Privacy Policy

This Privacy Policy explains how 1Win N.V. (registered in Curaçao, company no. 147039), operating under Curaçao eGaming License 8048/JAZ2018-040, collects, uses, stores, and protects your personal data when you access and use our platform at mobilemoney.com.pk. We are committed to transparency and compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Brazilian General Data Protection Law (LGPD). This policy applies to all players, affiliates, and visitors. Please read it carefully before using our services.

Data Controller and Contact Information

The data controller responsible for your personal information is 1Win N.V., Curaçao. Our payment processing partner is MFI Investments Limited (Cyprus, company no. HE386738). If you have questions about how your data is processed, or wish to exercise your data subject rights, you may contact our support team at our 24/7 customer service desk available in English, Urdu, and Hindi. For data protection inquiries, you may also request contact details for our Data Protection Officer through our support channels.

What Personal Data We Collect

We collect different categories of personal data depending on how you interact with 1Win online. This includes:

Identity data: your full name, date of birth, gender, and nationality
Contact data: email address, phone number, and postal address
Financial data: bank account details, payment card information, wallet addresses (for cryptocurrency), and transaction history
KYC/AML data: government-issued identification documents, proof of address, source of funds declarations, and beneficial ownership information
Technical data: IP address, device type, operating system, browser type, and unique device identifiers
Usage data: your gaming activity, bets placed, wins and losses, login times, and feature preferences
Marketing data: your communication preferences, subscription status, and consent records
Communications data: messages you send to our support team, feedback, and complaint records

How We Collect Your Data

Your personal data is collected through multiple channels:

Directly from you: when you register an account, complete your profile, make deposits or withdrawals, or contact our support team
Automatically: through cookies, pixels, and similar tracking technologies when you browse our platform
From third parties: including payment processors, KYC/AML verification providers, credit reference agencies, fraud prevention services, affiliate networks, and our group companies
From your device: when you use our native Android or iOS applications, we collect device identifiers and usage analytics

Why We Process Your Data

We process your personal data for the following purposes and on the following legal bases:

Purpose: Legal Basis
Account creation, verification, and management: Performance of contract with you
Processing deposits, withdrawals, and payments in PKR and other currencies: Performance of contract; payment processing obligations
Anti-money laundering (AML) and Know Your Customer (KYC) compliance: Legal obligation under Curaçao gaming regulations and international AML standards
Fraud detection and prevention: Legitimate interest in protecting our platform and other players
Responsible gaming monitoring and self-exclusion enforcement: Legal obligation; legitimate interest in player protection
Marketing communications and promotional offers: Your consent; legitimate interest in informing you of relevant services
Platform analytics and service improvement: Legitimate interest in optimizing user experience
Regulatory reporting and licensing compliance: Legal obligation to our gaming regulator
Dispute resolution and complaint handling: Performance of contract; legal obligation

Your personal data may be shared with the following categories of recipients:

Payment processors and financial institutions: to process your deposits and withdrawals
KYC/AML service providers: to verify your identity and conduct compliance checks
Fraud prevention and credit reference agencies: to assess risk and prevent financial crime
Our group companies: for administrative, technical, and compliance purposes
Regulatory authorities and law enforcement: when required by law or licensing conditions
Marketing and affiliate partners: to manage promotional campaigns and referral programs
IT service providers and cloud hosting companies: to maintain and secure our platform
Customer support and communications platforms: to respond to your inquiries
Legal advisors and auditors: to support compliance and governance functions

International Data Transfers

Your personal data may be transferred to, stored in, and processed in countries outside Pakistan, including the European Union, Cyprus, Curaçao, and other jurisdictions where our service providers operate. When we transfer data outside the EEA, we rely on Standard Contractual Clauses (SCCs), adequacy decisions, or your explicit consent to ensure your data receives adequate protection. You acknowledge that data protection laws in these countries may differ from those in Pakistan, but we implement appropriate safeguards to protect your information.

How Long We Keep Your Data

We retain your personal data for the following periods:

Data Category: Retention Period
Account and identity data: For the duration of your account plus 5 years after closure (AML/KYC requirement)
Financial and transaction records: Minimum 5 years after account closure for regulatory compliance
KYC/AML documents: 5–7 years after account closure or as required by law
Marketing and consent records: Until you withdraw consent or request deletion
Technical and usage logs: Typically 12 months, unless required for dispute resolution
Communications and support tickets: 3 years or as required for legal claims

After the retention period expires, we securely delete or anonymize your data unless we are required by law to retain it longer.

Your Data Protection Rights

Depending on your location and applicable law, you may have the following rights regarding your personal data:

Right of access: you may request a copy of the personal data we hold about you
Right of rectification: you may request that we correct inaccurate or incomplete data
Right of erasure: you may request deletion of your data, subject to legal and contractual obligations
Right to restrict processing: you may ask us to limit how we use your data
Right to data portability: you may request your data in a structured, machine-readable format
Right to object: you may object to processing for marketing, profiling, or legitimate interest purposes
Right to withdraw consent: you may withdraw consent for marketing communications at any time
Right not to be subject to solely automated decision-making: you have the right to human review of automated decisions affecting you

To exercise any of these rights, please contact our support team with a clear description of your request and proof of identity. We will respond within 30 days or as required by applicable law.

Cookies and Tracking Technologies

Our platform uses cookies, web beacons, pixels, and similar tracking technologies to enhance your experience, remember your preferences, analyze usage patterns, and deliver targeted marketing. These technologies may collect information about your browsing activity across our site and third-party sites. For detailed information about the types of cookies we use, their purposes, and how to manage your cookie preferences, please refer to our separate Cookie Policy.

Data Security

We implement comprehensive organizational and technical security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include 256-bit SSL/TLS encryption for all data transmissions, two-factor authentication for account access, secure data storage with access controls, regular security audits, and staff training on data protection. However, no security system is completely impenetrable. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your login credentials and account information.

Age Restrictions and Minors

Our services are intended only for individuals aged 18 years or older (or the age of majority in your jurisdiction, whichever is higher). We do not knowingly collect personal data from minors. If we become aware that a minor has provided data to us, we will delete such information promptly. Parents or guardians who believe a minor has registered with us should contact our support team immediately.

Complaints and Supervisory Authority

If you believe we have violated your data protection rights or this Privacy Policy, you may file a complaint with the relevant supervisory authority in your jurisdiction. EU residents may lodge complaints with their national Data Protection Authority. You also have the right to pursue legal remedies through the courts. We encourage you to contact us first to resolve any concerns.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our platform and updating the 'Last Updated' date below. Your continued use of our services following such changes constitutes your acceptance of the revised policy. We recommend reviewing this policy periodically to stay informed about how we protect your data.

Last Updated: January 2025. For more information about our platform and services, please visit 1win online.