts and important service updates

Compliance

• Complying with applicable legal obligations
• Responding to legal requests from recognized authorities
• Maintaining records for potential dispute resolution

2a. Lawful Bases for Processing

Depending on your location, we rely on the following lawful bases:

• Contract: processing necessary to provide and operate the Service
• Legitimate Interests: ensuring security, fraud prevention, service improvement
• Legal Obligations: compliance with applicable laws and requests from authorities
• Consent: where explicitly requested (e.g., newsletters), which you may withdraw at any time

3. Data Retention

Account Data

• Active Accounts: Data retained for the operational lifetime of your account
• Closed Accounts: Essential data retained for 2 years after account closure for potential dispute resolution
• Transaction History: Maintained for 5 years for audit and compliance purposes

3.2 Log Data

• Security Logs: Retained for 90 days unless required for specific investigations
• Access Logs: Retained for 30 days for performance monitoring
• Error Logs: Retained for 60 days for technical debugging

3.3 Game Data

• Game History: Retained for 2 years for verification and dispute resolution
• Provably Fair Records: Maintained permanently to ensure ongoing verification capability

4. Data Security

Technical Safeguards

• Encryption: All data transmissions protected by SSL/TLS encryption
• Password Security: Advanced hashing algorithms (bcrypt/Argon2) for password storage
• Database Security: Encrypted databases with access controls and audit trails
• Network Security: Firewalls, intrusion detection, and prevention systems

Access Controls

• Role-Based Access: Staff access limited to necessary data for their functions
• Multi-Factor Authentication: Required for all administrative access
• Regular Access Reviews: Quarterly audits of user access permissions
• Segregation of Duties: No single individual has complete system access

Physical Security

• Data Centers: Hosted in secure facilities with 24/7 monitoring
• Server Security: Physical access controls and environmental monitoring
• Backup Security: Encrypted backups stored in geographically separate locations

Monitoring & Response

• Continuous Monitoring: 24/7 security monitoring and alert systems
• Incident Response: Defined procedures for security incident handling
• Regular Audits: Monthly security assessments and vulnerability scans
• Penetration Testing: Quarterly third-party security testing

5. Cookies and Tracking Technologies

Cookie Types

• Session Cookies: Essential for login and session management (expire when browser closes)
• Persistent Cookies: Remember preferences and settings (expire after 1 year)
• Security Cookies: Fraud prevention and security monitoring (expire after 90 days)

Cookie Management

• You can control cookies through your browser settings
• Disabling essential cookies may limit Service functionality
• We do not use third-party advertising cookies
• Analytics cookies can be disabled without affecting core functionality

Do Not Track: Our systems do not respond to DNT signals due to industry-standard limitations.

Local Storage

• Game Preferences: Stored locally for enhanced user experience
• Interface Settings: Language, theme, and layout preferences
• Temporary Data: Cache for improved performance (cleared regularly)

Automated Decision-Making

We do not use solely automated decision-making that produces legal or similarly significant effects about you.

We may use automated rules to detect fraud, abuse, or bot activity to protect the Service and its users.

6. Information Sharing and Disclosure

Service Providers

We may share limited information with trusted third-party providers only for:

• Infrastructure hosting
• Payment processing
• Security services
• Analytics

Legal Requirements

Information may be disclosed if required by:

• Valid legal process from recognized jurisdictions
• Court orders or subpoenas
• Law enforcement requests with proper authorization
• Regulatory compliance requirements

Business Transfers

In the event of merger, acquisition, or sale:

• Users will be notified 30 days in advance
• Data protection standards will be maintained
• Users may request account closure before transfer

What We Never Share

• Passwords or authentication credentials
• Personal identification information (we don't collect it)
• Individual transaction details with third parties
• User communications without legal compulsion

7. Privacy of Monero Transactions

Monero Network

• Monero transactions are inherently private and obfuscated
• We cannot track your activities outside our platform
• Blockchain privacy protects sender, receiver, and amounts
• Our records are limited to platform-specific transaction data

Platform Records

• We maintain records for operational purposes only
• Internal transaction IDs do not reveal blockchain information
• Withdrawal addresses are stored encrypted
• Transaction patterns are analyzed only for security purposes

8. Your Rights and Choices

Access Your Data

• View your account information and transaction history
• Request details about data we hold about you
• Obtain copies of your game history and provably fair records

Correction

• Update your username through customer support
• Modify or remove optional email address
• Correct any inaccurate account information

Deletion

• Request account closure and data deletion
• Partial deletion of non-essential historical data
• Note: Some data must be retained for legal/security purposes

Communication Preferences

• Opt out of marketing communications
• Choose notification preferences
• Control promotional email frequency

9. Children's Privacy

Age Restrictions

• The Service is not intended for individuals under the age of majority.
• We do not knowingly collect personal data from minors.
• We may conduct reasonable age verification where required.

Parental Notice

• If we discover underage use, we will close the account.
• Parents or guardians can report concerns to our support team.
• We will delete any information collected from a minor upon verified request.

10. International Data Transfers

Data Location

• Primary servers located in privacy-respecting jurisdictions
• Backup data may be stored in multiple geographic locations
• All transfers comply with applicable data protection laws

Transfer Safeguards

• Adequate protection measures for international transfers
• Contractual protections with all service providers
• Regular review of transfer mechanisms and protections

11. Data Breach Notification

Procedures

• Immediate assessment and containment of any breach
• Forensic investigation to determine scope and cause
• Implementation of additional safeguards to prevent recurrence

User Notification

• Notification within 72 hours of confirmed breach
• Clear description of affected information
• Steps taken to address the breach
• Recommendations for user actions

12. Privacy Policy Updates

Notification Process

• Email notification to users who provided email addresses
• Prominent website notice for all updates
• 30-day notice period for material changes

Version Control

• All policy versions archived and available upon request
• Clear indication of changes in updated versions
• Effective date clearly stated for all versions

13. Contact Information for Privacy Matters

General Inquiries

• Email: [email protected]
• Response Time: Within 48 hours

Data Subject Requests

• Email: [email protected]
• Response Time: Within 30 days of verified request

Security Concerns

• Email: [email protected]
• Response Time: Immediate acknowledgment, investigation within 2 hours

14. Data Controller Information

• Data Controller Name
• Data Controller Address
• Data Protection Officer
• Supervisory Authority