Privacy Policy

As a gambling operator, WinWin are required to collect and use customers’ personal information to provide access to games and related services. This privacy policy explains what information WinWin collects, why it collects it and how the operator protects the rights of our players.

ALASIA SOFT B.V. (reg. no. 163748, Curaçao) and its wholly owned subsidiary NANOG LTD (reg. no. HE 448256, Cyprus) own and operate winwin.com. Licence Curaçao Gaming Control Board: OGL/2024/433/0399. Data Protection Contact: [email protected]. 

By registering on the site, you agree to be bound by this policy. If you are not happy with the terms, do not use the resource. WinWin may update the document; the current version is always posted on the website. Continued use constitutes acceptance of changes.

Basics of Data Processing

Legal obligation. Gambling and anti-money laundering laws require players to be identified and transaction details to be stored. The company’s role is data controller; WinWin determine the purposes and methods of processing. Principles: lawfulness, minimisation, transparency, accuracy, storage limitation, integrity and confidentiality.

What data WinWin collect:

• Registration data: first name, surname, date of birth, email address, telephone number.
• Correspondence: chat requests, letters and support calls.
• Financial history: deposits, withdrawals, bets, winnings.
• Technical logs: IP-address, geolocation, device and browser type, login time.
• Verification documents: passport scans, bank statements, payment cheques.
• Surveys and research: answers in marketing questionnaires (optional).

What WinWin use your data for:

• Processing bets and making payments by bank cards and e-wallets.
• Providing access to gaming content and related services.
• Support services: account creation, setup and maintenance.
• Identification and verification of identity, sources of funds and eligibility.
• Marketing: sending promotions and newsletters (opt-in only).
• Legal compliance: AML/CFT requirements, financial and tax controls.
• Prevention of fraud and other abuses.
• Analytics and statistics: studying player behaviour to improve the service.

Marketing communications:

• What to send: bonuses, tournaments, new games, partner provider offers.
• How to opt-out: a switch in my personal cabinet or an email to [email protected]. 
• Promotional Publications: by accepting a prize, you agree to the use of your name or nickname in advertising, unless prohibited by law.

Sources of data acquisition:

• Automatically collected when you visit the site and use the services.
• Verification services: payment gateways, KYC providers, anti-fraud companies.
• Technical contractors: game providers and hosting platforms are given limited access to the data they need to fulfil their functions. WinWin enter into contracts with them that oblige them to respect confidentiality.

Information Transfer

The transfer of information can be within a company:

• Group companies: parent structures and subsidiary firms may process data for account maintenance, VIP support and analytics.
• Authorised employees: DPO, AML officer, payment analysts, support agents, retention managers and VIPs. All sign NDAs and receive data protection training.
• Cross-border flows: transfer to EU, EEA and beyond is possible. WinWin ensure that the level of protection is GDPR compliant.

WinWin do not sell or rent personal data. Transfers are only permitted in strictly defined cases:

• A law or court judgement obliges us to release information.
• Payment systems require data to execute transactions.
• Licensing and supervisory authorities request data for verification purposes.
• To protect the interests of the company, players or third parties (e.g. fraud investigations).
• Marketing contractors – to the extent necessary for mailings.
• Your explicit consent to share with specific partners.

All third-party processors sign contracts with security obligations and only use the information as instructed by us.

Data retention periods:

• Base period: a minimum of five years after the last transaction or account closure, as required by AML regulation in the EU.
• Exceptions: data may be kept longer if there are official investigations or legal disputes.
• Deletion: erasure requests are possible after the mandatory retention period has expired.

How WinWin Protect Information

WinWin takes a comprehensive approach to the protection of personal information to ensure the confidentiality, integrity and availability of player data.

• Data encryption is applied both when information is transmitted (e.g. when logging in or paying) and when it is stored in the database. This prevents unauthorized access even in the event of a leak.
• The data centres hosting our servers are certified according to international security standards and operate with round-the-clock monitoring, protecting the infrastructure from technical and physical threats.
• Limited access to information is granted to a strictly defined circle of employees on a “need to know” basis. This includes only those professionals whose duties are directly related to data processing – such as security analysts, AML officers, and help desk.
• Two-factor authentication (2FA) is available for both system administrators and players. This is an additional layer of protection that prevents access to the account even if the password is compromised.
• Security audits and testing are carried out regularly – both by internal specialists and external contractors. 

Your Rights

Under current data protection legislation, you have a number of rights that allow you to control how your information is used. Here are the main ones:

• Right of access. You can request a copy of all the personal data we hold about you. This can be done by writing to our Data Protection Officer (DPO).
• Right to rectification. If you believe that any information we hold about you is inaccurate or out of date, you can request that it be updated. To do this, simply contact the Helpdesk via live chat or email the DPO.
• Right to erasure. You can ask for your data to be deleted after the statutory retention period has expired. The request must be made via the helpdesk.
• Right to restriction of processing. If you wish to temporarily suspend the use of your data, you can send a request to the DPO.
• Right to object to marketing. You have the right to prohibit the use of your data for direct advertising. You can do this yourself in your profile settings.
• Right to lodge a complaint. If you believe that your rights have been violated, you can lodge a complaint with the authorised supervisory authority in your country – based on Article 77 of the General Data Protection Regulation (GDPR).

For questions about the privacy policy, exercise of rights or claims, you can contact:

• DPO E-mail: [email protected] 
• General Helpdesk: [email protected] 

WinWin will respond within a reasonable time and help you realise your legal rights.

Cookie Policy

What is a cookie: text files that a website stores on your device to recognise your browser and personalise content.

The types of cookies WinWin apply are:

• Mandatory – provide navigation and basic functions (account access).
• Functional – to remember language, region, session settings.
• Promotional – evaluates the effectiveness of marketing campaigns and registers clicks on affiliate links.

WinWin also use third-party analytics and advertising services that may place their own cookies; their handling is governed by the policies of their respective platforms.

Most browsers accept cookies automatically, but you can delete or block them in your settings. Please note that without mandatory cookies, the site may not function properly.