PLAY

Privacy Policy

1. Introduction

Novoloto OÜ (referred to hereafter as the “Company”) routinely collects and manages personal information to securely operate Fenix Casino. For visitors looking to discover more About us, our primary mission is to serve as a trustworthy operator that rigorously defends player privacy while complying with all European data protection mandates. This overview outlines how your information is handled, the fundamental rights you hold, and the proper channels for communication.

1.1 Scope of Application

These guidelines apply exclusively to the automated and physical processing of personal information belonging to Fenix Casino patrons. We operate strictly under the General Data Protection Regulation (GDPR) alongside local Estonian legislative requirements.

2. General Provisions and Corporate Framework

2.1. The Company is legally registered as Novoloto OÜ (Registry Code: 10159983), located at J. Vilmsi 59, 10115 Tallinn, and operates as a subsidiary of the Novomatic AG group.

2.2. Depending on the specific business function, the Company may act as a data controller, an instructed processor, or a lawful recipient of information.

2.3. The mandates detailed within this Privacy Policy are absolutely binding for all internal staff and external partners handling corporate information.

2.4. We retain the right to systematically update these processing rules. Users will be notified of significant changes; disagreement with these updates will require the termination of Fenix Casino services.

3. Core Principles of Processing

3.1. The fundamental freedoms and legal interests of our players dictate every processing decision we make.

3.2. We ensure full accountability, maintaining constant readiness to demonstrate our adherence to legal standards.

3.3. Every action taken by the Company relies on the following pillars:

  • Lawfulness & Fairness: Data is processed only with a valid legal basis and transparent operations.

  • Purpose Limitation & Minimization: We extract only the specific details required for a stated operational goal.

  • Accuracy: We proactively rectify flawed or outdated records.

  • Storage Limitation: Identifiable metrics are securely erased once their operational lifespan concludes.

  • Integrity: We implement high-level encryption to defend against unauthorized access.

  • Default Protection: Whether accessing the platform via a desktop browser or a mobile App, privacy safeguards are natively built into our software infrastructure.

3.4. For a deeper understanding of our compliance framework, patrons may contact our dedicated oversight officer.

3.5. Information is never repurposed outside of defined statutory or business procedures.

4. Composition of Collected Information

4.1. An exhaustive inventory of processed elements is maintained in our corporate registry.

4.2. We build player profiles using:

  • Details voluntarily provided by the user.

  • Organic footprints generated during normal Fenix Casino interactions.

  • Digital metrics captured during website navigation.

  • Legally obtained insights from third-party verification networks.

  • Internal historical records, such as customer support logs.

5. Data Categories, Legal Bases, and Operational Purposes

5.1. Granular specifics regarding our data handling methods are available in our official processing registry.

5.2. We operate exclusively on lawful foundations: explicit consent, contractual requirements, vital interests, or legitimate corporate interests.

5.3. Consent is always gathered through clear, affirmative actions and can be withdrawn freely.

5.4. We process data to fulfill our agreements, which includes the enforcement of our general Terms and Conditions.

5.5. Categorized Player Data:

  • Registration & Identity: Names, birth dates, ID scans, and residency proofs.

  • AML Metrics: Source of wealth, occupation, and background screening results.

  • Gameplay & Financials: Bet histories, banking details, IP addresses, and transaction timestamps.

  • Marketing & Tech: Device identifiers, cookie metrics, and communication logs.

5.6. Operational Goals: We utilize this data to manage accounts, process financial clearing, offer customer support, and notify users when a special Bonus is credited to their profile.

5.7. Mapping the Legal Grounds:

  • Statutory Duty: Identity verification, AML checks, and gaming logs.

  • Contracts: Financial routing and core website functionality.

  • Consent: Marketing campaigns and non-essential cookies.

  • Legitimate Interest: Anti-fraud monitoring and statistical market analysis.

5.8. Automated Decisions:

  • We use algorithms to calculate financial risk, automatically block restricted users, and verify banking matches.

  • To ensure fair play, automated systems constantly scan for illegal betting scripts or syndicate activity.

  • Users impacted by critical automated compliance blocks maintain the right to demand human review and formally contest the outcome.

5.9. Statutory processing directly fulfills national mandates, including tax reporting.

5.10. Repurposing data requires a stringent compatibility test assessing potential risks and necessary encryption.

6. Third-Party Disclosures

6.1. Fenix Casino shares selected metrics with trusted partners to maintain optimal platform performance.

6.2. Authorized recipients include Novomatic affiliates, IT vendors, payment gateways, and our primary identity verification partner, Veriff OÜ. We also execute mandatory disclosures to law enforcement, tax boards, and the Financial Intelligence Unit.

6.3. We strictly prohibit transferring information outside the European Union unless the destination offers adequate legal protection, explicit consent is obtained, or standard binding corporate rules are applied.

7. Security and Encryption Protocols

7.1. Files are retained only for the exact duration necessitated by law or operational requirements.

7.2. We deploy a robust matrix of technical and organizational firewalls.

7.3. In the event of a breach, rapid mitigation protocols are triggered, and regulatory bodies are immediately notified.

7.4. All web traffic is secured via SSL protocols, and our overarching operational environment holds an ISO/IEC 27001:2022 information security certification.

8. Protection of Minors

8.1. Fenix Casino services are strictly prohibited for underage individuals.

8.2. We absolutely do not harvest information from anyone under the age of 18.

8.3. Should underage data enter our system, it is purged immediately. As a core element of our Responsible Gaming policy, we mandate stringent age verification before granting platform access.

9. Privileges of the Data Subject

9.1. Consent Revocation: You may withdraw marketing or cookie consent at any moment.

9.2. Statutory Rights:

  • Access & Portability: Request a copy of your records or have them transferred to a third party in a machine-readable format.

  • Rectification: Compel us to fix inaccurate details.

  • Erasure: Demand the deletion of information processed strictly on consent.

  • Restriction & Objection: Freeze processing during disputes or object to algorithmic profiling.

  • Compensation: Seek legal damages for unlawful data handling.

10. Executing Rights and Filing Complaints

10.1. To trigger any of your data rights, submit a request to our oversight officer. 10.2. Formal complaints regarding privacy violations can be escalated directly to the Estonian Data Protection Inspectorate (AKI).

  • We guarantee a response to standard inquiries within one month.

  • To prevent fraud, requests must feature a digital signature or require physical ID verification.

11. Internal Governance Documents

11.1. Our data architecture is governed by two main frameworks:

  • A comprehensive processing register detailing every operational purpose.

  • An internal rulebook mandating the cryptographic and organizational safeguards used by our staff.

12. Official Contact Channels

12.1. For all inquiries concerning your information, please contact our Data Protection Officer directly at: compliance@fenix-casino.org.

13. Data Retention Schedules

13.1. Your files are active only until their initial objective is met or statutory limits expire.

13.2. Due to strict Anti-Money Laundering and gaming legislation, we are legally required to store core profile data for 5 years, while financial transaction logs are kept for 7 years. The 5-year regulatory countdown begins ticking precisely from the moment of your final successful Login.

14. Final Provisions

14.1. Fenix Casino retains the unilateral right to amend these guidelines. Significant updates will be communicated directly to users via our digital channels.