Lucky Star Privacy Policy

The platform may collect the following categories of information when a user creates an account or uses online services:

• Identification data: full name, date of birth, gender, place of residence, copies of identification documents (for example, PAN card, Aadhaar, passport, driving licence, utility bill).
• Contact details: email address, mobile number, postal address, contact preferences.
• Account data: username, encrypted password, security questions, language settings, responsible gaming preferences.
• Transaction information: deposits, withdrawals, betting history, game activity, bonus usage.
• Payment information: limited card or bank details as required for processing through approved payment service providers.
• Technical data: IP address, device identifiers, browser type, operating system, access times, and online activity logs on the website.

Personal data is collected and processed for specific, legitimate purposes, which include:

• Creating, managing, and maintaining user accounts.
• Verifying identity and age to comply with legal and responsible gaming requirements.
• Processing deposits, withdrawals, and other financial transactions.
• Preventing fraud, money laundering, unauthorised access, and misuse of services.
• Providing customer support and responding to user queries.
• Fulfilling legal, regulatory, and taxation obligations applicable in India or other relevant jurisdictions.
• Improving website functionality, user experience, and service quality through analytics.

To protect personal data, the operator maintains appropriate technical and organisational safeguards, such as:

• Encryption of data in transit using industry-standard secure socket layer (SSL) or equivalent protocols.
• Secure storage of information on controlled servers and infrastructure with restricted access.
• Role-based access controls so that only authorised personnel can handle specific categories of personal information.
• Regular monitoring, logging, and security reviews of systems and online services.
• Internal policies on data confidentiality, staff training, and incident response.

While all reasonable precautions are taken to protect information, no system can guarantee absolute security. Users are responsible for keeping their login credentials confidential and for notifying customer support promptly of any suspected compromise of their account.

The processing of personal information complies with applicable Indian data protection principles, including those under the Information Technology Act, 2000, allied rules on reasonable security practices, and any other binding local norms. To the extent relevant, the platform also aligns its practices with international standards such as the General Data Protection Regulation (GDPR) for users whose data may be processed in the European Economic Area.

Subject to verification and applicable law, users have the right to:

• Request access to personal data held about them.
• Request correction of inaccurate, incomplete, or outdated information.
• Request deletion or anonymisation of personal data where it is no longer required for lawful purposes.
• Object to or restrict certain processing activities, including direct marketing, where permitted.
• Withdraw consent for specific processing, where the legal basis is consent, without affecting past lawful processing.

The operator may use personal data for:

• Account creation, management, and authentication of users.
• Processing deposits, bets, wins, withdrawals, and other account-related transactions.
• Providing, operating, and maintaining gaming and betting services.
• Offering customer assistance, handling complaints, and resolving disputes.
• Monitoring compliance with terms and conditions, responsible gaming limits, and legal requirements.

To improve the quality and reliability of online services, the operator may:

• Analyse aggregated and pseudonymised data about gameplay, betting patterns, and website navigation.
• Assess performance of systems, detect errors, and enhance user interface.
• Develop new features and improve existing games, markets, and tools.

Analytics are performed in line with applicable law and, where practical, data is de-identified or aggregated to limit any direct link to a particular user.

Subject to applicable consent requirements, the operator may use contact information for:

• Sending service-related notifications such as account updates, security alerts, and policy changes.
• Providing information on gaming or sports events, promotions, or bonuses that may be of interest to the user.

Users may opt out of non-essential marketing communication at any time through account settings or by using the unsubscribe instructions in any message, while still receiving necessary transactional or legal notices.

Personal information may be processed to:

• Comply with anti-money laundering, counter-terrorist financing, and know-your-customer obligations.
• Cooperate with competent authorities, regulators, courts, and law enforcement where legally required.
• Prevent fraud, unauthorised use of accounts, and security breaches.

• The website and related services are not directed to persons under 18 years of age.
• Registration, deposits, or participation in any real-money gaming or betting activity is strictly limited to individuals aged 18 years or above, or higher where local law requires.

During account verification, the operator may request proof of age, such as government-issued identification. Until satisfactory proof is provided, access to some or all services may be restricted.

The operator cannot independently verify the age of all visitors to the websites without appropriate documentation. To minimise the risk of minors accessing the services:

• Users are asked to provide accurate and truthful registration information.
• Parents and guardians are encouraged to monitor use of devices and internet access.

If it is discovered that a minor has created an account or provided personal data, steps will be taken to address this.

If a parent or legal guardian believes that a child under 18 has registered or used the services:

• The guardian should contact customer support or the privacy contact as soon as possible and provide adequate proof of guardianship and identity.
• After verification, the operator will promptly:
  • Suspend or close the account associated with the minor.
  • Cancel any pending bets or transactions as required by law and policy.
  • Arrange for deletion or anonymisation of personal data of the minor, except where retention is legally required for fraud or misuse investigations.

Data may be transferred to:

• Group entities or affiliates supporting gaming, betting, customer support, risk management, or technical operations.
• External service providers offering hosting, cloud storage, security, analytics, marketing, payment processing, and other outsourced services.
• Partners assisting in regulatory, compliance, or dispute resolution processes.

These entities may be located in jurisdictions where data protection laws differ from those applicable in India.

By using the website, creating an account, or providing personal data, users acknowledge and consent, where required, to:

• The transfer of their information to countries outside India.
• The processing of such data by entities acting on behalf of the operator, subject to contractual and legal safeguards.

Where required, appropriate mechanisms such as contractual clauses, intra-group agreements, or equivalent safeguards are used to help protect transferred data.

All agents, partners, and affiliates handling personal information are required to:

• Maintain confidentiality and use the data only for specified purposes.
• Apply appropriate technical and organisational measures for data protection.
• Comply with contractual obligations and relevant data protection standards.

Regular due diligence and oversight are conducted to help ensure that third parties maintain adequate security and privacy practices.

• The Privacy Policy is a binding document that governs the collection, processing, and use of personal data when using the services.
• The legal disclaimer clarifies that some rights and obligations may be limited or adapted as permitted by applicable law to create a defined legal framework for the services.
• In case of conflict between this Privacy Policy and mandatory legal provisions in a relevant jurisdiction, such legal provisions prevail to the extent of the inconsistency.

The legal disclaimer applies from the moment a user indicates acceptance of the Privacy Policy, which may occur through:

• Online registration or account creation, where the user ticks a box or otherwise confirms agreement.
• Continued use of the website or services after publication of this document or any updated version, where permitted by law.
• Any form of signing, ratification, or joining of the agreement, including electronic acceptance.

By accepting the Privacy Policy in any of these ways, the user acknowledges that:

• They have read and understood the terms on handling of personal information.
• They agree that their data may be processed in accordance with this document and applicable law.
• Certain limitations of liability and specific rules on data handling, as described here, form part of the legal relationship between the user and the operator.

Cookies are small text files stored on a user’s device by the browser when visiting websites. These files help recognise the device, store certain preferences, and understand how online services are used.

The Lucky Star platform may use cookies and similar tools for the following purposes:

• Essential operation:
• Enabling login, session management, and basic security features.
• Remembering selections in forms and user interface settings.

Statistics and analytics:

• Measuring website traffic, page visits, and interaction patterns.
• Analysing aggregated information to improve layout, navigation, and content.

Behavioural analysis and personalisation:

• Remembering language preferences and local settings.
• Showing content or features tailored to user interests, subject to consent where required.

Performance and security:

• Monitoring technical performance and detecting unusual activity.
• Supporting load balancing and protection against misuse.

• Cookies used for the purposes described above are generally stored for up to 1 year, unless a shorter or longer duration is permitted or required for specific technical reasons.
• Users can manage cookie preferences through browser settings, including blocking or deleting cookies. Doing so may affect access to certain parts of the website or reduce the quality of user experience.

Where required by law, non-essential cookies will only be placed after the user has provided consent through the cookie banner or similar mechanism.

• External websites and services accessed through outgoing links are not operated or controlled by the operator.
• Each such site or service has its own privacy policy, terms of use, and data handling rules.
• The operator is not responsible or liable for collection, processing, storage, or use of personal information by these independent third parties.

Before submitting any personal data or carrying out transactions on third-party websites, users are advised to:

• Review the privacy policy, cookie policy, and terms applicable on that site.
• Assess security indicators, such as secure connections and trusted payment methods.

Use of external websites is entirely at the user’s discretion and risk. This Privacy Policy applies only to personal information collected through the official Lucky Star website and related online services managed by the operator.