Privacy Policy

This Privacy Policy (hereinafter the “Policy”) describes the ways in which the Company handles the information and personal data that you have provided to us (or that we have collected) and that allow us to manage the relationship between you and us effectively.

This Policy applies to Wizardo casino and to all our websites, applications, products and/or services that refer to this policy or that do not have their own separate privacy policy (the "Services").

This Policy is intended to provide you with a clear and complete understanding of the data we collect, the reasons why we collect it, the ways in which we process it, the parties with whom we share such personal data, your rights relating to the collection, processing and sharing of data, and any other relevant information regarding privacy and security.

Any reference in this Policy to the “Company”, “we”, “us” or “our” (and related variations) refers to the Data Controller.

By reading this Policy, you acknowledge and accept that your Personal Data may be processed in the ways described herein. If you do not agree with the terms of this Privacy Policy, we invite you not to use the Site or provide us with your Personal Data.

All processing of Personal Data carried out by the Company under this Policy will be performed in accordance with:

• National legislation on the protection of personal data (“DPA”), including any applicable subordinate legislation;
• Regulation (EU) 2016/679 (GDPR).

The DPA and the GDPR will be jointly referred to as the “Data Protection Laws”.

The Company determines the purposes and means of processing Personal Data and therefore acts as the “Data Controller” under the Data Protection Laws.

Definitions

Data Controller

The “Data Controller” is the natural or legal person, public authority or other body that determines the purposes and means of the processing of personal data.

Data Processor

The “Data Processor” is the natural or legal person who processes personal data on behalf of the Controller.

Personal Data

“Personal Data” means any information that directly or indirectly identifies a natural person.

Security

The Company uses secure communication protocols (TLS 1.2) to ensure the protection of data transmitted online. This protocol provides for the encryption of Personal Data during transfer over the Internet.

In addition, data is stored on encrypted digital media, offering an additional level of protection.

Our services are registered with site identification authorities, allowing the browser to verify the identity of the site before data transmission. The servers are protected by advanced firewalls.

Protection of personal data

Personal data is protected according to the highest industry standards. Processing takes place exclusively on valid legal bases, as provided by the GDPR.

PROCESSING BASED ON LEGITIMATE INTERESTS

We may process your personal data on the basis of our legitimate interests, namely when there is a valid business or operational reason.

In such cases, we ensure that:

• the processing is not unfair to you;
• your rights are always respected;
• you may submit any objections.

The Company is not obliged to stop processing if there are overriding legal reasons (e.g. AML obligations).

Processing based on consent

When processing is based on your consent:

• you may withdraw it at any time;
• the withdrawal does not invalidate processing already carried out;
• we may continue processing if another legal basis exists.

Data retention policy

Personal data is retained only for the time necessary for the purposes for which it was collected.

For example:

• transaction data → at least 5 years;
• legal data → according to regulatory obligations;
• data for legal defense → until the statute of limitations expires.

When data is no longer necessary:

• it is securely deleted;
• or anonymized.

Failure to provide data may prevent the provision of services.

Personal data collected, purposes and legal basis of processing

Below are the categories of personal data processed, the purposes of processing and the related legal bases. The same categories of data may be processed for different purposes and on different legal bases.

Categories of personal data

1.1 Contact data (e.g. first name, last name, residential address, postal code, telephone/mobile number, email address, recent utility bill as proof of residence).

1.2 Identification data (e.g. first name, last name, address, date of birth, document number, photograph, gender, profession, marital status, interests).

1.3 Activity data (site logins, gaming activity, transactions, bets, winnings, bonuses, deposits, withdrawals, on-site behavior, browsing history, gaming preferences, time on pages, clicks, communications with support, self-exclusion status).

1.4 Technical data (traffic data, GeoIP location, browser, device and network information).

1.5 Financial data (currency, credit card data, bank account, payment information, source of funds).

1.6 Marketing data (name, email, contacts, marketing preferences, consent, online identifiers, IP address).

Purposes of processing

2.1 Account creation and identity verification, fraud prevention.

2.2 Security of financial data and transactions.

2.3 Support for responsible gaming.

2.4 Management of the customer relationship and provision of services.

2.5 Sending newsletters and communications.

2.6 Personalization of the user experience.

2.7 Monitoring deposits and abuse prevention.

2.8 Sending marketing and educational content.

Legal basis

• Contract performance
• Legitimate interests
• Legal obligations
• AML / KYC
• Consent
• Responsible gaming regulations

The Company may also collect data from public sources (registers, online searches, media), where this is lawful and does not harm your rights.

Some data is used for profiling activities, necessary to prevent fraud, tax evasion and suspicious behavior. Final decisions are not automated but always validated by human staff.

Processing based on consent (details)

In cases where processing is based on consent:

• you may refuse to provide the data;
• you may withdraw consent at any time;
• we may still process the data on another legal basis.

Refusal may result in the impossibility of providing the requested services.

Cookies

We use cookies and similar technologies to automatically collect certain personal data.

Cookies:

• assign a unique identifier to the device;
• store preferences (language, currency);
• facilitate login;
• personalize content.

Browsers automatically accept cookies, but you can change their settings.

Note: we do not support “Do Not Track” signals.

Disabling cookies may limit some site features.

Other purposes

Data may also be used for:

• loss prevention;
• protection of legal rights;
• platform security.

Disclosure to third parties

Data may be shared with authorized parties:

• regulatory authorities;
• law enforcement;
• audit firms;
• technical providers;
• business partners;
• affiliated companies.

The data shared depends on the services used.

Data is not shared for third-party marketing without consent.

Internal sharing and sharing with suppliers

Data may be shared with:

• internal staff;
• group companies;
• technical providers;
• subcontractors.

All parties are bound by GDPR obligations and confidentiality agreements.

Internet communications

Data transmitted via the Internet may pass through different countries. We are not responsible for transfers before receipt.

We cannot guarantee absolute security during transmission, except for specific legal obligations.

Accuracy of data

We do our best to keep data updated. You may request corrections at any time.

Links to third parties

We are not responsible for the content or policies of linked external sites. We invite you to read their privacy policies.

Data transfer outside the EEA

Data may be transferred outside the European Economic Area.

We guarantee:

• standard contractual clauses;
• adequate security measures;
• protected rights.

By accepting the Policy, you consent to such transfers.

Rights of the data subject

You have the right to exercise the following rights:

Right of access

You may request:

• processed data;
• purposes;
• recipients;
• retention period;
• origin of the data;
• profiling.

Right to rectification

You may correct inaccurate or incomplete data.

Right to erasure

You may request deletion when:

• data is no longer necessary;
• consent is withdrawn;
• processing is unlawful;
• there is a legal obligation.

Deletion may be limited by legal obligations.

Right to restriction

You may restrict processing in certain cases (e.g. data dispute).

Right to portability

You may receive the data in a structured format or transfer it to another controller.

Right of withdrawal

You may withdraw consent at any time.

Right to object

You may object to processing for legitimate reasons or direct marketing.

Right to lodge a complaint

You may lodge a complaint with the competent authority.

Contacts

For any request relating to personal data or to exercise your rights:

Email: [email protected]

Our team is available to assist you quickly and professionally.