PriPrivacy Policy

Introduction

At Locowin Casino, we take the privacy of every player on our platform seriously. This Privacy Policy explains what personal information we collect, how we use it, how we protect it, and the rights you have over your data. By registering an account or using our website, you confirm that you have read and understood this Policy.

Our casino is operated by Gammix Limited and is licensed by the Malta Gaming Authority. As a data controller, we comply with the General Data Protection Regulation (GDPR), the Maltese Data Protection Act, and applicable Canadian privacy legislation, including the Personal Information Protection and Electronic Documents Act (PIPEDA).

What Information We Collect

To deliver our services lawfully and securely, we collect the following categories of personal data.

Identification data. This includes your full legal name, date of birth, gender, nationality, residential address, email address, mobile phone number, and a copy of an identification document (passport, driver’s licence, or national ID card) provided during KYC verification.

Financial data. We collect details of the payment methods you use at our casino, including card numbers (tokenized), e-wallet identifiers, bank account information, deposit and withdrawal history, and source-of-funds documentation where required.

Account and gameplay data. This covers your username, password (encrypted), gameplay history, bet amounts, game preferences, bonus claims, communications with our support team, and any settings you apply to your account.

Technical data. We automatically collect technical information when you visit our website, including your IP address, browser type and version, device type, operating system, time zone setting, referring URLs, and pages you view on our site.

Marketing data. Where you have given consent, we may also collect your communication preferences, responses to promotional offers, and any survey participation.

How We Use Your Information

We use your personal data only where we have a lawful basis to do so. The main purposes are:

  • Account management. Creating, maintaining, and securing your player account at our casino
  • Service delivery. Processing deposits, withdrawals, bets, and bonus claims; providing access to games; offering customer support
  • Legal and regulatory compliance. Verifying your identity and age, screening for fraud, meeting anti-money-laundering obligations, and reporting to relevant authorities where required by law
  • Responsible gaming. Monitoring activity for signs of problem gambling and applying any limits or exclusions you set
  • Communications. Sending transactional messages about your account and, where you consent, marketing offers about bonuses and new games
  • Improvement and analytics. Understanding how players use our platform to improve our games, design, and overall service quality
  • Security. Detecting, preventing, and investigating fraudulent or unauthorized activity

Legal Basis for Processing

Under GDPR, we rely on the following legal bases to process your data: performance of our contract with you (to deliver the services you signed up for), compliance with legal obligations (such as KYC and AML requirements), our legitimate interests (such as fraud prevention and service improvement), and your consent (for marketing communications and certain cookies, which you can withdraw at any time).

How We Share Your Information

We do not sell your personal data to third parties. We share information only with trusted parties who help us deliver our services, and only to the extent necessary. These include:

  • Payment service providers and banks for processing transactions
  • KYC and identity verification providers for compliance checks
  • Game software providers that supply the games on our platform
  • Cloud hosting and IT infrastructure partners
  • Marketing and analytics platforms (where you have consented)
  • Regulatory authorities, including the Malta Gaming Authority, where required
  • Law enforcement agencies, courts, and tax authorities where legally obliged

All third parties are bound by strict data protection contracts and may only use your information for the specific purposes we have agreed.

International Data Transfers

Some of our service providers operate outside the European Economic Area. Where personal data is transferred internationally, we ensure that adequate safeguards are in place, including the use of European Commission Standard Contractual Clauses or transfers to jurisdictions that benefit from a recognized adequacy decision.

How Long We Keep Your Data

We retain your personal information for as long as your account is active and for a period afterwards as required by law. Under anti-money-laundering and gambling regulations, we are typically required to retain account, transaction, and verification records for at least five years after account closure. Marketing data is kept only for as long as you remain subscribed or until you withdraw consent.

Once retention periods expire, your data is securely deleted or anonymized.

How We Protect Your Data

We use industry-standard security measures to protect your personal information, including:

  • SSL encryption on all data transmitted between your device and our servers
  • Encrypted storage of sensitive data, including payment information and identity documents
  • Strict access controls, ensuring only authorized staff can access personal data
  • Regular security audits, penetration testing, and vulnerability assessments
  • Firewalls, intrusion detection systems, and secure data centres
  • Staff training on data protection and confidentiality

While we apply best-practice safeguards, no system can be guaranteed 100% secure. You are responsible for keeping your account credentials confidential and for notifying us promptly of any suspected breach.

Your Rights

Under GDPR and applicable Canadian privacy law, you have the following rights regarding your personal data:

  • Right of access. Request a copy of the personal data we hold about you
  • Right to rectification. Ask us to correct inaccurate or incomplete data
  • Right to erasure. Request deletion of your data, subject to our legal retention obligations
  • Right to restrict processing. Ask us to pause processing in certain circumstances
  • Right to data portability. Receive your data in a structured, machine-readable format
  • Right to object. Object to processing based on legitimate interests, including direct marketing
  • Right to withdraw consent. Withdraw any consent you have previously given, without affecting the lawfulness of prior processing
  • Right to lodge a complaint. File a complaint with a data protection supervisory authority, such as the Maltese Information and Data Protection Commissioner or the Office of the Privacy Commissioner of Canada

To exercise any of these rights, please contact our Data Protection Officer through your account or via our customer support channels. We will respond within 30 days of receiving a valid request.

Cookies

We use cookies and similar technologies on our website to provide essential functionality, remember your preferences, analyze traffic, and (where you consent) deliver personalized marketing. You can manage your cookie preferences at any time through your browser settings or the cookie banner on our site. Disabling certain cookies may affect the functionality of our casino.

A separate Cookies Policy provides full details of the cookies we use, their purposes, and their retention periods.

Marketing Communications

If you have opted in to receive marketing from us, we may send you emails, SMS messages, or push notifications about bonuses, new games, and promotional offers at our casino. You can unsubscribe at any time by using the link in any marketing email, replying STOP to SMS messages, or updating your communication preferences in your account.

Withdrawing marketing consent does not affect transactional messages we are required to send (for example, payment confirmations or account security alerts).

Children’s Privacy

Our casino is intended only for adults of legal gambling age. We do not knowingly collect personal data from minors. If we discover that a minor has registered an account, we will close it immediately, return any deposited funds to the original payment method, and delete the data we collected in line with our obligations.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our practices. The latest version will always be available on our website, with the effective date clearly indicated. Where changes are material, we will notify you in advance through your account or by email.

Acceptance

By registering at and using our casino, you confirm that you have read, understood, and accepted this Privacy Policy.