spinngo Privacy Policy

1. Who We Are — Data Controller

spinngo operates spinngo.win, an online gaming platform serving players primarily in Malaysia. For the purposes of this Privacy Policy, spinngo acts as the data controller in respect of personal data collected through spinngo.win. All references to "spinngo", "we", "us", or "our" in this document refer to the operating entity of spinngo.win.

Questions regarding this Privacy Policy or your personal data should be directed to spinngo's support team. Contact details are provided in Section 13 of this document.

2. Personal Data We Collect

spinngo collects personal data in the following categories:

spinngo does not intentionally collect Sensitive Personal Data (e.g., racial or ethnic origin, political opinions, health data, biometric data) beyond what is strictly required by applicable law or regulatory authority instructions during identity verification.

3. How We Use Your Personal Data

spinngo uses personal data collected from registered players for the following purposes:

• Account creation and management: To register your Account, verify your identity, and maintain accurate account records;
• Service delivery: To process deposits and withdrawals, credit bonuses, record bets, and make all platform Services available to you;
• Regulatory compliance and fraud prevention: To satisfy anti-money laundering (AML) obligations, verify age eligibility (21+), comply with Know Your Customer (KYC) requirements, and detect or prevent prohibited or fraudulent conduct;
• Responsible gaming: To monitor gaming activity for indicators of problem gambling, enforce deposit limits and self-exclusion requests, and contact players where concern thresholds are triggered;
• Customer support: To respond to enquiries, resolve disputes, and provide technical assistance;
• Marketing communications: To send promotional offers, bonus notifications, and platform updates — but only where you have provided valid consent, and subject to your right to opt out at any time;
• Platform improvement: To analyse aggregate usage patterns, test new features, and improve the security and performance of spinngo.win;
• Legal and regulatory obligations: To retain records required by applicable gaming authority, financial regulation, or Malaysian law, and to respond to lawful requests from governmental bodies.

4. Legal Basis for Processing

spinngo processes your personal data on the following legal grounds:

• Contractual necessity: Processing required to fulfil our obligations under the Account agreement — including operating your Wallet, processing transactions, and delivering gaming Services;
• Legal obligation: Processing required to comply with AML regulations, KYC requirements, gaming licence conditions, and data retention laws applicable to spinngo's operation;
• Legitimate interests: Processing necessary for fraud detection, platform security, customer support quality assurance, and responsible gaming monitoring — where these interests are not overridden by your privacy rights;
• Consent: Processing for direct marketing communications, optional analytics, and non-essential cookie categories — where your specific consent has been obtained and remains in effect.

5. Data Sharing & Disclosure

5.1 spinngo does not sell, rent, or trade your personal data to any third party for their own marketing purposes.

5.2 spinngo may share your personal data with the following categories of recipients, strictly on a need-to-know basis:

• Payment processors and eWallet providers (e.g., Touch n Go, Boost, FPX gateway operators, card-acquiring banks) — to process your deposits and withdrawals;
• Game content providers — to facilitate your access to licensed slot, live casino, and other game products hosted through spinngo; your data shared is limited to session tokens and bet confirmations;
• Identity verification and KYC service providers — to verify your identity against Malaysian IC records or international document databases;
• Regulatory and law enforcement authorities — where disclosure is required by law, court order, or a valid request from a competent gaming regulatory authority;
• Fraud prevention and security partners — to detect and prevent fraudulent transactions and account compromises;
• IT infrastructure and cloud service providers — that host or support the technical operation of spinngo.win, operating under contractual data processing obligations.

5.3 All third-party data processors engaged by spinngo are required to maintain appropriate technical and organisational security measures and process personal data only in accordance with spinngo's written instructions.

6. Cookies & Tracking Technologies

6.1 spinngo.win uses cookies and similar tracking technologies to operate the platform, maintain session state, and gather anonymised usage analytics. The following cookie categories are used:

• Strictly necessary cookies: Required for login session management, Wallet balance synchronisation, and platform security. These cannot be disabled without impairing core functionality;
• Functional cookies: Remember your language preference, display settings, and responsible gaming configurations;
• Analytics cookies: Collect anonymised data on page performance, feature usage, and error rates to help spinngo improve the platform. Activated only with your consent;
• Marketing cookies: Track session origin and promotional campaign attribution. Used only with your specific consent.

6.2 You may manage non-essential cookie preferences through your browser settings. Blocking strictly necessary cookies will prevent you from logging in to spinngo. spinngo does not use third-party advertising networks or cross-site tracking technologies for purposes unrelated to platform operation.

7. Data Retention

7.1 spinngo retains personal data for as long as necessary to fulfil the purposes described in this Privacy Policy, subject to the following retention guidelines:

• Active Account data: Retained for the duration of the Account relationship plus a minimum of 5 years following Account closure, in compliance with AML and gaming regulatory requirements;
• Transaction and gaming history: Retained for a minimum of 5 years following each transaction, as required by applicable financial and gaming regulations;
• KYC and identity documents: Retained for a minimum of 5 years following Account closure or the date the document was submitted, whichever is later;
• Support communications: Retained for up to 3 years following resolution of the relevant query or dispute;
• Marketing consent records: Retained for the period of consent plus 2 years following withdrawal of consent, as an audit record;
• Technical logs: Retained for up to 12 months unless an active security investigation requires longer retention.

7.2 Where data is no longer required for the purposes for which it was collected and no legal retention obligation applies, spinngo will securely delete or anonymise it.

8. Your Data Rights

Subject to applicable law, you may exercise the following rights in respect of your personal data held by spinngo:

• Right of access: Request a copy of the personal data spinngo holds about you;
• Right to rectification: Request correction of inaccurate or incomplete personal data;
• Right to erasure: Request deletion of your personal data where it is no longer required for the purposes for which it was collected, subject to our legal retention obligations;
• Right to restriction: Request that we restrict processing of your personal data in certain circumstances while a dispute or correction request is resolved;
• Right to data portability: Request a machine-readable copy of personal data you have provided to us, where processing is based on consent or contract;
• Right to withdraw consent: Where processing is based on consent, withdraw that consent at any time by updating your Account preferences or contacting support. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal;
• Right to object: Object to processing carried out on the basis of legitimate interests, including direct marketing, where your personal circumstances give grounds for objection.

To exercise any of these rights, contact spinngo's support team via Live Chat or the email address listed in Section 13. Requests will be acknowledged within 5 business days and resolved within 30 calendar days, or such other timeframe as required by applicable law.

9. Data Security

9.1 spinngo implements appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration, or disclosure. These measures include:

• 256-bit SSL/TLS encryption on all data transmission between your device and spinngo's servers;
• Industry-standard bcrypt password hashing — plaintext passwords are never stored;
• Two-factor authentication (2FA) available as an additional login security layer for all Player Accounts;
• Automated intrusion detection systems monitoring for unusual access patterns;
• Restricted internal access to personal data on a role-based, need-to-know basis;
• Regular security assessments and penetration testing of the spinngo platform infrastructure.

9.2 While spinngo takes data security seriously, no internet-based system can guarantee absolute security. You are responsible for maintaining the confidentiality of your Account credentials and for notifying spinngo immediately if you suspect your Account has been compromised.

9.3 In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, spinngo will notify affected individuals in accordance with applicable notification obligations.

10. Children's Privacy

spinngo's Services are strictly for individuals aged 21 and above. spinngo does not knowingly collect personal data from persons under the age of 21. If we become aware that a person under 21 has provided personal data in connection with a registered Account, that Account will be immediately suspended, all associated data reviewed, and the account permanently closed. Any funds held will be handled in accordance with applicable regulatory guidance.

If you believe that a person under the age of 21 has registered an Account on spinngo.win, please contact our support team immediately via Live Chat.

11. International Data Transfers

11.1 spinngo primarily processes and stores personal data within server infrastructure serving the Asia-Pacific region. In circumstances where personal data is transferred to service providers or sub-processors located outside Malaysia — for example, international KYC verification providers or cloud infrastructure partners — spinngo ensures such transfers are subject to appropriate safeguards, which may include:

• Standard contractual clauses ensuring the recipient provides a level of data protection equivalent to that applicable in Malaysia;
• Adequacy decisions by relevant authorities in respect of the destination jurisdiction;
• Binding corporate rules or equivalent frameworks where applicable.

11.2 You may request further information about the international transfer safeguards applicable to your specific data by contacting spinngo's support team.

12. Changes to This Privacy Policy

12.1 spinngo may update this Privacy Policy from time to time to reflect changes in our data practices, platform features, or applicable legal requirements. The current version of this Privacy Policy will always be accessible at spinngo.win/privacy-policy, together with the effective date.

12.2 Where changes to this Privacy Policy are material — for example, a change to the categories of data we collect, the purposes for which we use it, or the third parties with whom we share it — spinngo will notify registered Players via the email address or mobile number associated with their Account prior to the changes taking effect.

12.3 Your continued use of spinngo.win following a notified change to this Privacy Policy constitutes your acknowledgement of the updated terms. If you do not accept the revised Privacy Policy, you must cease using the platform and may request Account closure in accordance with the Terms & Conditions.

13. How to Contact Us

For any questions, requests, or concerns relating to this Privacy Policy or the handling of your personal data, please contact the spinngo team through the following channels:

• Email: [email protected] (plain text — not a clickable link)
• Live Chat: Available 24/7 at spinngo.win — the fastest route for urgent data queries
• WhatsApp: Available to verified Players after login at spinngo.win

spinngo aims to acknowledge all privacy-related written requests within 2 business days. Substantive responses to data rights requests will be provided within 30 calendar days of receipt of a valid, verified request.

If you are not satisfied with spinngo's response to a privacy concern, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.