01Information we gather
When you register at Winshark Casino, we collect identifying details such as your full legal name, residential address, date of birth, and a copy of a government-issued document for verification purposes mandated by our Curaçao license.
Throughout your use of the platform, technical information including device type, browser fingerprint, IP address, geolocation indicators, and gameplay history is automatically logged to maintain operational integrity.
Voluntary submissions such as customer-support tickets, survey responses, and preferences indicated in your profile are also stored to personalise your experience.
02Purpose of processing
Collected information allows us to fulfil our regulatory obligations regarding anti-money-laundering checks, age verification, and source-of-funds documentation as required by the Gaming Control Board.
We rely on processed data to operate transactions, resolve disputes, detect suspicious betting patterns, and prevent unauthorised access through behaviour-based anomaly detection.
With your express opt-in consent, we may use contact details to send promotional newsletters, tournament invitations, and product updates. Consent can be withdrawn at any time without affecting account functionality.
03Sharing with third parties
Winshark Casino partners with payment processors, identity-verification vendors, and game-content providers who receive only the minimum information necessary to perform their contracted role.
Disclosure to law-enforcement bodies, tax authorities, or the Curaçao Gaming Control Board may occur where a binding legal request is presented and validated by our compliance team.
We do not sell personal information to data brokers, advertising networks, or any third party for monetary consideration.
04Your control over information
You may request a portable export of records held about you, ask for corrections to inaccurate fields, or initiate the deletion of non-essential records once mandatory retention periods have lapsed.
To exercise these rights, submit a written request through the dedicated privacy channel listed below. Identity confirmation is required before any sensitive operation is processed.
05Security measures
All sensitive fields are encrypted in transit using TLS 1.3 and stored in databases protected by AES-256 at rest. Internal access is restricted through role-based permissions and routine audits.
While no system can guarantee absolute security, we maintain incident-response procedures and will notify affected users of any qualifying breach within the timeframe set by applicable Canadian provincial regulations.
This summary outlines our standard practices. Should there be a conflict between this notice and applicable law, statutory provisions and licensing conditions will prevail in interpretation and enforcement.
