Privacy

Privacy Policy

This Privacy Policy outlines how Twocent Technology Limited ("{host}," "we," "our," or "us") collects, uses, stores, discloses, and protects your personal information when you access our website https://{host}{" "} and any related services ("Services"). {host} is operated by Twocent Technology Limited, a company registered in Belize under company registration number 000041939, with its registered address at Sea Urchin Street, San Pedro, Ambergris Caye, Belize. {host} is licensed and regulated by the Government of the Autonomous Island of Anjouan, Union of Comoros, operating under License No. ALSI-202410011-FI1.

We are committed to protecting your privacy and ensuring that your personal information is processed in accordance with applicable privacy laws, including General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant regulations.

1. Legal Basis for Processing

{host} processes personal data under the following lawful bases:

Performance of a Contract - To provide our services as agreed when you create an account and use {host}.
Legitimate Interest - To enhance user experience, provide security, prevent fraud, and improve our services.
User Consent - Where required by law, we obtain your consent before processing certain data.
Compliance with Legal Obligations - To fulfil our regulatory, tax, or anti-money laundering (AML) obligations.

2. Information We Collect

We collect and process the following types of personal data:

Account Information: {host} ID, email address, username, age, account status.
Contact Information: Full name, email, phone number, physical address.
Device Information: IP address, device ID, operating system, browser type.
Financial Information: Payment methods, transaction history, deposit and withdrawal records.
Location Data: Approximate or precise geolocation data.
Government-Issued ID Data: Collected where required for Know-Your-Customer (KYC) verification.
Usage Data: Interaction with our platform, game play history, browsing activities.
Fraud Prevention Data: Device trust scores, suspicious activity monitoring, and transaction analysis.
Marketing Preferences: Communication preferences for promotional offers and campaigns.

We do not collect or process sensitive personal data (e.g., race, religion, sexual orientation) unless legally required and with your explicit consent.

3. How We Use Your Personal Data

We use the information collected for the following purposes:

Providing and maintaining our services
Verifying identity and ensuring security
Processing payments and transactions
Enhancing user experience and improving services
Preventing fraud and illegal activities
Complying with regulatory requirements (e.g., AML, tax reporting)
Conducting marketing and promotional activities
Personalizing advertising and user recommendations
Responding to customer support inquiries
Enforcing our Terms of Service and other applicable policies
Processing applications for VIP programs, promotions, or rewards

4. International Data Transfers

As {host} operates globally, your personal data may be transferred outside your country of residence, including to countries that may not have the same level of data protection laws. We implement appropriate safeguards, including Standard Contractual Clauses (SCCs) and Data Processing Agreements (DPAs), to ensure compliance with applicable privacy regulations.

5. Data Retention

We retain personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal requirements, resolve disputes, and enforce our agreements. Retention periods include:

User account data - Retained as long as the account remains active.
Transaction records - Retained for up to seven (7) years for regulatory and tax compliance.
Marketing preferences - Retained until you opt out.
Fraud prevention data - Retained for up to five (5) years for security monitoring.

After these periods, data will be deleted or anonymized, except where further retention is legally required.

6. Your Rights

Depending on your jurisdiction, you have the following rights regarding your personal data:

Right to Access - Request a copy of your personal data.
Right to Rectification - Correct inaccurate or incomplete data.
Right to Erasure ('Right to Be Forgotten') - Request deletion of your data when legally applicable.
Right to Restrict Processing - Request limited use of your data under certain conditions.
Right to Object to Processing - Opt out of marketing and certain data processing activities.
Right to Data Portability - Receive your data in a structured format for transfer to another service provider.
Right to Lodge a Complaint - Contact a data protection authority if you believe your rights have been violated.

7. Security Measures

{host} employs a comprehensive set of security measures to safeguard personal data, including:

SSL encryption to protect data in transit.
Multi-factor authentication (MFA) to enhance account security.
Access control policies ensuring only authorized personnel can access sensitive data.
Regular third-party security audits to identify vulnerabilities and maintain compliance.
Breach Notification Policy - In case of a security breach, {host} will notify affected users and relevant regulatory authorities in accordance with applicable laws.
Compliance with Security Standards - {host} adheres to industry-recognized frameworks, including ISO 27001 and SOC 2, to ensure the highest level of data protection.
Employee Training & Internal Security Policies - Staff handling user data undergo security awareness training and must comply with strict internal security protocols.

8. Children’s Privacy

{host} does not permit users under the age of 18 to register or access services. If we discover that a minor has provided personal data, we will delete such data promptly.

9. Sharing Your Data

{host} may share your personal data under the following circumstances:

With affiliated companies within the {host} corporate group.
With service providers (e.g., payment processors, cloud hosting, KYC verification providers).
With regulatory authorities, if legally required.
With fraud prevention and cybersecurity firms to detect suspicious activity.
If required due to mergers, acquisitions, or business restructuring.

We do not sell or rent personal data to third parties for marketing purposes.

10. Direct Marketing & Opt-Out

We may use your personal data for direct marketing. You can opt out of receiving marketing communications at any time by:

Clicking the ‘unsubscribe’ link in marketing emails.
Updating preferences in your account settings.

11. Supervisor Authority & Complaints

f you are located in the European Economic Area (EEA) or other jurisdictions with data protection authorities, you have the right to lodge a complaint with the appropriate supervisory authority.

12. Updates to this Privacy Policy

{host} reserves the right to update this Privacy Policy periodically. The latest version will always be available at https://{host}/privacy. Significant updates will be notified via email or in-platform notifications.

By continuing to use our services, you agree to the terms of the latest Privacy Policy.