🇬🇧
🇻🇳 Vietnamese
🇬🇧 English
sparkles sparkles sparkles sparkles
title

Sunwin Privacy Policy

This Privacy Policy of Sunwin explains the manner in which we collect, utilise, store, and safeguard the personal information of our users. We are committed to upholding your right to privacy and complying with relevant international data protection regulations (such as the European Union's GDPR) as well as applicable local regulations. Your use of Sunwin's services shall constitute your agreement to the terms and conditions set forth in this Privacy Policy.

1. Information We Collect

We collect information necessary for the effective provision of our services and compliance with legal requirements. The main categories of data collected by Sunwin include:

  • Personal Information Provided by You: This includes your full name, date of birth, nationality, ID/Passport number, address, email address, phone number, etc., which are required when you register an account or update your profile. This information is used for customer identification and verification (serving the KYC procedure and ensuring legal age compliance).
  • Financial Account Information: This includes details regarding the payment methods you utilise (bank account number, credit/debit card number, e-wallet, cryptocurrency wallet address, etc.). We collect this data when you make deposits or withdrawals. Sensitive financial information (such as payment card numbers) shall be immediately encrypted within our system or securely processed through certified payment gateways.
  • Transaction Data: The history of your deposits, withdrawals, bets, and wins/losses on the platform. We retain this data for the purpose of managing your account, fulfilling our obligation to report transactions to regulatory bodies, and assisting you with reconciliation when necessary.
  • Technical and Usage Data: When you access Sunwin, the system automatically collects certain information, such as your IP address, browser type, device, operating system, time zone, and activity data (e.g., access time, pages viewed, features interacted with). This information enables us to understand how users engage with the service, detect irregular activity (security), and optimise the user experience. A portion of this data is collected via Cookies and similar tracking technologies (please refer to the Cookie Policy for further details).
  • Communication Information: The content of emails you send to us, chat conversations with the customer support department, or survey responses you provide. This information assists us in better serving you and enhancing the quality of our service.

Note: We do not collect or store any sensitive data regarding the user's race, religion, health, political views, or private life, unless required by law or voluntarily provided by you (e.g., during interactions with customer support).

2. Purposes for Using the Information

Sunwin utilises the collected information for legitimate purposes and in compliance with legal provisions, including:

  • Provision of Core Services: Personal information is used to create and manage your account, authenticate your identity upon login, and allow you to participate in betting and gaming activities on the platform. Transaction data is used to update balances, process deposit/withdrawal payments, calculate winnings, and display your betting history.
  • Verification and Legal Compliance: We utilise your identification and financial information to perform KYC (Know Your Customer) and AML (Anti-Money Laundering) procedures as required by law. Examples include verifying that you are over 18 years of age, cross-checking the name on the bank account with the registered name, and monitoring transaction volume to prevent fraud and money laundering. If necessary, we may cross-reference your information with public or third-party databases for verification (e.g., identity verification services). This action is intended to protect both the player and the company against illicit activities.
  • Improvement of User Experience: Information regarding your device and usage behaviour is analysed to allow us to optimise the interface and product features. For instance, data on device and browser type helps us adjust the display of the website accordingly (ensuring a good experience on mobile or tablet devices). Interaction history is used to suggest content, games, or promotions relevant to your preferences, but only if you consent to receiving marketing communications.
  • Customer Service: The information you provide when contacting support (such as email, chat) will be used to answer questions, resolve requests, or disputes. We may access your account information and transaction history when necessary to provide timely and accurate support.
  • Communication and Notifications: We may use your email address or phone number to send important notifications related to your account (e.g., transaction confirmation notices, unusual login alerts, changes to policy terms or security information). These are non-commercial communications that you may not opt-out of due to their critical nature. Furthermore, if you consent, we will send newsletters, promotional offers, special events, etc. You may opt to unsubscribe from these marketing communications at any time.
  • Internal Research & Analysis: Aggregated data (anonymised or stripped of personal identification) may be used to analyse market trends, evaluate business performance, and improve products/services. For example, we may aggregate data on the percentage of users winning or losing by game, or the effectiveness of an advertising campaign, but these reports will not contain personally identifiable information.

We commit not to use your personal information for purposes beyond those legitimate and necessary purposes outlined above, unless we obtain your consent or when required by law.

3. Sharing Information with Third Parties

Sunwin respects privacy and does not sell customers' personal data to third parties for commercial purposes. However, in certain circumstances, we must share your information with trusted third parties to operate the service and comply with legal regulations. The recipients of the information are only authorised to use it within the scope of the assigned purpose and must ensure its confidentiality. Specifically:

  • Payment Service Providers: When you execute a deposit or withdrawal, transaction information (such as account number, account holder name, amount) will be shared with the corresponding bank or payment gateway to process the transaction. These partners are obligated to secure your financial data and use it solely for transaction completion.
  • Game Providers: Sunwin collaborates with numerous international game providers to offer a diverse range of games (casino, slots, sports betting, etc.). When you participate in a specific game, the system may need to share your user identifier and necessary parameters (e.g., session ID, bet amount) with the server of that game provider. This information is required for the fair and accurate operation of the game (e.g., automated payout if you win). All providers comply with data confidentiality agreements (NDA) and only process information as agreed with us.
  • Regulatory and Law Enforcement Authorities: If required by a legally competent authority (e.g., court order, investigation request from law enforcement, or request from the Curaçao Gaming Authority), we may need to provide your personal data to them. This typically occurs in cases of investigating fraud, money laundering, tax evasion, or legal disputes. Sunwin will carefully review all requests for information and will only comply when the request is valid and adheres to the proper legal procedure.
  • Affiliated Companies and Auxiliary Service Providers: Some information may be shared with entities supporting us in operations, such as: server hosting companies, email/SMS services, electronic identity verification services, legal advisors, auditors, etc. These parties have all entered into confidentiality agreements with us and commit to protecting user information. For example, we may use an SMS OTP authentication service from a network operator to send you a login verification code – in which case your phone number will be sent to the operator to perform the messaging.
  • Business Transfers: In the event that Sunwin undergoes a merger, acquisition, or transfer of business assets (e.g., selling the business to another company), user data may be transferred to the acquiring entity as part of the business agreement. Should this occur, we will notify you and ensure that the recipient party continues to adhere to equivalent security standards for your personal information. You shall have the right to opt not to continue using the service if you disagree with the new entity's policy.

Except for the aforementioned cases, any external sharing of information (if any) shall be communicated and proceed only with your explicit consent. We consistently consider carefully and apply the principle of data minimisation – only sharing what is genuinely necessary for the relevant purpose.

4. Data Storage and Security

Sunwin implements appropriate technical and organisational security measures to protect users' personal data from unauthorised access, disclosure, alteration, or unlawful destruction. The key measures include:

  • Encryption: Sensitive information (e.g., account passwords, financial data) is strongly encrypted (using one-way hashing functions or AES-256 encryption standard) when stored in our database. Data transmitted between your browser and the Sunwin server is encrypted using the SSL/TLS protocol (HTTPS connection) to prevent eavesdropping or data theft during transmission.
  • Access Control: Only authorised Sunwin employees (e.g., system administrators, senior customer support staff) have restricted access to your personal data, and only to the extent necessary to perform their duties. All employees must adhere to strict confidentiality agreements. We apply Multi-Factor Authentication (MFA) for internal administrative access to enhance security.
  • Secure Server Infrastructure: Your data is stored on secure servers located in data centres that meet international standards (e.g., ISO/IEC 27001 certification for information security management). We deploy firewalls and Intrusion Detection/Prevention Systems (IDS/IPS) to protect the system from attacks. Data backups are performed periodically and stored securely, in case of system failure or disaster. In the event of a natural disaster or severe error, we have a recovery and data restoration plan to ensure service continuity.
  • Audit and Evaluation: Sunwin regularly conducts security audits and penetration testing (pentest) through independent experts to timely detect and rectify security vulnerabilities (if any). We also consistently update the latest security patches for our software systems and servers.
  • Data Retention Policy: We retain your personal information only for the period necessary for the initial purpose of collection or as required by law. The specific retention period may vary depending on the data type. For example: Financial transaction data may need to be retained for a minimum of 5-7 years for audit purposes and compliance with anti-money laundering regulations. After the necessary retention period expires, we will safely delete or anonymise your data. If you close your account, some information may still be held for an additional period (as legally required or for dispute resolution purposes), after which it will be completely erased.

While we strive to protect your data, no system can guarantee 100% absolute security. In the event of a security breach (data breach) leading to the compromise of your personal data, Sunwin will notify you and the competent authorities in accordance with the violation notification regulations (e.g., within 72 hours according to GDPR standards for serious incidents). We will also implement necessary measures to mitigate risks and prevent similar incidents from recurring, as well as support you (e.g., requiring you to change your password, providing credit monitoring services if appropriate).

5. User Rights Regarding Personal Data

We respect your legal rights concerning the personal data that Sunwin collects and processes. Depending on the applicable legal regulations, you may possess some or all of the following rights:

  • Right of Access: You have the right to request that we confirm whether Sunwin is processing your personal data, and if so, you have the right to access that data.
  • Right to Rectification: If you discover that the personal information we hold about you is inaccurate or incomplete, you have the right to request that we correct or supplement it.
  • Right to Erasure (Right to be Forgotten): In some instances, you have the right to request that we delete or remove your personal data.
  • Right to Restriction of Processing: You may request that we temporarily cease processing your personal data in certain situations.
  • Right to Object: If we process your data based on legitimate interests or for direct marketing purposes, you have the right to object to the processing for reasons related to your particular situation.
  • Right to Withdraw Consent: Where we process data based on your consent (e.g., permitting the sending of a newsletter, or allowing the use of non-essential analytical cookies), you always have the right to withdraw consent at any time.
  • Right to Data Portability: To the extent applicable by law (such as under GDPR), you have the right to request the return of the personal data you have provided to us in a structured, commonly used, machine-readable format, and you have the right to transmit that data to another entity.

To exercise the aforementioned rights, you may contact our Data Protection Department (see contact information at the end of the policy). We may request that you provide some information to verify your identity (to ensure the request is carried out by the correct data subject). The exercise of these rights is entirely free of charge, except in cases where your request is excessively frequent, excessive, or clearly unfounded, in which case we may charge a reasonable administrative fee or refuse to comply.

We will endeavour to respond to your request within 30 days. If the request is complex and requires more time, we will notify you of the reason and update you on the processing progress. Should you be dissatisfied with our response or the way we handle your data, you have the right to lodge a complaint with the competent data protection authority in your locality.

6. Cookies and Online Tracking

Sunwin uses cookies and similar tracking technologies to recognise you and customise your experience when accessing the website. Essentially:

  • Cookies are small text files stored on your device when you visit our website. Cookies help us remember information about your session (e.g., keeping you logged in, remembering your chosen language, etc.). They also help us understand how you use the website to improve the service (e.g., seeing which pages are most viewed, the average time spent on a page).
  • Some cookies are necessary for the website's operation (e.g., session cookies for the betting slip to function). Other non-essential cookies (e.g., Google Analytics analytical cookies, advertising cookies) will only be used when you permit them. You can manage your cookie preferences through the cookie notification upon your first visit, or change them in your account/browser settings at any time.

We do not use cookies to collect sensitive personal information or track you outside the Sunwin website domain. All data collected through cookies is processed according to this Privacy Policy and complies with current data protection regulations.

7. International Data Transfer

Sunwin is a global platform; thus, your personal data may be transferred outside the country where you reside. For instance, our servers may be located in data centres in another country, or our customer support staff may access data from a different country. Regardless of where your data is processed, we ensure an equivalent level of protection to that in your country.

For users within the European Union (EU) or regions with similar requirements, if data is transferred outside the EU, we will adhere to the protection mechanisms under GDPR. This may include executing Standard Contractual Clauses with the data recipient in the third country, or ensuring that the receiving country has been recognised by the EU as having an adequate level of protection.

You may contact us to learn more about the protective measures we implement for international data transfers.

8. Policy for Minors

Sunwin's services are not intended for minors under 18 years of age. We do not knowingly collect personal data from anyone under this age.

In the event that we discover a user under 18 has provided us with information, we will take necessary steps to delete their data.

9. Changes to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices or new legal regulations. When there are material changes, we will post a notice on the homepage and/or send an email notification to you (using the email address registered in your account) to inform you. The effective date of the new version will be clearly stated at the beginning of the policy.

Your continued use of the services after the changes take effect signifies acceptance of the update policy.

We encourage you to periodically review the Privacy Policy to always be updated on how we protect your information.

This policy is subject to a formal review at least annually or following regulatory updates or material changes occurring, whichever comes first.

10. Contact Information

Should you have any questions, concerns, or requests related to this Privacy Policy or the processing of personal data at Sunwin, please contact us through the following channels:

  • Email: privacy@sun.win (Data Protection Department).
  • Phone: +31-xxx-xxxxxx (international support phone number of the main office, if applicable).
  • Mailing Address: Customer Care - Data Security Department, Amadeus Technology B.V., Chuchubiweg, Curaçao.

We will respond and resolve your issue as soon as possible, no later than 30 business days from the date of contact receipt.

Thank you for trusting Sunwin. We are always committed to securely and transparently protecting your personal data, so you can enjoy your entertainment experience on our platform with peace of mind.