Privacy and personal information at 1Win

By consenting to this Privacy Policy, users agree that 1Win may collect and process their personal information.

Personal data that may be collected includes:

• Account details such as name, username, date of birth, gender, and profile preferences
• Contact information such as email address, mobile number, and communication language
• Identity and verification information submitted for KYC, age verification, fraud prevention, and compliance checks (for example, PAN, Aadhaar, passport, driving licence, voter ID, or other permitted documents, plus selfies or verification photos where required)
• Address and location information such as residential address, state, city, and device derived location signals (for example, IP based location) used for security and compliance
• Payment and transaction information such as deposit and withdrawal history, payment method identifiers, bank or wallet details (limited to what is needed to process transactions), and related records
• Responsible gaming information such as self exclusion records, limits set by the user, and support interactions related to player protection
• Device and technical data such as IP address, device identifiers, browser type, operating system, app version, time zone, and crash logs
• Usage information such as pages visited, features used, session times, and interactions with the online services
• Cookies and similar technology data, including preferences and security related tokens
• Communications such as messages to support, complaint records, and email or SMS delivery status
• Marketing preferences and consent records, where the user has opted in
• Regulatory and audit information created or received to meet legal obligations, including anti fraud and anti money laundering screening results
• Publicly available information where relevant for security, compliance, and fraud prevention, subject to applicable law

All purposes for processing personal data are based on legal obligations, contractual requirements related to the services, and legitimate commercial interests such as safety, fraud control, and service improvement.

Personal data may be used for:

• Creating and administering user accounts, including login, authentication, and account security controls
• Verifying identity and age, completing KYC checks, and meeting responsible gaming safeguards
• Processing deposits, withdrawals, refunds, chargeback handling, and transaction reconciliation
• Fraud prevention, risk management, account integrity checks, and platform security monitoring
• Meeting compliance duties, including anti money laundering checks, sanctions screening, and record keeping required by applicable laws
• Delivering the online services, including game functionality, sports betting features, and customer support
• Communicating service messages such as confirmations, security alerts, policy updates, and operational notices
• Managing user preferences, including language and communication settings
• Analysing usage information to maintain performance, troubleshoot issues, and improve websites and apps
• Handling disputes, complaints, and legal claims, including establishing, exercising, or defending legal rights
• Enforcing platform rules and terms, including investigating suspected breaches
• Maintaining audit logs and internal controls to support regulatory oversight and security standards
• Sending promotional communications only where consent is recorded or another lawful basis applies under applicable law, with opt out options available in account settings or messages

1Win does not sell personal data or transfer personal information to third parties for their own independent marketing use.

Personal data may be disclosed to third parties only in limited situations such as:

• Payment processors, banks, wallet providers, and payment gateways to complete transactions and prevent fraud
• Identity verification and KYC service providers to confirm age, identity, and document validity
• Anti fraud, AML, and risk screening providers to support compliance and platform security
• Technology and hosting vendors that support the operation of websites, apps, databases, analytics, and customer support tools
• Customer support service partners acting on behalf of the platform under documented instructions
• Group companies or affiliated entities, where required to operate the services, manage risk, or support compliance, subject to appropriate safeguards
• Professional advisers such as auditors, accountants, lawyers, or consultants bound by confidentiality duties
• Regulators, law enforcement, courts, or other authorities where disclosure is required by law, lawful process, or to protect rights and safety
• Business transfers such as merger, acquisition, or asset sale, subject to confidentiality and continued protection of the information

Before any disclosure, 1Win checks that third parties follow appropriate data protection and security standards, including confidentiality obligations and limited purpose processing.

The platform may contain links to external resources or third party websites for information or related services. 1Win does not control these external websites, their content, or their privacy practices, and this document does not apply to them. Users are responsible for reviewing the privacy policy and security practices of any third party site before sharing personal information or completing transactions. 1Win is not responsible for loss, misuse, or unauthorised collection of data that occurs on third party websites accessed through external links.

India users can raise privacy, data, or information security complaints by contacting customer support through the official support channels available on the websites or within the app, and by sharing enough details to identify the account and the issue. Complaints are reviewed by the relevant internal team, and the platform aims to provide an initial response within 7 to 14 business days as an estimate, subject to complexity, verification needs, and legal requirements. If a dispute remains unresolved, the user may escalate the complaint to the relevant regulatory or supervisory authority with jurisdiction over data protection or consumer grievance handling, and may also seek other remedies available under applicable law.