1win Privacy Policy

• Personal data collected
  • Identity and age information: name, date of birth, nationality, identification numbers where required for KYC.
  • Contact details: email, phone number, postal address.
  • Account information: username, settings, responsible gaming preferences, support records.
  • Verification data: copies of ID, selfies or videos for liveness checks, proof of address.
  • Payment and financial information: masked card details, UPI identifiers, bank details for withdrawals, transaction records.
  • Technical and usage information: IP address, device and browser data, app identifiers, cookies, pages viewed, time on services.
  • Compliance and risk data: fraud flags, geo information where legally required.
• Why the information is collected
  • Create and manage the user account.
  • Verify identity and age for responsible gaming and legal compliance.
  • Process deposits, bets, and withdrawals.
  • Prevent fraud and maintain platform integrity.
  • Provide customer support and operate the services.
  • Meet regulatory, tax, and record-keeping obligations.
• Protection measures
  • Encryption in transit and at rest where appropriate.
  • Role-based access controls and multi-factor authentication for staff.
  • Network segmentation, logging, and monitoring aligned to CERT-In guidance.
  • Regular security testing, vulnerability management, and incident response.
  • PCI DSS compliant processes for card data managed by certified processors.
• User rights
  • Access a copy of personal information.
  • Request correction of inaccurate data.
  • Request deletion subject to legal retention duties.
  • Withdraw consent for optional processing such as marketing.
  • Raise a grievance through the channels listed on the websites or in the app.
• Compliance statement
  • The platform follows the Information Technology Act, 2000, the SPDI Rules, the Digital Personal Data Protection Act, 2023, and relevant rules and directions. International best-practice standards, including GDPR principles, guide privacy by design.

• Account and service delivery
  • Set up, authenticate, and maintain user profiles.
  • Provide online betting, gaming features, and customer support.
• Transactions
  • Process deposits, bets, payouts, refunds, and chargeback handling.
  • Work with payment providers under RBI frameworks and industry standards.
• Safety and compliance
  • Conduct KYC, AML, and anti-fraud checks.
  • Enforce platform rules, resolve disputes, and meet legal requests.
• Service improvement and analytics
  • Analyse performance, usage patterns, and errors to improve reliability.
  • Personalise content and settings in line with user choices.
• Communications and marketing
  • Send service notices and transactional messages.
  • Send marketing only where permitted by consent or applicable law, with opt-out controls.

Processing is lawful, necessary for services, transparent to the user, and limited to stated purposes.

• How to access or update data
  • Use account settings to view and edit profile, contact details, and preferences.
  • Submit a request through Support using the channels listed on the websites or in the app for items not editable in the account.
• How to request deletion
  • Send a deletion request through Support. Identity verification is required.
  • Deletion will be performed unless retention is required for legal, regulatory, tax, or dispute purposes.
• Timelines and verification
  • Acknowledgement is provided promptly and responses are typically within 30 days, subject to complexity and legal constraints.

By using 1win, the user consents to security checks, identity verification, and processing of payment data by payment service providers as needed to operate the services.

• Access is restricted to individuals aged 18 years and above under Indian law and platform rules.
• The operator cannot confirm a person’s age without identification documents and may request such documents for verification.
• If personal information of a minor is discovered, it will be deleted upon verified request from a parent or legal guardian, subject to legal retention obligations.

• Personal information may be stored or processed outside India in locations where partners, service providers, or infrastructure are based.
• Use of the services signifies consent to such cross-border transfers, subject to applicable law and any government notifications.
• Partners handling personal data are bound by confidentiality duties, contractual safeguards, and technical protections such as encryption and access controls.

• This disclaimer clarifies and may limit how certain rules in this policy apply, to the extent permitted by law and consumer protection rules.
• The policy does not create rights or obligations beyond applicable law or the platform Terms and Conditions.
• The disclaimer takes effect when the user accepts this policy by signing, clicking accept, or acceding through continued use of the services.

• Cookies are small text files placed on a device by websites to store information.
• Purpose of cookies
  • Statistics and performance measurement.
  • Behaviour analysis and fraud prevention.
  • Personalisation of settings and content.
  • Site improvement and error diagnostics.
• Retention
  • Persistent cookies used for these services are generally retained for up to 1 year. Session cookies expire when the browser is closed.
• Controls
  • Users can manage or delete cookies through browser settings and in-site preference tools where available. Disabling some cookies may affect functionality.

• Use of the websites or apps constitutes full acceptance of this Privacy Policy and any related notices referred to in this document.
• The current version published on the websites prevails over any prior version.
• Continued use after updates indicates acceptance of the updated policy, subject to applicable notice requirements.

• Personal data may be shared with third parties where necessary
  • Payment processors, banks, and verification providers for transactions and KYC.
  • Analytics, security, anti-fraud, and cloud infrastructure providers.
  • Professional advisers, auditors, and dispute resolution bodies.
  • Law enforcement or regulators where required by law or to defend legal claims.
• The list of key processors and partners is maintained on the websites. If a new category of third party is added and not listed, the user will be informed about the purpose and scope before processing where required by law.
• Providing personal information and continuing to use the services constitutes consent to such sharing for the stated purposes.

• The services may include links to external websites or apps that operate their own privacy practices.
• 1win is not responsible for how external parties collect, use, or disclose information.
• Review the privacy policies of external websites before providing personal data and exercise caution when leaving the platform.