SpinPin Privacy Policy

SpinPin handles personal data in line with the UK General Data Protection Regulation, the Data Protection Act 2018, the Privacy and Electronic Communications Regulations, and applicable gambling compliance duties in the United Kingdom.

Personal data is information that can identify a user directly or indirectly. The website may collect data needed for account service, identity verification, safer gambling controls, payment processing and legal compliance.

Personal data collected

The platform may collect the following categories of information:

• Name, date of birth, address, email address and telephone number;
• Account username, login records and communication history;
• Identity verification documents and age verification results;
• Payment details, deposit records, withdrawal records and transaction references;
• Device information, IP address, browser type, location signals and cookie identifiers;
• Safer gambling information, account limits, self exclusion status and responsible gambling interactions.

Data protection measures

Appropriate technical and organisational measures are used to protect personal data against unauthorised access, loss, misuse, alteration or unlawful disclosure. These measures may include:

• Access controls for systems that contain personal data;
• Encryption or tokenisation where suitable for payment and identity information;
• Security monitoring and audit logs;
• Staff access limits based on role and business need;
• Contract controls for processors and service providers;
• Retention limits and secure deletion procedures.

User rights

Users in the United Kingdom have rights over their personal data, subject to legal limits. These rights include:

• Access to a copy of personal data held by the platform;
• Correction of inaccurate or incomplete information;
• Deletion of data where there is no lawful reason to keep it;
• Restriction of processing in certain cases;
• Objection to certain uses of data;
• Withdrawal of consent where consent is the lawful basis;
• Complaint to the Information Commissioner’s Office.

Collected information is used only for lawful, fair and transparent purposes. Data use is limited to what is necessary for the relevant service, legal duty or user consent.

Main purposes of use

Personal data may be used for:

• Account registration, login support and account administration;
• Identity, age and residence checks required for gambling services;
• Deposit, withdrawal and payment service processing;
• Fraud prevention, account security and misuse detection;
• Anti money laundering checks and regulatory reporting;
• Safer gambling checks, account limits and self exclusion controls;
• Customer support, complaint handling and service messages;
• Website performance analysis, error detection and service improvement;
• Marketing messages where the user has consented or where permitted by PECR, with an option to opt out;
• Analytics, cookie measurement and content personalisation where consent is required.

No personal data should be used in a way that is incompatible with this policy or applicable United Kingdom privacy law.

Users may request access to personal data held about them, request correction of inaccurate details, or ask for deletion where the data is no longer needed or where consent has been withdrawn.

Access, correction and deletion procedure

Requests are handled through account support or the privacy contact channel listed on the website. The platform may need identity verification before action is taken, as this protects account security and prevents unauthorised disclosure.

The process may include:

1. The user submits an access, correction or deletion request.
2. The platform checks the identity of the requester.
3. The relevant personal data is reviewed against legal retention duties.
4. Accurate corrections are applied where the request is valid.
5. Data is deleted or restricted where no legal, regulatory or contractual reason requires retention.

Deletion may be limited where records must be kept for gambling regulation, anti money laundering rules, tax records, dispute resolution or fraud prevention.

By using SpinPin, users consent to security checks, identity checks and payment data processing by payment service providers where these checks are needed for account operation, transactions and compliance.

The website is intended only for users aged 18 and over. Gambling services must not be used by children or by any person who fails to meet the legal age requirement in the United Kingdom.

The operator cannot confirm age with certainty without reliable documents, electronic checks or other verification evidence. Account details supplied during registration may be checked against identity, age and residency records.

If a parent, guardian or authorised representative believes that a minor has supplied personal data, a deletion request may be submitted through the privacy contact channel listed on the website. Verified requests will lead to removal or restriction of the minor’s data, unless a legal obligation requires limited retention for investigation, reporting or safeguarding purposes.

Personal data may be processed outside the United Kingdom where SpinPin partners, payment processors, fraud prevention providers, hosting providers or support services operate.

Use of the website confirms consent to international processing where consent is relied upon. Other lawful bases may also apply where transfers are necessary for contract performance, legal compliance, fraud prevention or regulatory duties.

International transfers must be handled with appropriate safeguards. These may include:

• Adequacy regulations recognised under United Kingdom law;
• The United Kingdom International Data Transfer Agreement or approved transfer terms;
• Contractual confidentiality duties for processors and service providers;
• Access limits, security controls and data minimisation requirements.

All partners that process personal data must protect confidentiality and use the information only for the agreed purpose and scope.

A legal disclaimer on the website may alter the scope, interpretation or effect of rules that apply to the services, where permitted by law. It applies when a user accepts the Privacy Policy, terms or related document by signature, account acceptance, accession or another valid method of agreement.

Any disclaimer must be read together with this policy and applicable United Kingdom law. It cannot remove statutory privacy rights, mandatory gambling duties or rights that cannot be limited under data protection law.

Cookies are small text files stored on a user’s device when a website is visited. They help the website recognise a device, remember preferences, support account security and measure service performance.

Cookies may be used for:

• Website statistics and traffic measurement;
• Behaviour analysis across pages and features;
• Personalisation of content and account settings;
• Login support and security checks;
• Service improvement, testing and error detection;
• Marketing measurement where user consent is required.

Cookie data is retained for up to one year, unless a shorter period is required by law or a user removes cookies through browser settings. Non essential cookies should be used only where valid consent has been given under PECR and United Kingdom privacy rules.

Use of SpinPin confirms full acceptance of this Privacy Policy, including the collection, use, processing, disclosure, retention and deletion of personal data as described in this document.

The current version of the policy prevails over earlier versions. If a previous version conflicts with the current version, the current version applies unless applicable law requires a different outcome.

Users should review the policy periodically, as privacy practices, legal duties and service features may change.

Personal data may be shared with third party recipients where required by law, needed for disputes, or allowed under agreements accepted by the user. Sharing is limited to the purpose and scope required for the relevant service or legal duty.

Third party recipients may include:

• Payment service providers and banking partners;
• Identity, age and address verification providers;
• Fraud prevention and security service providers;
• Gambling regulators, law enforcement bodies and public authorities;
• Professional advisers, auditors and dispute resolution bodies;
• Technology, hosting, analytics and customer support providers.

The relevant parties may be listed on the website where appropriate. If a party is not listed, the user should be informed of the purpose and scope of the data sharing where required by law.

Provision of personal data by the user confirms consent to third party processing where consent is relied upon. Third parties may also rely on their own lawful bases and privacy policies for independent processing.

The website may contain links to other websites operated by external parties. Those websites may have their own privacy policies, cookie rules and data handling procedures.

SpinPin does not accept responsibility for external websites, external content or the way those operators collect, use, store or disclose personal information. Users should review the privacy policy and cookie notice of any external website before submitting personal data.

Care is advised when leaving the official website, as external services may apply different standards, legal terms and security practices.