BassWin Privacy Policy

BassWin collects and processes personal information to operate user accounts, deliver services, complete payments, manage risk, and meet regulatory duties under United Kingdom requirements, including data protection law and gambling related compliance.

Personal data that may be collected

• Identity and contact details: name, date of birth, address, email address, telephone number
• Account details: username, password (stored in protected form), security questions, account status
• Verification information: copies of identity documents, proof of address, and related verification results
• Financial and transaction data: payment method details, deposit and withdrawal records, banking identifiers required for payouts, chargeback related records
• Gambling and account activity: stakes, bets, game history, logins, session data, responsible gambling tools used, communications with support
• Technical and device information: IP address, device identifiers, browser type, operating system, and website usage information
• Compliance and risk data: fraud indicators, AML screening results, sanctions and PEP screening results where required

Why this information is collected

• To set up and administer user accounts
• To verify identity, age, and eligibility to use gambling services
• To process deposits, withdrawals, and transaction checks
• To prevent fraud, account misuse, and security incidents
• To comply with legal and regulatory obligations, including anti money laundering requirements
• To respond to user requests and manage disputes

Security and protection measures

BassWin applies technical and organisational measures designed to protect personal data against unauthorised access, loss, alteration, or disclosure, including:

• Access controls, role based permissions, and staff confidentiality obligations
• Encryption in transit where supported by the browser and platform configuration
• Monitoring, logging, and security review processes
• Secure development and change management practices
• Vendor due diligence and contractual controls for service providers

User rights under UK GDPR

Subject to legal limits and identity verification, users can request:

• Access to personal data held about them
• Correction of inaccurate or incomplete information
• Deletion of personal data, where a valid legal basis applies
• Restriction of processing in certain situations
• Objection to certain processing based on legitimate interests
• Data portability for information processed by automated means on consent or contract

Some information must be retained to meet legal obligations, regulatory requirements, and to establish, exercise, or defend legal claims.

BassWin uses collected information only for defined purposes and processes personal data in a lawful, fair, and transparent manner.

How information is used

• Account services: registration, login, account management, customer support, and security notifications
• Transactions: deposit processing, withdrawals, refunds, chargeback handling, and payment reconciliation
• Service operations: platform functionality, troubleshooting, testing, and performance management
• Service improvement: product development, quality assurance, and analysis of how users interact with online services
• Analytics: aggregated reporting, platform measurement, and detection of unusual activity
• Compliance: age and identity verification, safer gambling checks where applicable, anti money laundering checks, fraud prevention, and responding to lawful requests from regulators and authorities

Marketing preferences

Marketing messages are sent only where permitted by law and user choices. Users can manage direct marketing preferences through account settings and communication options, and can opt out of non essential promotional communications.

Lawful bases for processing

Depending on the purpose, processing may rely on:

• Consent, where required
• Performance of a contract, to supply services requested by the user
• Legal obligations, including regulatory compliance
• Legitimate interests, such as platform security, fraud prevention, and service improvement, balanced against user rights

Users can access, update, or request deletion of personal data through account settings or by contacting support. BassWin may ask for additional information to confirm identity before actioning a request.

Updating information

• Users can update certain account details directly within the account area.
• If information cannot be changed in the account area, support can assist after verification.

Access requests

• A user may request a copy of personal data held about them.
• Requests are handled within applicable legal timeframes and may be subject to exemptions.

Deletion requests

• Users can request deletion of personal data.
• Some information cannot be deleted immediately if retention is required for legal obligations, regulatory requirements, fraud prevention, responsible gambling controls, or dispute handling.

Security checks and payment processing

Use of the website confirms the user accepts:

• Security and verification checks, including identity, age, and risk assessments
• Processing of payment related information by payment service providers and banking partners to complete deposits, withdrawals, refunds, and related checks

Payment providers process data under their own policies and contractual obligations, and may require additional verification to prevent fraud and comply with legal duties.

BassWin services are intended for users aged 18 or over. The operator cannot confirm age with certainty without appropriate documents and verification checks.

If the operator learns that personal data has been collected from a person under 18, steps will be taken to delete the information where legally permitted and to restrict the account. A parent or legal guardian can contact support to request review and deletion of a minor’s information, and proof of identity and relationship may be required to protect the child’s privacy.

BassWin may transfer or allow access to personal data outside the United Kingdom when suppliers, technology partners, or group operations support the services. Use of the website indicates consent to such processing where consent is the relevant lawful basis.

When international transfers take place, BassWin applies safeguards designed to protect confidentiality and security, which may include:

• Adequacy decisions where recognised by the UK
• Standard contractual clauses or international data transfer agreements
• Supplier security assessments and contractual data protection obligations

Access to personal information is limited to authorised recipients who require it for defined business, security, or compliance purposes.

This Privacy Policy is a compliance document that describes how personal data is handled. If any statement in this document conflicts with mandatory legal or regulatory requirements, those requirements take priority.

The policy applies once the user accepts it through an acceptance mechanism on the website, including ticking an acceptance box, completing registration, or continuing to use the services after the policy is presented. Acceptance is treated as agreement to the scope and effects of the rules described in this document.

Cookies are small text files stored on a user’s device when visiting websites. BassWin uses cookies and similar technologies to support site operation and to understand how users interact with online services.

Cookie purposes

• Essential operation: account login, session management, fraud prevention, and security
• Statistics and analytics: aggregated measurement of traffic and usage patterns
• Behaviour analysis: understanding interactions with pages and features
• Personalisation: remembering preferences and selected settings
• Site improvement: diagnosing issues and improving performance

Retention

Cookie retention is up to 1 year, depending on the type of cookie. Some cookies expire at the end of a session.

Users can control cookies through browser settings. Blocking certain cookies may affect website functionality.

Use of BassWin indicates full acceptance of this Privacy Policy. If a user does not accept the policy, the services should not be used.

The current version published on the website prevails. Continued use of the services after an update indicates acceptance of the updated document.

BassWin may share personal data with third parties when necessary to operate services, meet legal obligations, or manage disputes. Sharing is limited to the scope required for the purpose.

Categories of third parties

• Identity, age, and verification providers
• Payment service providers, banks, and payout partners
• Fraud prevention, security monitoring, and risk management suppliers
• Analytics and technical service suppliers supporting website operation
• Professional advisers such as auditors, legal advisers, and compliance consultants
• Regulators, law enforcement, and public authorities where required by law

Reasons data may be shared

• Legal and regulatory compliance, including anti money laundering controls
• Investigation and prevention of fraud, account misuse, and security incidents
• Dispute resolution, chargeback handling, and enforcement of platform rules
• Contract performance with suppliers supporting online services

Where third parties are identified on the website, the user can review those notices. If third parties are not listed, BassWin provides information on request about the purpose and scope of sharing where permitted by law. Submission of personal information confirms consent where consent is the relevant lawful basis.

The website may include links to external websites operated by third parties. Those websites have their own privacy policies and practices.

BassWin is not responsible for the collection, processing, or use of personal information by third party websites. Users should review the relevant privacy policy before submitting personal data to an external site.