IPLWin Privacy Policy

The platform collects personal data to provide lawful services, meet regulatory duties, and improve user experience in India.

Personal data collected

• Identity and contact: full name, date of birth, address, email, mobile number.
• Verification (KYC): PAN, Aadhaar or other government ID, proof of address, selfie, age confirmation, sanctions checks.
• Account and usage: username, preferences, responsible gaming settings, self-exclusion, device and log data, IP address, browser, time zone, online activity.
• Payments and transactions: tokenised card or UPI details via providers, deposits, withdrawals, bets, wins, tax-related information.
• Communications: support requests, chat, call recordings where permitted.
• Cookies and analytics: cookie identifiers, events, and diagnostics.

Why the information is collected

• To create and manage accounts.
• To verify identity, confirm age, and prevent fraud.
• To process payments and withdrawals securely.
• To provide, operate, and improve services.
• To meet legal and regulatory obligations in India and other relevant jurisdictions.

Security measures

• Encryption in transit and at rest, TLS on all pages.
• Role-based access controls, need-to-know permissions, multi-factor authentication for administration.
• Regular security testing, logging, and monitoring.
• Vendor assessments, data processing agreements, and contractual safeguards.
• Incident response procedures and breach notification aligned to applicable law.

User rights

• Access a copy of personal data, request correction, and request deletion where permitted.
• Withdraw consent for optional processing such as marketing.
• Object to direct marketing and request restriction of processing where applicable.
• Request data portability where technically feasible and legally available.
• Use the grievance process and escalate to a regulator where available.

Compliance

• The service follows Indian law, including the Information Technology Act 2000, the SPDI Rules 2011, and the Digital Personal Data Protection Act 2023, as in force.
• For users located in the EEA or UK, processing is aligned to GDPR and similar local standards.

Personal data is used only for lawful and transparent purposes.

Purposes of processing

• Account setup, authentication, and user support.
• Identity, age, KYC, and AML checks under Indian regulations.
• Payment processing, withdrawals, chargeback handling, and fraud prevention via payment providers.
• Delivering and operating online services, including bets and games.
• Responsible gaming features, self-exclusion, and limit management.
• Service improvement, analytics, research, and performance reporting.
• Personalisation of settings and content where permitted.
• Marketing by email, SMS, or in-product messages based on consent and opt-out preferences.
• Compliance, audits, tax reporting, dispute handling, and responses to lawful requests from authorities.

Lawful bases

• Consent for optional uses such as certain analytics and marketing.
• Contractual necessity for account and core services.
• Legal obligation for KYC, AML, and record-keeping.
• Legitimate interests for security, fraud control, and service improvement balanced against user rights.

Users can manage their information through account settings or by contacting the privacy team.

How to access, update, or delete

• Submit a request via account settings or email [email protected].
• Identity verification is required before actioning requests.
• A response is provided within 30 days or the period required by law.
• Some data cannot be deleted while needed for legal, regulatory, tax, or dispute purposes. Backups are purged on scheduled cycles.

Corrections and deletions

• Incorrect details can be corrected by the user or by support upon request.
• Deletion requests are honoured where legally allowed. The account may be deactivated if deletion limits service operation.

Security checks and payments

By using the site, users consent to security checks, KYC, AML screening, and processing of payment information by authorised verification and payment providers.

Grievance and DPO contact

• India Grievance Officer: [email protected]
• Data Protection Officer: [email protected]

The service is intended for users aged 18 and above. Accounts for minors are not permitted under Indian law.

• The operator cannot confirm age without documents and may request ID during verification.
• If a parent or guardian informs the team that a minor has provided personal data, the account will be closed and the information will be deleted where allowed.
• Attempts to access age-restricted services by minors are blocked when detected.

Personal data may be stored or processed outside India where partners and service providers operate. Use of the site constitutes consent to such transfers as permitted by law.

Safeguards

• Contractual protections are applied, including data processing agreements and, where applicable, Standard Contractual Clauses.
• Partners must apply confidentiality, security, and lawful processing standards comparable to those described in this policy.
• Cross-border transfers comply with the Digital Personal Data Protection Act 2023 and other applicable rules.

This Legal Disclaimer may narrow, expand, or otherwise affect the scope and effect of certain rules in this policy. The disclaimer applies once the user accepts the policy through a tick-box, signature, or accession by continued use of the services.

• Where local law requires a stricter rule, that rule prevails.
• If any part of this document is found unenforceable, the remaining parts continue to apply.
• Nothing in this policy limits statutory rights available to the user under applicable law.

Cookies are small text files placed on a device by websites to store information. The site uses cookies and similar technologies for the following purposes:

• Statistics and analytics to understand usage and improve performance.
• Behaviour analysis to detect fraud and enhance security.
• Personalisation of content, language, and settings.
• Service improvement and troubleshooting.

Details

• Cookie retention: up to 1 year unless the user deletes them earlier.
• Controls: manage preferences in the cookie banner and browser settings. Blocking cookies may affect some functions.
• Third-party cookies and web beacons may be used for analytics and fraud prevention. Partners must follow comparable privacy standards.

Use of the site indicates full acceptance of this Privacy Policy. If a user does not agree, the services should not be used.

• The current version of this policy prevails over any prior version.
• Continued use after updates constitutes acceptance of the revised document.
• Material changes will be reflected by an updated effective date and, where required, additional notice or renewed consent.

Personal data may be shared with third parties where required by law, for dispute resolution, or to perform agreements.

Sharing may occur

• With verification vendors, payment service providers, banks, and auditors to operate services and process transactions.
• With regulators, law enforcement, tax authorities, or courts following lawful requests.
• With professional advisers for legal, compliance, or risk matters.

Transparency and consent

• A list of key processors and categories of partners is published on the site or provided on request. If not listed, users are informed of the purpose and scope before sharing whenever feasible.
• Providing requested information constitutes consent for the intended processing where consent is the legal basis.
• Third parties are required to protect confidentiality and use the information only for stated purposes.

The site may contain links to external websites that operate their own privacy policies and practices. IPLWin is not responsible for how those websites collect or use personal information.

• Users should review the privacy notices of external sites before providing any data.
• This policy applies only to information processed on the platform’s domains and official apps.