winrate Casino & Sportsbook Data Care

This page describes what we collect when you use winrate and how we keep that data protected. We collect personal information only to operate our platform, process your deposits and withdrawals, verify your identity, and provide customer support. We do not sell your data to third parties, and we encrypt all information transmitted between your phone and our servers.

Our data practices reflect our commitment to transparency. We explain what we collect, why we collect it, how long we retain it, and what rights you have over your information. If you have questions about how we handle your data on winrate, contact our support team through your in-app help channel or email us directly.

We comply with applicable data protection regulations in the jurisdictions where we operate. Our servers may sit outside your home country, but we apply the same security standards regardless of location.

What We Collect on winrate

We collect information in three categories: account registration data, payment and transaction data, and behavioural data.

Account registration: When you create a winrate account, we collect your full name, email address, phone number, and date of birth. We use this information to create your account, send you password-reset links, and contact you about account security issues. We do not share your email or phone number with third parties outside our compliance and support teams.

Behavioural data: We log your betting activity, game selections, and account login times. We use this data to detect unusual patterns (potential fraud), personalise your experience, and improve our platform. We do not use this data to profile you for marketing purposes or sell it to advertisers.

KYC documents

We collect government ID, facial recognition data, and proof of address before allowing withdrawals. We store these securely and delete them after a retention period set by our compliance policy.

Session cookies

We use cookies to keep you logged in and remember your preferences. These expire when you close your browser or log out.

IP address and device info

We log your IP address and device type (Android, iOS, browser) for security and troubleshooting purposes.

How We Use Your Data on winrate

We use your data for the following purposes:

• Operating and maintaining our platform — processing deposits, withdrawals, and bets
• Verifying your identity through KYC checks to comply with anti-money-laundering regulations
• Detecting and preventing fraud, account takeovers, and suspicious activity
• Providing customer support — responding to your inquiries and resolving account issues
• Improving our platform — analysing user behaviour to identify bugs and optimise performance
• Complying with legal obligations — responding to law enforcement requests and regulatory inquiries

We do not use your data to send you marketing emails or push notifications unless you opt in. We do not sell your data to third parties. We do not use your data to build profiles for targeted advertising.

We at winrate believe your data belongs to you — we hold it in trust to operate our platform, and we protect it with encryption and access controls.

Our Data Retention and Third-Party Processors

We retain your account data for as long as your account is active. If you close your account, we retain transaction records for compliance purposes (typically seven years) but delete your personal information within 30 days. We retain KYC documents for a period set by our compliance policy, then securely delete them.

We use third-party processors to operate winrate. Our payment processors (DANA, e-wallet, mobile banking, local payment, online payment, e-wallet, mobile banking, local payment, online payment, e-wallet) receive transaction data necessary to process your deposits and withdrawals. Our email provider receives your email address to send password-reset links and account notifications. Our hosting provider stores our servers and databases. We have data-processing agreements with all third parties that require them to protect your data and use it only for the purposes we specify.

Our servers may be located outside your home country. We apply the same encryption and access controls regardless of server location. If you are in Jakarta, Surabaya, Bandung, or Medan, your data may be processed on servers in other regions, but it remains encrypted in transit and at rest.

Your Rights and Data Access on winrate

You have the right to access, correct, and delete your personal data on winrate. To request a copy of your data, contact our support team through your in-app help channel. We will provide your information in a portable format within 30 days. To correct inaccurate information (e.g., your registered name or email), log into your account and update your profile, or contact support.

To request deletion of your account and associated data, contact our support team. We will close your account and delete your personal information within 30 days, subject to our legal obligation to retain transaction records for compliance. We cannot delete data that is subject to regulatory holds or ongoing investigations.

We do not use automated decision-making or profiling to make decisions about your account. All account restrictions, suspensions, or closures are reviewed by our compliance team before implementation.

Security and Encryption on winrate

We encrypt all communication between your phone and our servers using TLS 1.3 protocol. Your password is hashed using a strong algorithm and never stored in plain text. Your payment credentials are never stored on our servers — only secure tokens that let us initiate transfers with your consent.

We restrict access to your data to authorised employees and contractors who need it to operate winrate. We use multi-factor authentication for internal access to sensitive systems. We conduct regular security audits and penetration tests to identify and fix vulnerabilities.

If we discover a data breach, we will notify you within 72 hours and explain what information was compromised and what steps we are taking to secure it. We will also notify relevant regulatory authorities as required by law.