1. General

By registering an account, you agree to this Privacy Policy. If you do not agree, do not use the Website. The Company may update this Policy, and continued use means acceptance. Lucky Circus is committed to lawful, fair, and transparent processing of personal data under the GDPR. The Website is intended only for users aged 18+, and data relating to minors will be handled according to law if identified.

2. About Us

Lucky Circus is operated by Dama N.V., licensed in Curaçao. As the data controller, it must process personal data to provide gaming services and comply with legal obligations. A Data Protection Officer (DPO) oversees compliance and can be contacted at dpo@damacasino.com for issues related to your rights and privacy concerns.

3. Contact Us

You may contact us to verify your data, update it, request copies, restrict marketing, or correct inaccuracies. Marketing communications can be opted out through account settings or support. Requests may be made via email, live chat, or directly to the DPO. If you do not receive a reply within 10 days, you should follow up. We aim to respond to valid requests within one month.

4. Information We Collect

• Information you provide, such as registration details, identification documents, banking information, and communication records.
• Technical information, such as IP address, device data, browser details, and cookies.
• Gameplay and usage information, such as games played, time spent, interactions, and activity logs.
• Analytics data, to improve services and troubleshoot issues.

5. Fees and Taxes

You are responsible for paying any applicable taxes or fees tied to your winnings, in accordance with your local laws.

6. Categories of Data We Store

We retain identity data, contact data, financial data, transaction data, technical and usage data, marketing preferences, AML/responsible gaming data, and any special category data you provide (such as responsible gaming information or ethnic origin visible in documents).

7. How We Use Your Information

• Provide gaming services, process deposits/withdrawals, manage your account, and handle complaints.
• Meet legal obligations including anti-money laundering (AML) and responsible gambling requirements.
• Perform fraud prevention, risk management, and security checks.
• Personalize your experience, improve our Website, and conduct analytics.
• Send marketing communications when you have consented.
• Build customer profiles for AML, responsible gambling, and bonus abuse prevention.

8. Lawful Basis for Processing

• Performance of contract (to provide gaming services)
• Legal obligation (AML, responsible gaming, verification)
• Legitimate interest (fraud prevention, analytics, customer support)
• Consent (marketing and personalized features)

9. Data Retention

Your data is kept only as long as necessary for legal, regulatory, and operational purposes. Due to EU gambling regulations, identification and transactional data must be retained for at least five years after account closure or last activity. Data may also be anonymized for analytics and service improvement.

10. Security of Your Data

We apply strict security measures to protect your data from unauthorized access, alteration, or loss. Access is limited to staff with a legitimate business need. Your account is protected by your login credentials, and you can enable two-factor authentication (2FA) for added security. You are responsible for keeping your login details confidential.