Privacy Policy

Wanted Win Casino

Effective from: 13.02.2026 | Last updated: 13.02.2026

We at Wanted Win Casino are committed to safeguarding your personal information. This Privacy Policy explains our practices for collecting, using, sharing, and protecting your data while complying with relevant regulations, such as the General Data Protection Regulation (GDPR) and the Personal Information Protection and Electronic Documents Act (PIPEDA). It covers our website, services, and all interactions with us. Our platform is strictly for individuals 18 years and older; we do not intentionally collect data from minors. If we discover any such data has been gathered inadvertently, we will address it appropriately under applicable laws.

Start Playing Now 🎰

About Us

The website is owned and operated by Novatrix SRL, a company incorporated in Costa Rica (registration number 3-102-893958), with its registered office at Province 03 of Cartago, County 07 of Oreamuno, Potrero Cerrado, North Side of Manuel Ávila Camacho School, Costa Rica. As the data controller, we decide the purposes and methods of processing your personal data as described here. We have appointed a Data Protection Officer (DPO) to oversee compliance, handle inquiries, support rights requests, and manage complaints. Contact the DPO at [email protected] for any privacy-related matters.

Data We Collect and Process

We gather personal data to provide our gaming services, ensure security, fulfill legal duties, and enhance user experience. Personal data refers to any information that identifies or can identify you.

Key categories include:

  • Identity information: full name, username, date of birth, gender, nationality, and official ID numbers.
  • Contact information: address, proof-of-address documents, email, phone number, and communication channels.
  • Financial details: banking information, card data, and source-of-funds or wealth proofs.
  • Transaction records: deposits, withdrawals, and other financial activities.
  • Gaming activity: games played, session times, bets placed, bonuses used, and responsible gaming history.
  • Technical details: IP address, approximate location, device and browser specifics, login credentials, and access technology.
  • Marketing and preferences: communication consents, preferences, and interaction records.

We obtain this data directly from you during registration, gameplay, or support interactions; from verification services; payment processors; AML and PEP screening databases; regulatory and responsible gaming sources; and partners like affiliates or analytics firms sharing anonymized or pseudonymous information.

Purposes and Legal Grounds for Processing

Our processing serves specific purposes with appropriate legal bases:

  • Delivering services, such as account setup, transaction handling, identity checks, query responses, and promotion access — based on contract performance.
  • Meeting legal requirements, including AML compliance, KYC procedures, responsible gaming enforcement, and regulatory reports — based on legal obligations.
  • Preventing fraud, detecting bonus misuse, blocking unauthorized actions, and managing risks — grounded in our legitimate interests to protect the business and users.
  • Personalizing marketing, sending tailored offers, and running promotions — based on your consent or legitimate interests.
  • Improving services through analytics, traffic studies, issue resolution, and experience optimization — based on legitimate interests.
  • Ensuring platform security via monitoring and safeguards — based on legitimate interests and legal obligations.

Sharing Your Data

We share data only when necessary and with trusted parties under strict controls:

  • Within our corporate group for fraud, AML, responsible gaming, and (with consent) marketing.
  • Game providers for delivering titles (limited to essentials like username or IP).
  • Payment processors for handling transactions.
  • Marketing partners for consented promotional activities.
  • Authorities if legally mandated (we resist unjustified demands).
  • Third-party tools for communication, verification, AML/KYC, and fraud checks.
  • In business transfers like mergers, with prior notice.
  • Professional advisors or processors bound by agreements.

All recipients must handle data securely, lawfully, and solely for agreed purposes, with minimal sharing.

International Transfers

Data may transfer outside the EEA. We apply safeguards like European Commission-approved Standard Contractual Clauses or rely on adequacy decisions for recipient countries to maintain protection levels.

Data Retention

We keep data only as long as needed for its original purpose, guided by legal mandates, data type, and risks. AML rules require retaining certain records for at least five years after account closure, preventing earlier deletion requests. Anonymized data may persist longer for analytics and improvements.

Your Rights and Consent

Using our services indicates consent to this processing. Under GDPR and PIPEDA, you may:

  • Withdraw consent (where applicable, though some processing continues due to legal or contractual needs).
  • Access, rectify, or erase your data.
  • Restrict or object to processing.
  • Request portability.
  • Opt out of marketing.
  • Complain to a supervisory authority.

Automated Decisions

We avoid solely automated decisions with legal effects. If any arise, we will notify you as required.

Security Measures

We implement robust technical, organizational, and physical protections against unauthorized access, loss, or misuse. Data transmits via secure servers, with access restricted to authorized personnel. Secure your account with a strong password and consider enabling two-factor authentication. Never share login details.

Policy Updates

We may revise this policy to reflect changes in technology, laws, or practices. Check back regularly for updates.

Contact Us

For questions, rights exercises, or concerns, email our DPO at [email protected]. Support is also available at [email protected] or through live chat.