Privacy and Personal Data Protection Policy

Identification and contact data

During the account registration process, we collect information necessary to manage your user profile, such as full name, email address, active phone number, and exact date of birth. Age verification is a strict legal requirement – access to the platform is allowed only for individuals over 18 years of age. This data allows us to create a secure profile and ensure authorized access to the service's resources.

Technical data and system logs

We automatically register data such as IP address, device type, operating system, browser version, and unique hardware identifiers. This information is critical for monitoring platform stability, preventing cyberattacks, and optimizing content display according to the technical specifications of the end-user's device.

Activity and transaction data

We process information about how the service is used, login sessions, and the status of technical operations performed. For services requiring billing, we process payment status data, with detailed payment data usually isolated and handled by certified third-party entities to ensure the highest level of financial information protection.

Data processing processes at Frumzi Casino are based on the following legal foundations arising from GDPR:

• Performance of a contract: When data is necessary to provide services requested by the user within the terms and conditions.
• Legal obligation: When Polish regulations impose on the administrator the obligation to verify identity, age, or report specific events.
• Legitimate interest: To ensure network cybersecurity, detect fraud, and improve the platform's analytical tools.
• User consent: For voluntary additional services, such as subscribing to marketing notifications.

We use the collected data solely for:

• Proper management of your account and verification of access rights.
• Providing efficient technical support and resolving operational issues reported by the user.
• Analyzing service performance to introduce ergonomic improvements and code optimization.
• Protection against cyber threats and actions that undermine system stability.
• Meeting regulatory requirements regarding operational transparency in Poland.
• Managing communication regarding technical updates and significant changes in regulations.

We store personal data only for the period necessary to fulfill the purposes for which it was collected, or for the time required by Polish law (e.g., tax obligations or statute of limitations for claims). After this period, the data is permanently and securely deleted from our servers or subjected to an anonymization process that prevents re-attributing the information to a specific individual.

We never sell or rent our users' data to commercial entities. Information may only be transferred to trusted technical service providers (e.g., server operators, cybersecurity companies) who act on our behalf based on data processing agreements. In situations provided for by law, we may be obligated to disclose data to Polish law enforcement agencies or other authorized state institutions.

Most processing operations take place within the European Economic Area. In cases where our technical partners are located outside the EEA, we apply appropriate legal safeguards, such as Standard Contractual Clauses approved by the European Commission, to guarantee a level of data protection compliant with GDPR standards.

We use advanced solutions to protect data against loss, unauthorized access, or modification:

• Encryption of connections using SSL/TLS technology.
• Intrusion detection systems and advanced firewalls.
• Strict access control for technical personnel, based on the principle of least privilege.
• Regular security audits of IT infrastructure.

Every platform user has the right to:

• The right to access their data and receive a copy of it.
• The right to rectify incorrect information.
• The right to erasure of data ("right to be forgotten").
• The right to restrict data processing in certain cases.
• The right to data portability to another controller.
• The right to object to processing based on legitimate interest.

To exercise your rights or obtain additional clarification, please contact us at: [email protected]. We treat every request as a priority and respond to them within the timeframes provided by Polish law.

This policy is regularly reviewed and updated to adapt to changes in law and technology. All changes will be published in this section, allowing users constant insight into how their information is managed.