Privacy Policy

This Privacy Policy describes how the Spinfin platform and its operator, SpinFin Entertainment Limited, collect, use, store, protect, and disclose information related to website users, user accounts, and associated services. The document applies to data processing in connection with access to the online platform, account registration, identity verification, use of payment services, participation in gambling activities, communication with customer support, and compliance with legal and regulatory obligations.

This policy applies to personal data and other information collected directly from the user, automatically through platform usage, or indirectly via third parties where necessary to provide services, verify lawful use, or ensure system security. The policy covers users accessing Spinfin services, particularly in markets where the platform targets players from the United Kingdom, and in accordance with licensing and regulatory requirements applicable to the service provider.

The purpose of this document is to provide general information about data processing practices. Where specific functionalities, payment methods, or third-party services involve additional processing conditions, separate notices or supplemental policies may also apply alongside this Privacy Policy.

Types of Information Collected

Spinfin may collect various categories of information depending on service usage, legal requirements, and technical needs of the platform.

Personal Data

Personal data may include identification and contact details provided during registration or later during service use. This data may include name, date of birth, residential address, email address, phone number, account information, identity verification data, and other comparable details.

Where required by applicable regulations or internal compliance procedures, additional data may be collected to verify age, identity, source of funds, prevent fraud, comply with anti-money laundering rules, and implement responsible gaming measures. This may include document copies, payment method information, transaction details, and account usage history.

Technical Information

When using the website and related services, technical information may be collected automatically. This may include IP address, device type, operating system, browser type, language settings, time zone, session identifiers, access logs, system performance data, and information about user interactions with the platform.

Such information is typically used to ensure system operation, detect anomalies, prevent abuse, analyze errors, protect accounts, and generally manage security and stability of services.

Voluntarily Provided Information

Users may provide certain information voluntarily, such as during communication with customer support, responses to verification requests, exercising rights, account settings, or use of specific platform functionalities. This information may include message content, attachments, answers to security questions, proofs, and other data voluntarily submitted by the user.

If a user participates in additional services such as loyalty programs or personalized account settings, data related to such usage may also be collected, but only to the extent necessary to manage these functionalities and comply with legal obligations.

How Information is Used

Spinfin may use collected information for various lawful and business-essential purposes related to providing services, platform security, and regulatory compliance.

Data may be used to create and manage user accounts, confirm user identity, process registration applications, enable system login, perform payment transactions, process deposits and withdrawals, and maintain account activity records. These processes are essential to fulfill the contractual relationship between the user and the service provider.

Data may also be used to verify age and eligibility for services, prevent fraud, detect suspicious transactions, monitor risk, prevent misuse of bonus or payment mechanisms, and implement internal controls related to security, responsible gaming, and anti-money laundering.

Certain information may be processed to support users, handle inquiries, resolve disputes, process claims, and improve service quality. Technical data may be used to maintain the system, troubleshoot errors, analyze platform performance, tailor content to user devices, and protect against unauthorized access.

Where permitted or required, data may also be used for recordkeeping, internal audits, demonstrating compliance with licensing terms, and other legal obligations applicable to online gambling operators. If the platform uses tools for gaming limits, self-exclusion, or other protective mechanisms, data may be used to implement these measures.

Cookies and Tracking Technologies

The website may use cookies, similar identifiers, and other tracking technologies to provide core functionality, maintain user sessions, ensure security, customize settings, and for analytical or technical purposes.

Some cookies are necessary for the website to function, and without them certain features may not operate correctly. These may include login cookies, security settings, abuse prevention, traffic management, and session management. Other technologies may be used to measure website usage, detect technical issues, evaluate feature effectiveness, and improve overall user experience.

The platform may also use third-party cookies where needed to provide integrated services such as payment processing, fraud prevention, analytics, or security verification. Use of such technologies may depend on user settings, browser preferences, or applicable consent requirements.

Details on specific cookie types, storage duration, and management options may be provided in a separate cookie notice or within site settings where available.

Data Sharing and Disclosure

Spinfin may disclose data to third parties when necessary to provide services, fulfill legal obligations, or protect the rights, security, and integrity of the platform.

Recipients may include technical service providers, hosting providers, payment processors, identity verification services, fraud prevention, analytics, customer support, auditing, and compliance partners. Such entities may process data on behalf of the provider and only to the extent necessary to perform their contractual tasks.

Data may also be shared with regulatory authorities, licensing bodies, financial institutions, law enforcement, courts, or other competent entities when required by law, official request, investigation, enforcement of rights, or prevention of illegal activities. This may include disclosures related to anti-fraud, anti-money laundering, financing of illegal activities, or violations of responsible gaming rules.

In the event of corporate changes, such as mergers, business transfers, asset sales, or reorganizations, data may be transferred as part of such processes if legally permissible and appropriately safeguarded. Appropriate contractual and organizational measures are applied where possible to protect data.

Spinfin does not disclose personal data to third parties without legal basis or business need consistent with this policy and applicable regulations.

Data Retention and Security Measures

Personal data is retained as long as necessary for the purposes for which it was collected, or as required by applicable regulations, licensing obligations, accounting standards, dispute resolution procedures, internal controls, or protection of the service provider’s legitimate interests.

Retention periods may vary depending on data type and processing purpose. Data related to accounts, transactions, identity verification, fraud prevention, and regulatory compliance may be retained even after account closure if required for regulatory or legal purposes. After the relevant retention period, data is deleted, anonymized, or otherwise securely processed according to internal policies and technical capabilities.

To protect data, Spinfin employs reasonable technical and organizational security measures. These may include encryption of data in transit, access control, privilege restrictions, system segmentation, monitoring of security events, user identity verification, transaction protection, and incident detection and response procedures. These measures aim to minimize the risk of unauthorized access, loss, misuse, alteration, or disclosure.

Despite protective measures, no system for transmitting or storing electronic data can guarantee complete security. Security measures are therefore regularly reviewed, updated, and adapted to risks, technology, and legal requirements.

User Rights and Choices

Depending on applicable law and the circumstances of processing, users may have certain rights regarding their personal data. These may include the right to access data, correct inaccurate or incomplete information, request deletion, restrict processing, object to certain types of processing, and data portability where applicable.

Users may also request review of decisions based solely on automated processing if such processing significantly affects their rights, where permitted by law. The scope of these rights is not absolute and may be limited where further processing is necessary to comply with legal obligations, prevent fraud, protect legal claims, or other overriding lawful reasons.

Users may review or update certain data via account settings if such functionality is available. Other requests may be handled through customer support or another official channel designated for data protection inquiries. Identity verification may be required before processing a request to prevent unauthorized access to personal data.

Where processing is based on consent, users generally have the option to withdraw consent without affecting the lawfulness of processing before withdrawal. Withdrawal of consent does not affect processing based on other legal grounds or obligations that the platform must continue to fulfill.

International Data Transfers

As Spinfin operates as an international online platform, personal data may be processed, stored, or otherwise transferred outside the user’s country of residence. This may include transfers between the provider, its affiliated service providers, technical partners, payment processors, and other authorized recipients where necessary for service operation or legal compliance.

Where data is transferred to another jurisdiction, Spinfin generally takes reasonable measures to ensure an adequate level of protection in accordance with applicable law. These measures may include contractual safeguards, assessment of the legal framework of the recipient country, access restrictions, technical protections, and other appropriate safeguards where necessary.

Users should be aware that data protection standards may vary between jurisdictions. Nevertheless, the platform strives to handle personal data in a manner consistent with principles of legality, proportionality, security, and confidentiality.

Protection of Minors

Spinfin services are not intended for minors or individuals legally ineligible to participate in gambling. The platform may implement age and identity verification procedures to prevent unauthorized access and ensure compliance with regulatory obligations.

If an account is found to have been created or used by an individual not meeting age requirements, access may be restricted, the account temporarily blocked or closed, and relevant data processed to the extent necessary to investigate, comply with legal obligations, and prevent further unauthorized use.

If the platform learns that it received personal data from a minor without proper legal basis, it may take steps to delete such data, except where retention is required for legal obligations, violation evidence, or protection of legitimate interests.

Policy Updates and Changes

This Privacy Policy may be amended or supplemented from time to time due to changes in law, regulatory requirements, technical solutions, business processes, or service provision. The updated version takes effect upon posting on the platform unless otherwise stated.

Where changes significantly affect personal data processing or user rights, additional notice may be provided to users in a reasonable manner. Continued use of the service after the changes take effect may indicate acknowledgment of the updated policy, where permitted by law.

Users are encouraged to regularly review the current Privacy Policy to stay informed about data processing practices, protective measures, and any changes regarding their rights and provider obligations.