Privacy Policy

1. Introduction and Scope

Jaiho Win («we,» «our,» or «the Platform») is committed to protecting the privacy, integrity, and confidentiality of your personal information. This Privacy Policy governs the collection, processing, storage, sharing, and deletion of data relating to all individuals who access or use the Jaiho Win platform, including its website, mobile applications, and related digital services.

This policy is drafted in compliance with applicable Indian data protection laws, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 («SPDI Rules»), and is aligned with the principles of the Digital Personal Data Protection Act, 2023 («DPDPA») as it comes into effect.

By registering, accessing, or continuing to use Jaiho Win, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with any provision herein, you must immediately discontinue use of the Platform.

This policy applies to all users accessing the Platform from India and other permitted jurisdictions. It does not apply to third-party websites or services linked from our Platform, which are governed by their own privacy policies.

2. Data Controller and Grievance Officer

Jaiho Win acts as the Data Controller (or «Data Fiduciary» under the DPDPA) for all personal data collected through the Platform. We determine the purposes and means of processing your personal data and are responsible for its lawful handling.

In accordance with Rule 5(9) of the SPDI Rules and applicable provisions of the DPDPA, we have appointed a Grievance Officer to address data-related complaints and inquiries. Contact details for the Grievance Officer are provided in Section 15 of this Policy. All grievances will be acknowledged within 48 hours and resolved within 30 days of receipt, in accordance with applicable law.

3. Categories of Personal Data We Collect

Jaiho Win collects personal data that is necessary, adequate, and relevant to the purpose for which it is processed. We do not collect personal data beyond what is required for lawful platform operations.

3.1 Registration and Identity Data

When you create an account, we collect:

• Full legal name
• Email address
• Mobile phone number
• Date of birth (for age verification purposes)
• Gender (optional, where provided voluntarily)
• Username and account credentials

3.2 Sensitive Personal Data or Information (SPDI)

In accordance with the SPDI Rules, 2011, certain data we may collect constitutes Sensitive Personal Data or Information, including:

• Financial information such as bank account details, payment instrument data, or transaction history (collected solely for the purpose of processing deposits, withdrawals, or other permitted financial transactions)
• Government-issued identification documents collected during KYC verification (e.g., Aadhaar, PAN card, Voter ID, Passport)
• Biometric data, only if required for advanced identity verification and only with your explicit prior consent

SPDI is collected only with your free, informed, and specific consent, and is used exclusively for the purposes disclosed at the time of collection. You have the right to withdraw consent for SPDI collection at any time, subject to the Platform’s ability to continue providing certain services.

3.3 Account Activity and Gameplay Data

To provide and improve platform functionality, we may process:

• Login history and session timestamps
• Game participation records, outcomes, and interaction logs
• In-platform communications and support interactions
• Transaction records including deposits, withdrawals, and bonus redemptions
• Preferences, settings, and feature usage patterns

3.4 Technical and Device Data

When you access the Platform, the following data is collected automatically through cookies, log files, and device signals:

• IP address and approximate geolocation
• Device type, model, and unique device identifiers
• Browser type, version, and language settings
• Operating system and platform version
• Pages visited, links clicked, and time spent on each section
• Referring URLs and exit pages
• Network connection type and carrier information

3.5 Voluntarily Submitted Data

You may additionally provide us with personal data when you:

• Contact our support team via email, chat, or phone
• Submit feedback, complaints, or dispute requests
• Participate in surveys, contests, or promotional activities
• Correspond with us via any written or electronic communication

4. Legal Basis and Purposes of Data Processing

Jaiho Win processes your personal data only where a valid lawful basis exists. The primary legal bases under applicable Indian law include: your explicit consent, performance of a contract to which you are a party, compliance with a legal obligation, and legitimate interests pursued by the Platform that do not override your fundamental rights.

4.1 Account Management and Platform Access

We process your data to:

• Register, authenticate, and manage your user account
• Enable access to games, features, and personalised content
• Process and record in-platform transactions
• Maintain the integrity and continuity of your sessions

4.2 Security, Fraud Prevention, and Platform Integrity

We process data to:

• Detect, investigate, and prevent fraudulent, abusive, or unauthorized activity
• Identify and block access from restricted or prohibited jurisdictions
• Enforce our Terms and Conditions and Responsible Gaming policies
• Protect the rights, property, and safety of Jaiho Win, its users, and the public

4.3 Service Communication

Your contact details may be used to:

• Send transactional messages including account confirmations, deposit receipts, and security alerts
• Respond to support queries, complaints, and dispute resolutions
• Notify you of updates to platform policies, features, or terms
• Send promotional or marketing communications, only where you have provided explicit consent and subject to your right to opt out at any time

4.4 Legal Compliance and Regulatory Obligations

We are required to process certain data to:

• Comply with the Information Technology Act, 2000 and related rules
• Fulfill obligations under anti-money laundering (AML) and counter-financing of terrorism (CFT) frameworks
• Respond to lawful orders, warrants, or requests from competent judicial or governmental authorities
• Maintain records as required under applicable tax, financial, or gaming regulations

4.5 Analytics and Platform Improvement

Aggregated and pseudonymised data is used to:

• Analyse user behaviour, traffic patterns, and feature performance
• Develop, test, and enhance platform functionality and user experience
• Generate internal performance and business intelligence reports

5. Cookies and Tracking Technologies

Jaiho Win uses cookies and similar tracking technologies to ensure the effective operation of the Platform, deliver a personalised user experience, and gather analytical insights.

5.1 What Are Cookies

Cookies are small text files placed on your device by a web server when you visit a website. They allow the Platform to recognise your browser, retain session information, and remember your preferences across visits. Similar technologies include web beacons, pixel tags, local storage objects, and SDKs in mobile applications.

5.2 Types of Cookies We Use

• Strictly Necessary Cookies — essential for the Platform to function; include session management, security tokens, and navigation. These cannot be disabled without impairing core functionality.
• Performance and Analytics Cookies — collect anonymised data on how users navigate and interact with the Platform; used to identify and resolve technical issues and measure feature effectiveness.
• Functional Cookies — store your preferences such as language, display settings, and game choices to provide a more personalised experience.
• Targeting and Marketing Cookies — used only with your explicit prior consent to deliver relevant promotional content and measure campaign performance. You may withdraw consent at any time.

5.3 Managing Your Cookie Preferences

You may control, restrict, or delete cookies through your browser settings at any time. Please note that disabling strictly necessary cookies may prevent you from accessing certain features of the Platform. For guidance on managing cookies by browser type, refer to your browser’s official help documentation.

6. Third-Party Analytics and Integrated Services

Jaiho Win may use trusted third-party tools and services to support platform operations, analytics, and security monitoring. All third-party service providers are vetted for data protection compliance and are contractually bound to process your data only as instructed by us and in accordance with applicable law.

6.1 Analytics Providers

We may use analytics tools such as Google Analytics or comparable services to collect aggregated, non-personally identifiable data, including pages visited, session duration, traffic sources, and user interaction patterns. This data is used exclusively to optimise platform performance and user experience. Analytics providers process data in accordance with their own privacy policies, and we encourage you to review them independently.

6.2 Payment and Financial Service Providers

Where financial transactions are processed through the Platform, we work with licensed and regulated payment processors and banking partners. Only the data strictly necessary to complete the transaction is shared with such providers. We do not store complete payment card numbers or sensitive banking credentials on our servers.

6.3 Security and Fraud Detection Services

We integrate with third-party security providers for the purposes of threat monitoring, fraud detection, device fingerprinting, and IP risk assessment. These providers receive only pseudonymised or technical data necessary for their function.

7. Disclosure and Sharing of Personal Data

Jaiho Win does not sell, rent, or trade your personal data to any third party for commercial or marketing purposes. Data may be shared only in the limited circumstances described below, each of which is governed by strict contractual, legal, or operational safeguards.

7.1 Authorised Service Providers

We may share your data with third-party processors who provide services on our behalf, including cloud hosting and infrastructure, KYC and identity verification, customer support technology, fraud detection and cybersecurity, and payment processing. All such providers are bound by data processing agreements that restrict their use of your data to the specific service rendered.

7.2 Legal and Regulatory Disclosures

We may disclose personal data without prior notice where required to:

• Comply with a binding legal obligation, court order, or governmental directive
• Cooperate with law enforcement, regulatory, or investigative authorities in accordance with applicable Indian law
• Investigate, prevent, or take action against actual or suspected fraudulent activity, violations of our Terms, or threats to the safety of individuals

7.3 Corporate Restructuring

In the event of a merger, acquisition, demerger, asset sale, or change of control, user data may be transferred to the acquiring entity as part of the business assets. In such circumstances, we will provide advance notice where practicable, and the transferee entity will be required to honour the commitments made in this Privacy Policy.

7.4 With Your Consent

We may share your personal data with other third parties where you have provided your specific, informed, and freely given consent to such sharing. You may withdraw such consent at any time by contacting us as described in Section 15.

8. Data Retention Policy

We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, to maintain accurate business records, to comply with our legal and regulatory obligations, and to resolve disputes or enforce our agreements.

8.1 Retention Periods

• Active account data — retained for the duration of your account’s existence and for a reasonable period thereafter in the event of account reactivation requests
• Transaction and financial records — retained for a minimum period as required under applicable Indian tax and financial regulations (typically a minimum of 5–7 years)
• KYC documentation — retained for the period mandated by applicable AML regulations and identity verification frameworks
• Log and technical data — retained for a limited operational period, typically not exceeding 12 months, unless required for ongoing investigations
• Support and communication records — retained for the period necessary to resolve the matter and maintain a record of outcomes

8.2 Deletion and Anonymisation

When your personal data is no longer required and no legal obligation mandates its retention, we will securely delete or irreversibly anonymise it in accordance with recognised data destruction standards. Anonymised data, which cannot be used to identify you, may be retained indefinitely for statistical and analytical purposes.

9. Data Security Measures

Jaiho Win implements comprehensive technical and organisational measures designed to protect your personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. Our security practices are aligned with the standards prescribed under the SPDI Rules, 2011.

9.1 Technical Safeguards

• Encryption of data in transit using industry-standard TLS/SSL protocols
• Encryption of sensitive data at rest, including SPDI and financial information
• Role-based access controls limiting data access to authorised personnel on a need-to-know basis
• Multi-factor authentication for administrative and privileged system access
• Continuous monitoring, intrusion detection, and vulnerability assessment systems
• Regular security audits and penetration testing by qualified professionals

9.2 Organisational Safeguards

• Data protection training and awareness programs for all staff who handle personal data
• Confidentiality obligations imposed on all employees and contractors
• Internal data handling policies and incident response procedures

9.3 Limitation of Liability

While we take reasonable and industry-appropriate steps to protect your data, no method of electronic transmission or storage is entirely secure. Jaiho Win cannot guarantee absolute security of data transmitted over the internet. Users acknowledge and accept this inherent risk associated with digital communications.

9.4 Your Security Responsibilities

You are responsible for:

• Maintaining the strict confidentiality of your account password and login credentials
• Using a unique, strong password and updating it regularly
• Logging out of your account after each session, particularly on shared or public devices
• Notifying Jaiho Win immediately upon becoming aware of any unauthorized access to or use of your account

10. Your Rights as a Data Principal

Under applicable Indian data protection law, including the DPDPA, 2023 (as it comes into force), and the SPDI Rules, 2011, you have the following rights with respect to your personal data. These rights may be exercised by submitting a written request to our Grievance Officer as detailed in Section 15.

10.1 Right of Access

You have the right to obtain confirmation as to whether we hold personal data about you, and to request a copy of that data, along with information about the purposes for which it is processed and the categories of recipients with whom it has been shared.

10.2 Right to Correction

You have the right to request the rectification of any inaccurate, incomplete, or outdated personal data we hold about you. We will process such requests promptly and update our records accordingly.

10.3 Right to Erasure

You may request the deletion of your personal data where it is no longer necessary for the purpose for which it was collected, where you have withdrawn your consent and there is no other lawful basis for processing, or where the data has been unlawfully processed. Please note that certain data may be retained where legally required or necessary for the establishment, exercise, or defence of legal claims.

10.4 Right to Withdraw Consent

Where we process your data on the basis of consent, you have the right to withdraw that consent at any time without penalty. Withdrawal of consent will not affect the lawfulness of any processing carried out prior to withdrawal. However, it may limit your access to certain features of the Platform that depend on such processing.

10.5 Right to Grievance Redressal

You have the right to raise a grievance with our designated Grievance Officer in relation to any aspect of our personal data handling practices. We commit to acknowledging your grievance within 48 hours and providing a substantive resolution within 30 days, as required under applicable Indian law. If your grievance is not satisfactorily resolved, you retain the right to escalate the matter to the relevant data protection authority.

10.6 Right to Nominate

In accordance with provisions of the DPDPA, 2023, you may nominate another individual to exercise your data rights on your behalf in the event of your incapacity or death. Details on how to submit a nomination are available upon request from our support team.

11. KYC and Identity Verification

To ensure the integrity of the Platform and compliance with applicable legal and regulatory requirements, Jaiho Win may require all users to complete a Know Your Customer (KYC) verification process prior to accessing certain features, including financial transactions.

11.1 Documents and Information Collected for KYC

The KYC process may require submission of:

• A valid government-issued photo identity document (e.g., Aadhaar card, PAN card, Passport, Voter ID, Driving Licence)
• Proof of address (e.g., utility bill, bank statement, Aadhaar card)
• A recent photograph where required for identity matching
• Additional documentation as may be required by regulatory guidance from time to time

11.2 Purpose and Legal Basis for KYC

KYC data is collected and processed to:

• Verify that you meet the minimum age requirement (18 years or above)
• Confirm your identity and residential eligibility to use the Platform
• Prevent the creation of duplicate, fraudulent, or synthetic accounts
• Comply with anti-money laundering (AML) and counter-terrorism financing (CTF) regulations
• Maintain records as required under applicable financial and gaming laws

11.3 Storage and Protection of KYC Data

KYC documents and associated data are treated as Sensitive Personal Data and are subject to enhanced security controls. Access is strictly limited to authorised personnel and verified third-party identity verification partners. KYC data is stored on secured, encrypted systems and is retained only for the period mandated by applicable law or regulation.

12. Age Restriction and Protection of Minors

Jaiho Win is a platform intended exclusively for adults aged 18 years and above. We do not knowingly collect, process, or store personal data from individuals under the age of 18.

All users are required to declare their date of birth at the time of registration. If we have reason to believe or discover that a user is under 18 years of age, we will immediately suspend or terminate the relevant account, delete all associated personal data without undue delay, and reverse any transactions conducted by that user to the extent permissible by applicable law.

Parents and legal guardians who believe that a minor has accessed the Platform or submitted personal data are encouraged to contact us immediately using the details provided in Section 15.

13. International Data Transfers

Jaiho Win may store and process your data on servers located within India or in other countries where our service providers and infrastructure partners operate. When data is transferred outside the territory of India, we ensure that adequate safeguards are in place to protect your personal data in a manner consistent with applicable Indian data protection law.

Such safeguards may include contractual data protection clauses with service providers, standard contractual terms approved by competent authorities, or transfers to jurisdictions recognised as providing an adequate level of data protection. By using the Platform, you acknowledge and consent to the transfer of your data as described in this section.

14. Amendments to This Privacy Policy

Jaiho Win reserves the right to update, amend, or replace this Privacy Policy at any time to reflect changes in applicable law, regulatory guidance, platform features, or our data handling practices.

All material changes will be published on this page with an updated effective date. Where a change is significant, we will take reasonable steps to notify you directly, such as via email or a prominent notice on the Platform, prior to the change taking effect. Your continued use of the Platform following the publication of an updated Privacy Policy constitutes your acceptance of the revised terms. We encourage you to review this page regularly to stay informed of how we protect your data.

15. Contact Details and Grievance Officer

For any questions, concerns, access requests, correction requests, or complaints regarding this Privacy Policy or the processing of your personal data, please contact us using the details below. All requests will be handled in accordance with applicable Indian data protection law.

Email: [email protected]
Phone: +91 80 4112 7396
Grievance Officer: Available upon written request via email
Office Address: 30 M.G. Road, Bengaluru, Karnataka 560001, India
Response Time: Acknowledgement within 48 hours; resolution within 30 days

We are committed to resolving all privacy-related concerns fairly, transparently, and in accordance with your rights under applicable Indian law.