Privacy and Personal Data Protection Policy

Identification and Contact Data

During the registration process, we collect basic information such as name, surname, email address, phone number, and date of birth. Age verification is a strict legal requirement in Poland – access to the platform is permitted only for individuals who are 18 years of age or older. This data allows us to create a unique user profile, ensure secure access to services, and enable quick technical communication if needed.

Technical Data and System Logs

During every interaction with the Vavada Casino platform, our servers automatically record technical data such as IP address, device type, browser version, operating system, and session duration. This information is essential for monitoring platform stability, detecting potential intrusion attempts, and optimizing content display according to the user's device technical specifications.

Activity and Usage Data

We process information about which features you use most often, how long you spend in particular sections of the service, and what actions you take. If you use services requiring financial settlements, we also process data on transaction status, with detailed payment data usually being isolated and handled by certified payment operators to ensure the maximum level of financial protection.

Data processing on our platform is carried out in accordance with Article 6 of GDPR and is based on the following foundations:

• Contract performance: When data is necessary for the provision of services that the user has opted for.
• Legal obligation: When Polish regulations require us to verify identity, age, or report specific events.
• Legitimate interest: To ensure network security, prevent fraud, and improve our technical tools.
• User consent: For voluntary additional services, such as subscribing to informational communications.

We use the collected data solely for:

• Proper management of your account and verification of access rights.
• Providing efficient technical support and resolving user-reported issues.
• Analyzing service performance to implement ergonomic improvements.
• Protection against cyber threats and actions violating the platform's terms and conditions.
• Fulfilling regulatory requirements regarding transparency and reporting in Poland.
• Direct marketing management (only with the user's explicit consent).

We store personal data only for the period necessary to achieve the purposes for which it was collected, or for the time required by Polish law (e.g., tax regulations, statute of limitations for claims). After the retention period expires, the data is permanently and securely deleted from our servers or subjected to an anonymization process that prevents re-assignment of information to a specific individual.

We never sell or rent our users' data to commercial entities. Information may only be transferred to trusted technical service providers (e.g., server operators, IT companies managing security systems) who act on our behalf based on data processing agreements. In situations provided for by law, we may be obliged to disclose data to Polish law enforcement agencies or other authorized state institutions.

Most processing operations take place within the European Economic Area. In exceptional cases, when we use the services of global technology providers, data may be transferred outside the EEA. In such situations, we always apply standard contractual clauses approved by the European Commission and additional technical safeguards to guarantee a level of data protection equivalent to GDPR standards.

We implement advanced technical measures to protect data against accidental destruction, loss, unauthorized modification, or access by third parties. These include:

• Encrypting connections using SSL/TLS certificates.
• Intrusion Detection and Prevention Systems (IDS/IPS).
• Regular infrastructure security audits and penetration tests.
• Strict access control for Vavada Casino personnel, based on the principle of least privilege.

In accordance with GDPR, every user has a number of rights that can be exercised by contacting us:

• Right to access data content: You can receive information about what data we process.
• Right to rectification: You have the right to correct inaccurate or outdated information.
• Right to erasure (“right to be forgotten”): In certain cases, you can request data deletion.
• Right to restriction of processing: You can request the suspension of operations on your data.
• Right to data portability: You can receive your data in a structured format.
• Right to object: You have the right to object to data processing based on a legitimate interest.

To exercise your rights or clarify doubts regarding data processing at Vavada Casino, please contact us by email at: [email protected]. Each submission is analyzed individually, and we respond without undue delay, no later than within one month.

Our approach to data protection evolves with the development of the platform. Any changes to this policy will be published on this page. We recommend regularly reviewing the document to have current knowledge about the protection of your rights.