LoginRegister

Privacy Policy

Effective from: 10.04.2025.

Last updated: 10.04.2025

Version: 1.0

1.General Information

At www.luckystart.com (hereinafter also "Casino," "website," "we," "us," or "our"), we recognize the importance of protecting your personal information. This Privacy Policy (hereinafter also "Policy") outlines how we and our subsidiaries collect, use, disclose, and safeguard your personal data in compliance with applicable laws, including but not limited to the Personal Information Protection and Electronic Documents Act (PIPEDA) and the General Data Protection Regulation (GDPR).

This Privacy Policy applies to our website (www.luckystart.com), services, and any interaction you have with us.

This website is intended solely for individuals aged 18 and over. We do not knowingly collect personal data from anyone under this age. If we become aware that we have inadvertently collected personal data from a person under 18—particularly due to misuse of our website—we will take appropriate steps to handle such data in accordance with applicable laws.

2. About Us

The website www.luckystart.com is owned and operated by Novatrix SRL (hereinafter also "Company," "website," "we," "us," or "our") that is incorporated under the laws of COSTA RICA with company registration number 3-102-893958 and having its registered address at PROVINCE 03 OF CARTAGO, COUNTY 07 OF OREAMUNO, POTRERO CERRADO, NORTH SIDE OF MANUEL ÁVILA CAMACHO SCHOOL, COSTA RICA. Novatrix SRL is operating under REMOTE GAMBLING LICENSE No. 0000002 issued by Tobique Gaming Commission.

As the owner and operator of the website, we serve as the Data Controller. We hold this role because, within our business relationship with you, we determine how and why your data is processed, as outlined in this Policy.

To ensure that we comply with all legal requirements regarding the processing of your personal information, we have designated a Data Protection Officer (hereinafter also DPO). The DPO is available to address any questions you may have about this Privacy Policy and to assist with any concerns related to your personal data. If you have any questions, wish to exercise your legal rights, or need to file a complaint about the handling of your data, please reach out to our DPO at[email protected].

3. Types of Personal Data, Processing Purposes, Legal Basis, and Data Sources

We collect and process personal data to deliver our services, meet legal requirements, and maintain a safe and secure gaming environment. Personal data includes any information that can identify you directly or indirectly. Below, we outline the types of data we collect, why we process them, the legal basis for doing so, and the sources from which we obtain this data.

4. Categories of data we process:
  • Identity Data: full name, username, date of birth, gender, nationality, and identification numbers (e.g., ID or passport).
  • Contact Details: residential address, documents confirming proof of address, email address, phone number, and other available means of communication.
  • Financial Data: bank account details, payment card information, documents confirming your source of funds or source of wealth (bank statements or proof of income).
  • Transaction Data: details about your deposits, withdrawals, and other financial transactions.
  • Gaming Data: details about the games you play on our website, login/logout times, wagering activity, bonuses claimed, and history of responsible gaming measures.
  • Technical Data: IP address / location data, login information, browser type and version, time zone settings, operating system, platform, and other technology used to access our website.
  • Marketing and Communication Data: your marketing preferences and communications with us.
  • Or other data you provide us during communication.
5. Purposes of Processing and Legal Basis:
  • Service Delivery: managing accounts, processing transactions, verifying identity, responding to queries, and providing access to promotions. For this purpose, we rely on the legal basis of performance of a contract.
  • Compliance with Legal Obligations:adhering to Anti-Money Laundering (AML) laws, conducting Know Your Customer (KYC) checks, enforcing responsible gaming measures, and complying with regulatory reporting. This processing is carried out under the legal obligation.
  • Fraud Prevention and Risk Management: detecting and preventing fraud, bonus abuse, unauthorized activities, and maintaining high-risk customer records. We rely on legitimate interests (to protect our business and users) as the legal basis for this purpose.
  • Marketing and Personalization: sending promotional offers, personalized advertisements, and marketing communications based on preferences. The legal foundation for this processing is your consent and/or legitimate interest.
  • Analytics and Service Improvement: analyzing website traffic, resolving technical issues, optimizing user experience, and conducting research. We use legitimate interest as the legal basis for this specific purpose.
  • Security Assurance: monitoring and enhancing platform security. For this purpose, we operate on the basis of legitimate interest and legal obligation.
6. Sources from Which We Collect Data:

We collect personal data from various sources to ensure compliance, security, and a seamless user experience. These sources include:

  • Directly from you – Information you provide when registering, using our services, or communicating with us.
  • Verification providers – Services that confirm your identity, age, or address.
  • Financial institutions – Banks and payment service providers involved in processing transactions.
  • AML and PEP databases – Databases used for anti-money laundering (AML) checks and identifying politically exposed persons (PEPs).
  • Regulatory authorities and responsible gaming databases – Official sources that help us meet legal and responsible gaming obligations.
  • Business partners – Affiliate networks, advertising platforms, and analytics providers that may share pseudonymous data for marketing and service optimization.
7. Disclosure of Personal Information

To provide our services, we may need to share your personal data with trusted third parties, including:

  • Group Members: We may share your data within our group for fraud prevention, bonus abuse, AML, and Responsible Gaming purposes. If you consent, we may also share your data for direct marketing about other products within the group.
  • Game Providers: Some of our game providers may need access to specific data (e.g., username, IP address) to offer games on our site. You can review their privacy policy on their website.
  • Payment Providers: We may share your data with payment providers to process transactions. You can review their privacy notices on their sites.
  • Marketing Partners: If you consent to marketing, we may share your contact details with partners who handle promotional emails, SMS, and calls.
  • Regulatory Authorities: We may share data with law enforcement or regulatory bodies if required by law. We will challenge unreasonable or vague requests when appropriate.
  • Third-Party Communication Software: We use third-party services to assist with email and live chat communication.
  • AML and KYC Verification Tools: To comply with legal obligations, we may share data with third-party tools for age, identity, and fraud checks.
  • Business Transfers: In the event of a merger, acquisition, or sale, your personal data may be transferred, and we will inform you before such a change occurs.
  • Data Processors: We may also share data with our lawyers, consultants, and regulatory bodies under strict data processing agreements to ensure your data’s protection.

We ensure all third parties process your personal data lawfully and securely, only for specific purposes, and in accordance with our privacy policy. We do not allow third parties to use your data for their own purposes. We also minimize the data shared to what is necessary for their role.

8. International Data Transfers

If your personal data is transferred outside of the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Transfers to countries deemed to have adequate data protection standard.
9. Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected.

When determining retention periods, we consider factors like the purpose of data collection, applicable laws, the nature of the data, and the potential risks of unauthorized use or disclosure.

Due to anti-money laundering regulations, we are required to keep your personal data for a minimum of five years from your account closure. Requests for data erasure before this period cannot be processed.

We may also retain anonymized data for improving our services and marketing communications, without involving automated decision-making.

10. Consent and Your Rights

By using our services, you consent to the collection, use, and disclosure of your personal information as described in this Policy. Under GDPR and PIPEDA, you have the right to:

  • Withdraw consent at any time, subject to legal or contractual restrictions.
  • Access, correct, or request deletion of your personal information.
  • Restrict or object to data processing.
  • Request data portability.
  • Opt-out of marketing communications.
  • Lodge a complaint with a data protection authority if you believe your rights have been violated.
11. Automated Decision Making

We generally do not rely on fully automated decision-making in our business processes. However, if we do use such processes in specific cases, we will inform you separately, where required by law.

12. Data Security

When managing your Player Account, we adhere to strict legal requirements for personal data protection.

We maintain reasonable technical, physical and administrative security safeguards to protect your personal data against loss and any form of unlawful processing (such as theft and unauthorized access). Any Personal Information you provide to us is exchanged on a secure server. Access to your personal data is limited to employees, agents, contractors, and third parties who require it for business purposes.

Your Player Account can only be accessed using your unique ID and password. You can also enable two-factor authentication (2FA) for added protection. It’s important that you keep your login details confidential and ensure they are not accessible to anyone else.

13. Changes to This Privacy Policy

We may update, modify, or revise our Privacy Policy as technology advances and legal requirements change. We encourage you to review it periodically to stay informed of how we are protecting your information.

14. Contact Information

If you have any questions about this Privacy Policy or your personal information, please contact our DPO at [email protected]. You can also contact our support teams via [email protected] and livechat.

home
All games
authorization
payments
We use cookies to improve your experience. By using our website you are accepting our Cookie Policy.