content(privacy-policy): regenerate privacy-policy/index.md [n8n]

This commit is contained in:
2026-07-13 03:16:19 +03:00
parent 971ff9d64c
commit 0c8aeb6a10
+79
View File
@@ -0,0 +1,79 @@
+++
title = "Privacy Policy"
description = "How NovaSpin handles your personal data — what we collect, why, how long we keep it, and the rights you can exercise. Sample template."
heroImage = "images/hero-faq.svg"
heroAlt = "Abstract illustration representing data privacy"
author = "NovaSpin Editorial Team"
lastmod = 2026-07-13
toc = true
+++
{{< notice type="warning" >}}
This is a sample privacy policy template for demonstration only. It is not legal advice and does not reflect the actual data practices of any operator. A real policy must be drafted against your licence conditions and applicable law (in the EU/UK, the GDPR).
{{< /notice >}}
This page explains, in plain terms, what personal data NovaSpin collects when you register and play, why we process it, who sees it, and how you stay in control. Read it alongside our [cookie policy](/cookie-policy/), which covers tracking technologies specifically.
## Who is responsible for your data
The data controller is the company that operates NovaSpin under its Malta Gaming Authority licence. "Controller" is the legal term for whoever decides why and how your data is used — so any request about your information goes to us, and you can reach our team through the [contact page](/contact/).
For data-protection questions specifically, ask for the Data Protection Officer (DPO) by name in your message. Routing it to the DPO rather than general support usually gets a faster, on-record answer.
## What we collect
Three broad categories, and little that should surprise you:
- **Details you give us** — name, date of birth, email, address, and the documents you upload for identity checks (KYC), plus deposit and withdrawal details.
- **Data created as you play** — bets placed, games opened, session times, bonus activity, and messages you send support.
- **Technical data** — IP address, device and browser type, and cookie identifiers.
Date of birth and ID documents are not optional extras. Licensed operators are legally required to verify your age and identity, so an account cannot be fully opened or paid out without them.
## Why we use it
Each use ties to a specific legal basis under the GDPR, not a blanket "because we can":
- **To run your account and pay you** — this is performing our contract with you.
- **To meet legal duties** — age verification, anti-money-laundering checks, and record-keeping the regulator requires.
- **To keep gambling safe** — spotting problem-play signals and enforcing the limits and exclusions you set.
- **For marketing** — only where you have opted in, and you can withdraw that consent at any time without losing access to your account.
A practical point: unticking marketing does **not** switch off service messages. You will still get transactional emails about withdrawals, security and account changes, because those are part of running the account rather than promotion.
## Who we share it with, and where it goes
We do not sell your data. It is shared only with parties who need it to deliver the service: payment processors, identity-verification providers, game studios that power the titles you play, and the regulator or authorities when the law compels it.
Some of these providers may operate outside your country. Where data leaves the European Economic Area, it should only move under recognised safeguards — such as an adequacy decision or Standard Contractual Clauses. If a policy is silent on international transfers, treat that as a red flag and ask before you deposit.
## How long we keep it
There is no single figure, because different data has different clocks. The important one to know: gambling and anti-money-laundering law forces operators to retain account, transaction and verification records for a set number of years **after** you close your account — commonly around five years in EU jurisdictions.
So closing your account does not wipe your history immediately. Marketing preferences and optional data can be deleted sooner, but the compliance records stay for as long as the law demands.
## Your rights
Under the GDPR you can, free of charge, ask us to:
- **Access** a copy of the data we hold on you.
- **Correct** anything inaccurate or out of date.
- **Delete** data — subject to the retention duties above.
- **Restrict or object** to certain processing, including direct marketing.
- **Port** your data to another provider in a machine-readable format.
Submit a request through [contact](/contact/); we should respond within one month. If you are unhappy with the outcome, you can escalate to your national data-protection authority — you do not have to accept our answer as final.
## Keeping your data secure
We protect data with encryption in transit, restricted staff access, and monitoring for unusual activity. No system is immune, though, so do your part: use a unique password and enable two-factor authentication if it is offered.
One habit worth keeping — we will never ask for your full password by email or chat. Anyone who does is not us.
## Changes to this policy
We may update this page as the service or the law changes. The version date at the top tells you when it last changed, and material changes are notified by email or an on-site notice before they take effect. It is worth re-reading after any big product update.
## Playing in control
Your data also powers the safer-gambling tools, so use them. In the cashier and account settings you can set **deposit, loss and session limits**, take a **time-out** (a short cooling-off period), or opt into **self-exclusion** for longer. These apply immediately and cannot be loosened on a whim — increases carry a deliberate delay. If gambling stops feeling fun, start with our [responsible gambling](/responsible-gambling/) resources, which list free, confidential support services independent of NovaSpin.