Privacy Policy

Information Gathering

This Privacy Policy has been established by Metlait SRL, operating the digital platform accessible at goldencrown-casino.co.com under the regulatory license identifier ALSI-202509073-FI2. The collection of personal data is conducted in strict accordance with applicable data protection legislation and is limited exclusively to information necessary for the lawful provision of services offered through this platform.

The following categories of personal data are subject to processing by Metlait SRL:

• Identification Data: Full legal name, date of birth, nationality, and government-issued identification document details, including passport numbers or national identity card references, are collected for the purposes of identity verification and regulatory compliance.
• Contact Information: Electronic mail addresses, telephone numbers, and residential postal addresses are recorded to facilitate communication between the data controller and the data subject.
• Financial Data: Payment instrument details, transaction records, banking account references, and financial history pertaining to deposits and withdrawals are processed in connection with the execution of financial transactions on the platform.
• Technical and Device Data: Internet Protocol addresses, browser type and version, operating system information, device identifiers, session cookies, and access timestamps are automatically collected upon interaction with the platform.
• Behavioral and Usage Data: Navigation patterns, platform interaction records, session durations, and service utilization histories are compiled to support operational and analytical functions.
• Verification Documentation: Copies of identity documents, proof of address documentation, and source-of-funds declarations may be requested and retained in accordance with applicable anti-money laundering obligations.

Personal data is collected directly from data subjects through registration forms, account management interfaces, and transactional processes, as well as indirectly through automated technical systems during platform use. All data collection activities are subject to lawful bases as prescribed under relevant data protection frameworks.

Data Usage

Personal data collected through the platform operated by Metlait SRL is processed exclusively for defined, explicit, and legitimate purposes. Processing activities are conducted in accordance with the principles of purpose limitation and data minimization. The following purposes of data processing have been identified in connection with the provision of services through goldencrown-casino.co.com:

• Account Administration: Personal data is processed for the creation, maintenance, and management of user accounts, including the verification of eligibility criteria and the enforcement of platform terms and conditions.
• Regulatory and Legal Compliance: Processing activities are carried out to fulfill obligations imposed by applicable legislation, including anti-money laundering requirements, know-your-customer procedures, responsible gaming regulations, and obligations arising from the regulatory license ALSI-202509073-FI2.
• Transaction Processing: Financial data and identification information are processed to facilitate the execution, monitoring, and recording of deposit and withdrawal transactions undertaken through the platform.
• Service Communication: Contact information is utilized for the transmission of transactional notifications, account-related correspondence, security alerts, and responses to inquiries submitted by data subjects.
• Platform Security and Fraud Prevention: Technical data and behavioral records are analyzed for the detection, investigation, and prevention of fraudulent activity, unauthorized access, and other security incidents affecting the integrity of the platform.
• Customer Support: Data pertaining to account activity and communication history is accessed by authorized personnel for the resolution of disputes, technical issues, and service-related inquiries.
• Legal Proceedings: Personal data may be processed in connection with the establishment, exercise, or defense of legal claims, and may be disclosed to competent regulatory authorities or judicial bodies where required by law.
• Statistical and Analytical Processing: Aggregated and anonymized data may be subjected to statistical analysis for the purposes of operational improvement and service development, provided that such processing does not result in the re-identification of individual data subjects.

No personal data shall be processed for purposes incompatible with those specified herein without prior notification to, and where required, consent from, the relevant data subjects.

Security Measures

Metlait SRL has implemented a comprehensive framework of technical and organizational measures designed to ensure the security, integrity, and confidentiality of personal data processed in connection with the operation of goldencrown-casino.co.com. These measures are maintained and reviewed on a continuous basis to address evolving security risks and to ensure ongoing compliance with applicable data protection standards.

The following technical security measures are applied to personal data processing activities:

• Encryption Protocols: All data transmitted between data subjects and the platform is encrypted using industry-standard Transport Layer Security protocols. Sensitive data stored within platform systems is subjected to encryption at rest using recognized cryptographic standards.
• Access Control Systems: Access to personal data is restricted to authorized personnel whose responsibilities require such access. Role-based access control mechanisms are enforced, and all access events are logged and subject to periodic audit review.
• Authentication Mechanisms: Multi-factor authentication requirements are imposed on administrative access to systems containing personal data. Password policies meeting established complexity and rotation standards are enforced across all relevant systems.
• Network Security Infrastructure: Firewall systems, intrusion detection mechanisms, and network monitoring tools are deployed to prevent unauthorized external access to systems containing personal data.
• Vulnerability Management: Regular security assessments, penetration testing, and vulnerability scanning procedures are conducted to identify and remediate potential weaknesses in the technical infrastructure.
• Data Backup and Recovery: Automated backup procedures are maintained to ensure the availability and recoverability of personal data in the event of technical failure or data loss incidents.

The following organizational security measures are implemented by Metlait SRL:

• Personnel Training: All personnel engaged in the processing of personal data are required to complete data protection and information security training appropriate to their respective roles and responsibilities.
• Confidentiality Obligations: Contractual confidentiality obligations are imposed upon all employees and third-party processors who are granted access to personal data.
• Data Processing Agreements: Written agreements governing the processing of personal data are established with all third-party service providers acting as data processors on behalf of Metlait SRL.
• Incident Response Procedures: Documented procedures for the identification, assessment, containment, and notification of personal data breaches are maintained and tested periodically.
• Data Retention Policies: Personal data is retained only for the duration necessary to fulfill the purposes for which it was collected, or as required by applicable legal and regulatory obligations. Upon expiration of applicable retention periods, personal data is securely destroyed or anonymized.

User Rights

Data subjects whose personal data is processed by Metlait SRL in connection with the operation of goldencrown-casino.co.com are entitled to exercise the following rights in accordance with applicable data protection legislation. Requests pertaining to the exercise of data subject rights may be submitted through the contact channels specified in the corresponding section of this policy.

• Right of Access: Data subjects are entitled to request confirmation as to whether personal data concerning them is being processed, and where such processing is confirmed, to obtain a copy of the personal data being processed together with supplementary information regarding the nature, purposes, and circumstances of such processing.
• Right to Rectification: Data subjects are entitled to request the correction of inaccurate personal data concerning them without undue delay. Where personal data is incomplete, data subjects are entitled to request the completion of such data, including by means of a supplementary statement.
• Right to Erasure: Data subjects are entitled to request the deletion of personal data concerning them where such data is no longer necessary for the purposes for which it was collected, where consent has been withdrawn and no alternative lawful basis exists, or where the data has been unlawfully processed. This right is subject to applicable legal retention obligations that may require the continued processing of certain data.
• Right to Restriction of Processing: Data subjects are entitled to request the restriction of processing activities pertaining to their personal data in circumstances prescribed by applicable law, including where the accuracy of the data is contested or where the data subject has objected to processing pending verification of whether legitimate grounds override such objection.
• Right to Data Portability: Where processing is conducted on the basis of consent or contractual necessity and is carried out by automated means, data subjects are entitled to receive personal data concerning them in a structured, commonly used, and machine-readable format, and to request the transmission of such data to another data controller where technically feasible.
• Right to Object: Data subjects are entitled to object to the processing of personal data concerning them where such