Privacy Policy

1. Introduction

Sweet Bonanza ("we," "us," or "our") is the data controller responsible for your personal information. This Privacy Policy explains what data we collect, how we use it, and your rights under applicable law. By using our platform, you acknowledge that you have read and understood this policy. We are licensed and regulated by the Malta Gaming Authority (MGA).

2. Information We Collect

We may collect the following categories of data:

  • Personal data: full name, date of birth, email address, residential address, and government-issued ID documents.
  • Financial data: payment card details, bank account information, and transaction history.
  • Technical data: IP address, browser type, device identifiers, operating system, and session logs.
  • Cookie data: browsing behavior and preferences gathered through cookies and similar technologies.

3. How We Use Your Information

Your data is used for the following purposes: creating and managing your account; processing deposits and withdrawals; complying with legal and regulatory obligations; detecting and preventing fraud, money laundering, and other prohibited activities; and sending you service-related communications. Marketing messages are only sent where you have given consent, and you may opt out at any time via your account settings or by contacting us.

4. Legal Basis for Processing

As we operate under MGA licensing and serve international players including those in the United States, we process your data on the following legal grounds: performance of a contract (account management and payments); compliance with legal obligations (KYC and AML requirements); legitimate interests (fraud prevention and platform security); and your explicit consent where applicable (marketing communications).

5. Data Sharing

We do not sell your personal data to third parties. We may share information with payment processors and banking partners to facilitate transactions; identity verification (KYC) service providers; regulatory authorities and law enforcement when legally required; and technology service providers who support our platform operations. All third parties are contractually bound to handle your data securely.

6. Data Retention

We retain personal data for as long as your account is active and for a minimum of five years following account closure, in accordance with anti-money laundering regulations. Financial records may be kept longer where required by law. When data is no longer needed, it is securely deleted or anonymized.

7. Your Rights

Depending on your location, you may have the right to: access a copy of the personal data we hold about you; request correction of inaccurate information; request deletion of your data where no legal obligation requires us to retain it; data portability in a machine-readable format; and object to processing based on legitimate interests. To exercise any of these rights, contact us at [email protected].

8. Cookies

We use cookies and similar tracking technologies to enhance your experience and analyze platform usage. For detailed information about the types of cookies we use and how to manage them, please refer to our separate Cookie Policy available on the website.

9. Security

We protect your data using industry-standard encryption (SSL/TLS) for all data transmissions. Our servers are hosted in secure, access-controlled environments. Staff with access to personal data receive regular training on data protection practices. While we take every reasonable precaution, no system is entirely immune to risk, and we encourage you to use a strong, unique password for your account.

10. Contact & Updates

For any privacy-related questions or requests, please contact us at [email protected]. We may update this policy periodically to reflect changes in law or our practices. When significant changes are made, we will notify you via email or a notice on the platform. The date of the most recent update appears at the bottom of this page.