Privacy Policy

The protection of privacy and the security of our users' personal data represent an absolute priority for Boomerang Casino. This Privacy Policy is drafted in accordance with the strictest data protection standards applicable in Italy, in order to transparently and comprehensibly describe our practices for collecting, using, storing, and sharing information. When users interact with our platform, they entrust us with sensitive and personal information. We recognize the importance of this responsibility and are constantly committed to implementing the most advanced technical and organizational measures to ensure that such data is processed with the utmost care, in full respect of individuals' fundamental rights and freedoms.

In order to provide our services efficiently, securely, and in compliance with legal requirements, we collect various categories of personal data. Such information is acquired directly from the user during the registration phase, during the use of the platform, or automatically through IT systems designed for the website's operation.

Identification and Contact Data

To create and manage an account on our platform, we require essential information such as first name, last name, date of birth, residential address in Italy, phone number, and email address. Furthermore, in compliance with current regulatory obligations, we may request copies of valid identity documents, utility bills, or bank statements to verify the user's identity and confirm their place of residence.

Financial and Transaction Data

Since the use of our services involves the movement of funds, we collect detailed information related to financial transactions. These include deposit and withdrawal history, chosen payment methods (such as partial credit card numbers, e-wallet identifiers, or bank account details), and the history of activities performed on the platform. This data is processed with the highest level of encryption protocols.

Technical and Navigation Data

During each connection session, we automatically collect technical information to ensure cybersecurity and improve system usability. This data includes the IP address, type and version of the web browser used, device operating system, time zone data, pages visited, and time spent. Such information is crucial for fraud prevention and technical traffic analysis.

Communication and Support Data

Should the user contact our customer service via email, live chat, or phone, we will keep a record of such communications. This includes message texts, voice recordings (where permitted and with prior notice), and details related to reported issues. We retain these records to monitor the quality of the support provided, for staff training, and for the efficient resolution of any future disputes.

Our processing of personal data is based on well-defined legal grounds, in accordance with current legislation. Firstly, processing is necessary for the performance of the contract entered into with the user (acceptance of the Terms and Conditions) in order to provide the requested services, manage the account, and process transactions. Secondly, we process data to comply with strict legal and regulatory obligations, such as anti-money laundering regulations, fraud prevention, and responsible gaming controls. Thirdly, we rely on our legitimate business interest to defend our rights in court, protect our IT network, and improve the quality of our services. Finally, for sending promotional communications or for commercial profiling, we rely on the free and explicit consent provided by the user.

The collected information is used for a varied spectrum of operational purposes. Primarily, we use it to securely configure, administer, and manage user profiles. We process financial data exclusively to complete requested deposit and withdrawal operations and to monitor for any transactional anomalies. Technical and usage data allows us to personalize the browsing experience, resolve system bugs, and conduct statistical analyses of user engagement. If the user has provided their consent, we will use contact details to send newsletters, special offers, and updates on our services. At any time, the user can decide not to receive such commercial communications (opt-out).

We retain user personal data exclusively for the time strictly necessary to achieve the purposes for which it was collected. Data relating to the active account is retained for the entire duration of the contractual relationship. Following account closure, we are still legally obliged to retain specific categories of data (such as identity, transactional history, and communications) for periods defined by Italian tax, accounting, and anti-money laundering regulations. At the end of these mandatory retention periods, the data will be securely and permanently deleted, or irreversibly anonymized for exclusively statistical purposes.

We do not sell, exchange, or rent user personal data to external companies for their independent marketing purposes under any circumstances. However, for the proper functioning of the infrastructure, we may need to share data with carefully selected third-party processors and service providers. Such entities include secure payment service providers, identity verification agencies, cloud hosting platforms, customer support software providers, and legal advisors or auditors. All these third parties act under our strict instructions, are bound by rigorous confidentiality agreements, and are required to implement adequate security measures. In exceptional circumstances, we may be obliged to share data with competent authorities if required by law, to comply with subpoenas or ongoing legal investigations.

Considering the global nature of the internet and digital services, personal data may be transferred, processed, or stored on servers located in countries outside the European Economic Area (EEA). Should such an international transfer occur, we are committed to adopting all necessary contractual, technical, and organizational measures to ensure that user data receives a level of protection substantially equivalent to that guaranteed in Italy. This is generally achieved through the implementation of Standard Contractual Clauses approved by the competent authorities or by ensuring that the destination country offers an officially recognized adequate level of protection.

The safeguarding of user information is protected through a multi-level cybersecurity system. We use Secure Socket Layer (SSL) encryption technology to protect data during transmission over the internet. Our servers are protected by state-of-the-art industrial firewalls and intrusion detection systems. Access to personal data is strictly limited exclusively to authorized employees who require such information to perform their specific job duties, and is subject to rigorous confidentiality obligations. While adopting every reasonable precaution, it is crucial to recognize that no data transmission over the internet or electronic storage system can guarantee 100% absolute security.

In accordance with the General Data Protection Regulation (GDPR) and local laws, the user benefits from an extensive set of rights related to their data. The user has the right to request access to their personal data, obtaining a legible copy. They have the right to request the rectification of any inaccurate or incomplete data. The user can exercise the right to be forgotten, requesting the definitive erasure of their data, provided there are no prevailing legal obligations that require its retention. The right to restrict processing, object to processing itself in certain circumstances (including profiling), and request data portability in a structured, commonly used format to another data controller is also guaranteed.

We reserve the right to periodically update or modify this Privacy Policy to adapt to new legal requirements, technological changes, or variations in our operational procedures. Any significant update will be promptly notified to the user via email communications or prominent notices published within the platform. In any case, we recommend consulting this page regularly to ensure full understanding of how we are protecting personal information in a constantly evolving digital context.

Users wishing to exercise their privacy rights, raise a formal complaint, or seek clarification regarding this policy are invited to contact our data protection team. All privacy-related requests should be sent to the email address: [email protected]. Alternatively, you can contact us by regular mail at our headquarters located at Via del Corso 250, 00186 Rome, Italy, or by calling the telephone number +39 06 1234 5678. Our legal department will examine each request with the utmost diligence and respond as quickly as possible in accordance with statutory timeframes.