Spinch Privacy Policy
This Privacy Policy explains how personal information is collected, processed, protected, disclosed, and deleted across this online service. The document applies to the website and related services offered in Ireland. Use of personal data is based on the user’s consent where consent is the appropriate legal basis. It also sets out fair practice standards, how long information is kept, and how to contact us about privacy.
Privacy and Data Protection
- Who we are and legal basis
- The website operator acts as data controller for this service.
- Processing follows the EU General Data Protection Regulation, the Irish Data Protection Act 2018, and the ePrivacy Regulations.
- Personal data we collect
- Identity and contact details: name, date of birth, address, Eircode, email, phone.
- Account and verification data: age and identity checks, KYC documents, proofs of address, any verification results permitted by law.
- Financial and transaction data: deposits, withdrawals, payment method details, IBAN or card identifiers, betting and gaming history.
- Technical and usage data: IP address, device identifiers, browser and operating system, app or site logs, session details, cookies, online activity on our websites.
- Safer gambling and compliance data: self-exclusion status, time-outs, affordability indicators, AML risk assessments and due diligence records.
- Communication and preferences: support chats, emails, recordings where permitted, marketing choices.
- Why we collect it
- To provide services, operate accounts, and deliver support.
- To verify identity and age, and comply with AML and counter-terrorist financing laws.
- To process payments and handle withdrawals.
- To secure the platform, prevent fraud, and ensure responsible play.
- To improve websites and services through analytics and testing.
- To personalise content and marketing where consent is given.
- How we protect it
- Encryption in transit, strong access controls, and role-based permissions.
- Data minimisation, pseudonymisation where suitable, and regular security testing.
- Staff training, confidentiality commitments, and background checks where appropriate.
- Vendor due diligence and contracts that include data processing and confidentiality obligations.
- Retention
- Kept only as long as needed for the purposes outlined in this document.
- Typical periods: the life of the account and up to 7 years after closure for legal, tax, and AML requirements under Irish and EU law.
- Your rights
- Access, rectification, erasure, restriction, portability, and objection to certain processing.
- Withdraw consent at any time where processing relies on consent.
- Lodge a complaint with the Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, or at dataprotection.ie.
- Exercise rights through the Privacy Centre in your account or by contacting our Data Protection Officer using the contact options on the website.
Use of Collected Information
- Account and services
- Create and manage accounts, verify age and identity, provide customer support, and operate online games and sportsbook services.
- Transactions
- Process deposits and withdrawals, prevent fraud, manage chargebacks, and meet anti-money laundering obligations.
- Service improvement and analytics
- Monitor performance, fix errors, run analytics, and test features to improve user experience on the websites.
- Personalisation and marketing
- Show content and offers based on preferences, only where consent has been provided. Users can change preferences at any time.
- Legal and regulatory compliance
- Meet obligations under Irish and EU law, respond to lawful requests, enforce terms, and handle disputes.
- Lawfulness and transparency
- Processing is based on one or more lawful grounds: consent, performance of a contract, compliance with legal duties, or legitimate interests that do not override user rights.
Access to Information
- How to access or update
- Users can view and edit most profile and contact information in account settings.
- For other requests, submit a privacy request through the Help Centre or the Privacy Centre.
- Correction and deletion
- We will correct inaccurate data upon request and delete personal data where required by law.
- Deletion may be limited by legal or regulatory retention duties such as AML and tax rules.
- Process and timelines
- We may request proof of identity and additional information to safeguard accounts.
- Standard response time is one month, extended where requests are complex or numerous.
- Security checks and payments
- By using Spinch, users consent to necessary security checks and the processing of payment information by authorised payment providers and verification partners.
Protection of Children’s Privacy
- This service is for persons aged 18 or over only.
- The operator cannot confirm age without appropriate documents. Proof may be requested at registration, before withdrawals, or at any time.
- If a parent or guardian believes a minor has provided personal data, contact us. Once verified, the account will be closed and personal information deleted where legally permitted.
International Data Transfers
- Personal data may be processed in countries where Spinch and its partners operate, including outside the European Economic Area.
- Appropriate safeguards are used for cross-border transfers, such as adequacy decisions, Standard Contractual Clauses, and technical and organisational measures.
- Using the site constitutes consent to such transfers where consent is the applicable legal basis. All partners are bound by confidentiality and data protection obligations.
Legal Disclaimer
- Any disclaimer contained in this document may clarify or limit the scope or effect of particular rules where permitted by law.
- The disclaimer takes effect once the user accepts this policy by electronic acceptance, signature, or other valid means of accession.
- Nothing in this policy limits statutory rights under Irish or EU law, nor excludes liability that cannot be excluded by law.
Use of Cookies
- Cookies are small files placed on a device to remember settings and recognise a browser.
- How we use cookies
- Essential: run the site and keep users signed in.
- Analytics and statistics: understand site usage and improve services.
- Personalisation: remember preferences and tailor content.
- Marketing: measure reach and frequency where consent is given.
- Retention: cookies are kept for up to 1 year, after which they expire or are removed.
- Control: manage choices in the Cookie Settings panel or adjust browser settings. Essential cookies may be required for core functionality.
Acceptance of Privacy Policy
- Using Spinch means full acceptance of this Privacy Policy and any future updates.
- The current version of the policy prevails over all previous versions. The last updated date will be shown at the top of the document.
Third-Party Privacy Practices
- Personal data may be shared with third parties where required by law, to manage disputes, or to perform agreements.
- Typical recipients include payment processors, KYC and verification providers, fraud prevention services, hosting and IT vendors, analytics platforms, customer support tools, marketing service providers, regulators, and law enforcement.
- A current list or the categories of processors is available on the website. If a named list is not provided, users will be informed of the purpose and scope before sharing where required by law.
- Providing personal information constitutes consent where consent is the legal basis. In other cases, sharing is based on contract, legal obligation, or legitimate interests.
Links to Other Websites
- The site may contain links to external websites that have their own privacy policies.
- The operator is not responsible for how those websites collect, use, or process personal information.
- Users should review the privacy notices on any external site and exercise caution before providing personal data.
Updated: