Introduction

Ace365 operates the services available to players and visitors through the Ace365 platform. This Privacy Policy explains how Ace365 collects, uses, stores, and discloses personal data in connection with the Ace365 Services and related activities. It applies to all individuals whose data Ace365 processes in relation to the Services, including customers, account holders, and site visitors. By using the Services, you acknowledge and consent to the practices described in this Policy. If you do not agree with these practices, please discontinue use of the Services.

Data We Collect

  • Personal identifiers and contact details: name, date of birth, postal address, email address, telephone number, and username.
  • Account and authentication data: credentials, activity history within the Services, and security-related data required to protect your account.
  • Identity verification and payment data: copies or images of identification documents, payment instrument details, bank account data, verification outcomes, and transaction records.
  • Usage and device data: IP address, device identifiers, browser type and version, operating system, pages visited, timestamps, referral sources, and other log information generated by your use of the Services.
  • Marketing and communications preferences: consent statuses for newsletters and marketing communications, and records of responses.
  • Loyalty, bonuses and promotions data: points, status levels, cashback balances, and bonus eligibility.
  • Biometric authentication data: if you enable device-based biometric login, Ace365 does not access raw biometric data; only the authentication result provided by your device is transmitted to Ace365 for login verification.

Purposes and Legal Bases for Processing

We process personal data for the purposes described below and rely on the corresponding legal bases:

  • To operate and administer the Services: necessary for the performance of the contract between you and Ace365.
  • Payments processing and financial compliance: necessary for the performance of the contract; legitimate interest in secure and efficient payment handling.
  • Account management, customer support and service administration: necessary for the performance of the contract or legitimate interests.
  • Fraud prevention, security and risk management: legitimate interest in protecting Ace365, its customers, and the integrity of the Services.
  • Legal and regulatory compliance: compliance with applicable laws and regulatory obligations (e.g., anti-money laundering and gaming regulations).
  • Operations, analytics and service improvement: legitimate interests in understanding usage patterns and enhancing the Services.
  • Marketing communications: consent where required by law and legitimate interest in informing you about updates, promotions, and events that may interest you.

Cookies and Tracking Technologies

Ace365 uses cookies and similar technologies to distinguish visitors, optimize the Services, and understand usage trends. We classify cookies as essential, functional, analytics and marketing. Cookies support authentication, security, performance, analytics, and personalized experiences. You may manage cookies through browser or device settings. Disabling cookies may limit certain features of the Services.

Data Sharing and International Transfers

We may disclose personal data to:

  • Service providers that perform services on our behalf (for example, payment processing, hosting, security, customer support, and marketing).
  • Affiliates and related entities as necessary to provide the Services.
  • Regulatory or law enforcement authorities when required by law or to protect our rights.

Where data is transferred outside your jurisdiction, Ace365 implements safeguards such as appropriate contractual clauses or other legally recognized transfer mechanisms to protect personal data in accordance with applicable data protection laws. International transfers are conducted only with appropriate safeguards and in compliance with legal requirements.

Data Retention and Deletion

Ace365 retains personal data for as long as necessary to provide the Services and to meet legal and regulatory obligations. Account data is retained for a minimum of six (6) years following termination of the contractual relationship or account closure, unless a longer retention period is required by law. Support transcripts and related communications are retained for up to twelve (12) months, unless a longer period is required by law. De-identified or aggregated data may be retained indefinitely for analytic purposes.

Data Security

Ace365 implements reasonable technical and organizational measures to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration or destruction. These measures include access controls, encryption in transit and at rest where feasible, routine security testing, monitoring, and staff training. While no system guarantees absolute security, Ace365 maintains robust safeguards and promptly addresses identified vulnerabilities.

Sharing of Personal Data with Third Parties

We may share personal data with:

  • Subcontractors, affiliates and other entities essential to delivering the Services, bound by written data protection agreements and subject to applicable law.
  • Financial institutions, payment processors, and other service providers required to process transactions and support regulatory obligations.
  • Auditors, accredited bodies or authorities as required by law or regulation.
  • Analytics and optimization partners to help improve the Services; data shared with these providers is restricted to what is necessary for their services.

Your Rights

Under applicable law, you have rights including:

  • Right of access to obtain a copy of your personal data.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure, subject to applicable exceptions.
  • Right to restrict processing in certain circumstances.
  • Right to data portability in a structured, machine-readable format.
  • Right to object to processing, including for direct marketing.
  • Right to withdraw consent where processing is based on consent.
  • Right to obtain human review of automated decisions that significantly affect you, if applicable.

To exercise any right, contact Ace365 Privacy Team at [email protected]. Identity verification may be required, and we will respond within the timeframes set by applicable law.

Marketing Communications

You may opt out of marketing communications at any time by using the unsubscribe option in the message or by contacting [email protected]. We will implement your opt-out promptly. Transactions and essential service communications are not affected by opt-out choices.

Automated Decisions and Profiling

Ace365 does not rely solely on automated decision-making with legal effects or with similar significance to you. Where automated processing occurs for security or fraud detection, you may request human review of a decision.

Third-Party Services and Social Networks

The Services may integrate with third-party services and social networks. Data collected by these providers is governed by their own privacy policies. Ace365 requires such providers to process data in accordance with applicable privacy laws and only to the extent necessary to deliver the Services.

Children and Age Restrictions

The Services are not directed at individuals under 18 years of age. By using the Services, you confirm you are at least 18 or the minimum age applicable in your jurisdiction. If you become aware of data relating to a minor, contact Ace365 promptly so we can take appropriate action in compliance with law.

Responsible Gaming and Self-Exclusion

Ace365 is committed to responsible gaming. You may set session timeouts, spending limits, and self-exclusion periods through your account settings or by contacting Support. If you or someone you know may be at risk, seek assistance from local professional resources. We will honor legally valid self-exclusion requests and provide information on available support channels within your jurisdiction.

Policy Changes

We may update this Privacy Policy from time to time. When material changes occur, we will provide notice through the Services or another appropriate method. Your continued use of the Services after changes constitutes acceptance of the revised Policy.

Contact Us

For questions about this Privacy Policy or to exercise your rights, contact Ace365 Privacy Team at [email protected]. You may also reach us through other official channels published in the Services.