Privacy Policy

Effective from 2026  ·  UK GDPR Compliant

This Privacy Policy explains how Basswin collects, processes, stores, and protects the personal data of individuals who use our services. By accessing or using Basswin, you acknowledge that you have read and understood this document. This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller

Basswin acts as the data controller responsible for your personal information. We determine the purposes and means by which your personal data is processed. All data handling practices described in this document are carried out under our direct authority and in accordance with applicable UK data protection law.

2. Information We Collect

We collect personal data through your direct interactions with Basswin, as well as through automated technical means.

2.1 Information Provided by You

  • Full name and date of birth
  • Email address and contact details
  • Payment information, including card or bank account details
  • Identity verification documents (passport, driving licence, or equivalent)
  • Correspondence submitted via support channels

2.2 Information Collected Automatically

  • IP address and device identifiers
  • Browser type and operating system
  • Session activity logs and navigation data
  • Cookies and similar tracking technologies

We do not collect sensitive personal data categories unless explicitly required for legal compliance or identity verification purposes.

3. Legal Basis for Processing

All data processing at Basswin operates under one or more of the following legal bases established by the UK GDPR:

  • Contract performance – processing necessary to provide our services to you
  • Legal obligation – compliance with anti-money laundering (AML) requirements and Gambling Commission regulations
  • Legitimate interests – fraud prevention, service security, and operational improvement
  • Consent – for marketing communications and optional data uses, where you have explicitly agreed

4. How We Use Your Data

Basswin processes your personal information for the following purposes:

  • Verifying your identity and age in accordance with UK gambling regulations
  • Managing your account and processing financial transactions
  • Detecting and preventing fraudulent activity or prohibited behaviour
  • Responding to customer support requests
  • Sending transactional notifications related to your account
  • Meeting statutory reporting obligations to regulatory authorities
  • Analysing service usage to improve technical performance

We do not use your data for automated decision-making that produces significant legal effects without human review.

5. Data Sharing and Disclosure

Basswin does not sell your personal data to third parties. Data may be shared in the following circumstances:

  • With payment processors and financial institutions to complete transactions
  • With identity verification providers to fulfil KYC requirements
  • With regulatory bodies, including the UK Gambling Commission, when required by law
  • With fraud detection and security service providers operating under data processing agreements
  • In the event of a corporate restructuring, merger, or acquisition, subject to equivalent data protection standards

All third parties with whom we share data are contractually required to handle it securely and lawfully.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy. Specific retention periods include:

  • Account information: retained for a minimum of five years following account closure, in line with AML legislation
  • Financial transaction records: retained for six years
  • Support correspondence: retained for three years
  • Marketing consent records: retained until consent is withdrawn, plus one additional year

After the applicable retention period expires, data is securely deleted or anonymised.

7. Your Rights Under UK GDPR

As a UK data subject, you hold the following rights regarding your personal data:

  • Right of access – request a copy of the data we hold about you
  • Right to rectification – request correction of inaccurate or incomplete data
  • Right to erasure – request deletion, subject to legal retention obligations
  • Right to restriction – request that we limit processing in certain circumstances
  • Right to data portability – receive your data in a structured, machine-readable format
  • Right to object – object to processing based on legitimate interests

To exercise any of these rights, submit a written request through our official support channel. We will respond within 30 days, as required by law.

8. Cookies

Basswin uses cookies and similar technologies to maintain session integrity, analyse usage patterns, and support security functions. You may manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our services.

9. Data Security

We apply technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of data in transit, access controls, and regular internal security assessments.

10. Updates to This Policy

This Privacy Policy may be updated periodically to reflect changes in law or our data practices. The current version, effective from 2026, supersedes all previous versions. Continued use of Basswin following any update constitutes acceptance of the revised terms.