1Win Privacy Policy: Safeguarding Your Personal Data

This Privacy Policy covers all websites and services we offer, including online and mobile options. We'll refer to them collectively as our "Websites" and "Services" throughout this policy.

What is Personal Data?

We consider “Personal Data” any information that can be used to identify you. This includes details like your name, email address, phone number, payment information, and even your betting history and chat comments. Once the data is anonymized and cannot be linked back to you specifically, it falls outside the scope of this policy.

Keeping You Informed About Updates

We may need to make occasional changes to this Privacy Policy. If the updates are significant, we’ll take steps to notify you. This might involve posting a notice on our Websites or sending you an email directly.

What Data We Collect and How We Do That

When you visit our Websites or use our Services, we collect and process your Personal Data. The ways we collect this data can be broadly categorized as follows:

Information You Provide to Us Directly

When you visit or use certain parts of our Websites and/or Services, we may ask you to provide Personal Data. For example, we might request your contact information or specific documents during registration, verification, anti-money laundering procedures, anti-fraud checks, or when you contact us with questions or support requests.

Information We Collect Automatically

We automatically collect certain information about you when you visit our Websites or use our Services. This includes your IP address, operating system, device type and settings, browser type and settings, crash reports, system activity, and the date, time, and referrer URL of your request. This data helps us understand how you use our Websites and Services, enabling us to continually improve your experience. For instance, information from your browser can help us determine your preferred language.

Some of this information is gathered using cookies, similar tracking technologies, and third-party tools like Google Analytics.

Information from Your Transactions

We also collect details of the transactions you carry out with us and your account activity.

Information We Get from Third Parties

Occasionally, we collect Personal Data about you from other sources, such as publicly available materials or trusted third parties like our payment providers. This information helps us supplement the Personal Data we hold about you, better inform, personalize, and improve our Services, and validate the Personal Data you provide.

How We Use Personal Data

We utilize your Personal Data for various purposes, each supported by specific legal bases:

  1. Operation of the 1Win website and services: Ensuring our Websites and Services function properly and delivering the Services you have requested (Performance of a contract, Legitimate interest).
  2. Determining Eligibility and Account Management: Verifying your eligibility to use specific Services, such as age and geographic location checks, managing identity verification, and overseeing self-exclusion statuses (Performance of a contract, Legitimate interest).
  3. Compliance and Legal Obligations: Fulfilling legal duties, responsibilities, and obligations, including adherence to applicable laws, regulations, and the conditions of our gambling license, and preventing illegal activities like money laundering and match-fixing (Legal obligation).
  4. Customer Support: Providing assistance for technical or payment-related issues and other concerns related to our Websites or Services (Performance of a contract).
  5. Enhancing User Experience: Improving our Websites and Services, testing and developing new features, and conducting technical analyses to optimize user experience and provide more efficient tools (Legitimate interest).
  6. Security and Crime Prevention: Preventing, detecting, and reporting crimes, protecting you, other users, and our platforms by ensuring network and information security, mitigating security risks, detecting and preventing fraud or malicious activities, and ensuring fair usage of our Websites and Services (Legal obligation, Legitimate interest, Performance of a contract).
  7. Analytics and Reporting: Analyzing and aggregating data to produce statistics, including aggregated and anonymized analytics and reports used internally or shared with third parties (Legitimate interest).
  8. Financial Transactions: Facilitating, managing, and confirming financial transactions (Performance of a contract, Legitimate interest).
  9. Fraud Risk Assessment and Verification: Assessing fraud risk and verifying credentials through third-party entities such as financial institutions, identification verification agencies, and credit reference agencies (Legal obligation, Performance of a contract, Legitimate interest).
  10. Responsible Gaming: Evaluating your gambling activity to promote responsible gaming practices (Legal obligation, Legitimate interest, Performance of a contract).
  11. Risk Management and Odds Monitoring: Monitoring betting activity, managing risk, and adjusting odds (Legitimate interest, Performance of a contract).
  12. Enforcement of Rights: Exercising our rights as outlined in agreements or other contractual arrangements with you (Performance of a contract).
  13. Internal Administrative Purposes: Sharing information within our group of companies for reorganization or internal administrative purposes (Legitimate interest).
  14. Customer Relationship Management: Managing our relationship with you, including operational communications, marketing communications, and providing requested information (Performance of a contract, Legitimate interest, Your consent).

How We Share Your Personal Data

There are occasions when we need to share your Personal Data with third parties. We may disclose your Personal Data to:

  • Other companies within our group of companies;
  • Third-party service providers and partners who assist us in delivering the Websites and Services you have requested. For example, these may include providers who support website functionality, deliver Services, or help market and promote our offerings;
  • Regulators, law enforcement agencies, government bodies, courts, fraud prevention agencies, licensing bodies, eSports self-governing bodies, or other third parties where necessary to comply with applicable laws or regulations, or to exercise, establish, or defend legal rights. Whenever possible and appropriate, we will notify you before such disclosures occur;
  • Affiliates and other entities that introduce you to us;
  • Other parties with your explicit consent.

These disclosures are made to ensure the proper delivery of our services, compliance with legal obligations, and to protect our legitimate business interests, always with due respect to your privacy and data protection rights.

Cookie Policy

We utilize “cookie” files to ensure the proper functionality of our website. A “cookie” is a small text file that is stored on the user’s device during their visit to our website. This file allows us to recognize returning users and enhance their experience by remembering their preferences and interactions with the site. For more detailed information on how to control and delete cookie files, please visit www.aboutcookies.org.

Please be aware that deleting our “cookie” files may result in restricted access to certain sections and features of our website, potentially impacting your ability to use the site to its full extent.

International Data Transfers

When we process and share data, it may be transferred to and processed in countries outside of your own. These countries may have different laws regarding data protection compared to what you are accustomed to. When Personal Data is processed in another country, we take steps to ensure that your Personal Data remains protected.

For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. When your Personal Data is transferred outside the EEA, it will only be done so to countries where we have implemented compliant transfer mechanisms to protect your Personal Data. This includes adhering to the European Commission’s Standard Contractual Clauses in contracts with entities to whom the data is transferred.

These measures are put in place to safeguard your privacy and ensure that your Personal Data is handled in accordance with applicable data protection laws.

Security

We are dedicated to safeguarding your Personal Data and have implemented appropriate technical and organizational measures, including:

  1. Data Encryption: We encrypt all data exchanged between you and us using industry-standard TLS (Transport Layer Security), ensuring the protection of your personal and financial information. Your data is also encrypted when stored on our servers and during transfer between data centers for backup and replication.
  2. Limited Access: Access to personal information is restricted to our employees, contractors, and agents who require this information to process it. This ensures that only authorized personnel can access sensitive data.
  3. Network Protection: Our environment is secured by multiple layers of security controls, including firewalls, intrusion protection systems, and network segregation. These security services are configured, monitored, and maintained according to industry best practices. We collaborate with leading security vendors to utilize their expertise and global threat intelligence to protect our systems.
  4. Secure Data Centers: Our servers are housed within enterprise-grade hosting facilities that implement robust physical security controls to prevent unauthorized physical access. These measures include 24/7/365 monitoring and surveillance, on-site security staff, and regular security audits. We maintain geographically separated data replicas to minimize the risk of data loss or outages.
  5. Security Monitoring: Our security team continuously monitors security systems, event logs, notifications, and alerts from all systems to identify and manage threats. This proactive approach ensures that potential security issues are detected and addressed promptly.

Data Retention

We manage data retention in various ways to ensure your data is handled appropriately:

  1. User-Controlled Deletion: Some data can be deleted by you at any time. For instance, you can edit your personal information, delete a chat post, or delete your account entirely.
  2. Automatic Deletion: Certain data is deleted automatically after a specific period or when it is no longer needed.
  3. Retention for Extended Periods: We retain some data for longer periods when necessary, ensuring it is either safely and completely removed from our servers or kept in an anonymized form when deleted.
  4. Data Retention in Your Account: Data in your account is retained until you close the account. Additionally, after account closure or your last contact with us, we retain data for up to five years to meet regulatory and legal obligations and to defend against potential claims.

Extended Retention for Specific Purposes

In some cases, business and legal requirements necessitate retaining certain information for longer periods for specific purposes. For example:

  • Responsible Gaming: Personal data for individuals who self-exclude from our services is retained longer as required by responsible gaming practices.
  • Fraud and Security: Data is retained to protect against fraud, abuse, illegal activities, and unauthorized access. This includes scenarios like suspected fraud, match-fixing, or money laundering.
  • Compliance: Data is retained to comply with tax, anti-money laundering, and other financial regulations, to conduct accounting, and to facilitate dispute resolution, such as during financial transactions, including deposits and payouts.
  • Legal Requirements: Data is retained to comply with applicable laws, regulations, legal processes, or enforceable governmental requests, and to enforce our agreements, including investigating potential violations.
  • Service Continuity: Data is retained to ensure the continuity of our services to you and other users.
  • Direct Communication: Data from direct communication with us, such as customer support interactions, feedback, or bug reports, is also retained.

We are committed to safeguarding the confidentiality of your personal information in accordance with applicable data protection laws and regulations. This includes compliance with the Data Protection Laws of our country and international regulations like the General Data Protection Regulation (GDPR) of 2016/679.

 Your Rights

You have certain rights regarding your Personal Data:

  • Access: You have the right to know what Personal Data we hold about you.
  • Correction: You can request us to correct any inaccurate Personal Data concerning you.
  • Data Portability: You can access your Personal Data and request a copy in a machine-readable format, for example, if you want to back it up.
  • Objection to Processing: You can object to our processing of your Personal Data where it is done for our legitimate interests. Please note, we may continue processing your Personal Data if there are other relevant lawful bases or compelling grounds that override your rights, interests, or freedoms.
  • Erasure: You can ask us to erase your Personal Data, including deleting your account, if (1) it is no longer necessary for processing, (2) you withdraw your consent where it was the legal basis for processing, (3) you have objected to the processing and there are no overriding legitimate grounds, (4) your Personal Data was unlawfully processed, or (5) erasure is required to comply with a legal obligation. Note that we may retain data if necessary for our legitimate interests, compliance with legal obligations, or for the establishment, exercise, or defense of legal claims.
  • Restriction: You can request us to restrict the processing of your Personal Data in certain circumstances.
  • Withdrawal of Consent: You can withdraw previously granted consent for processing your Personal Data. Note that we may still process your data where there are other lawful bases to rely on.
  • Objection to Direct Marketing: You can object to direct marketing and any related profiling. To stop receiving marketing communications, follow the unsubscribe instructions in the communication or send a request to [email protected].
  • Complaints: You have the right to complain to your local data protection authority.

Please note that not all rights listed above are absolute.

You can exercise your rights at any time by adjusting your account settings or emailing us at [email protected]. We may require proof of identity before taking any action on your request.

If you are dissatisfied with our handling of your Personal Data, please let us know by emailing [email protected]. We will investigate and respond within a reasonable timeframe.

External Links


The Website may contain links to external resources, websites, or services that are beyond our control and jurisdiction. We disclaim any responsibility or liability for the content, accuracy, or legality of information found on these external sites, as well as for the actions, omissions, or practices of their owners, operators, or any third-party advertisers and sponsors associated with them.

Informational Purposes

Any hyperlinks to external sites provided on our Website are offered solely for the convenience and informational purposes of our Clients. The inclusion of these links does not imply endorsement or recommendation of the content, services, or practices of the linked websites.

Client Responsibility

Clients who choose to access these external sites do so entirely at their own risk. We strongly advise that Clients review the terms of service, privacy policies, and any other relevant documents of these external websites before engaging with their content or services.

Use of Google Analytics

We use Google Analytics to collect information about how you use our Website. Google Analytics collects data such as how often you visit the Website, what pages you visit, and what other sites you used before coming to our Website. Google Analytics only collects your IP address on the date you visit, without associating it with your name or other identifying information. We do not combine Google Analytics data with your Personal Data.

Google Analytics places a permanent cookie on your web browser to identify you as a unique user during future visits. However, only Google can use this cookie. Google’s use and sharing of information collected by Google Analytics about your visits to our Website are governed by the Google Analytics Terms of Use and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits by disabling cookies in your browser settings.

For more information about Google Analytics, visit Google Analytics. To learn more about how Google uses cookies, visit Google’s Cookie Policy.

SSL Encryption

All critical correspondence between the user and the Website is encrypted using Secure Socket Layer (SSL) technology with a 256-bit key. This ensures that your personal and financial information is securely transmitted and protected from unauthorized access during data exchanges between you and our Website.