Privacy Policy (India)
Effective date: 03 September 2025
N8 Casino India (“N8”, “we”, “us”, “our”) operates official online gaming services for players located in India. This Privacy Policy explains what personal data we collect, how and why we process it, with whom we share it, how long we keep it, and the choices you have-aligned with India’s Digital Personal Data Protection Act, 2023 (DPDP Act), the Information Technology Act, 2000 and the SPDI Rules, 2011, as applicable.
By using our website, app, and services, you acknowledge that you have read and understood this Policy.
1Who we are & scope
We are the official N8 Casino service for India. This Policy applies to our website, mobile apps, customer support, and marketing communications that we control. It covers personal data processed in India and, where applicable, processing outside India connected to offering our services to individuals in India.
Definitions (simplified): “Personal data” means any data about an identifiable individual. “Data Principal” means you, the individual user. “Data Fiduciary” (controller) means N8. “Data Processor” means a vendor processing personal data for us under contract. Where required, we will provide notices and obtain consent in plain language and in English or other local languages supported by our interfaces.
What we collect & sources
We only collect what we need for lawful purposes. The exact data depends on how you use N8 (account creation, KYC, deposits, gameplay, withdrawals, support).
| Category | Examples | Primary Source |
|---|---|---|
| Identity & KYC | Full name, date of birth, nationality, address, ID numbers, selfie/biometric checks (where legal), proof of address | You; KYC vendors |
| Contact | Email, mobile number, WhatsApp (if you choose to message us), in-app notifications | You |
| Account & Gameplay | Username, session data, game history, responsible-gaming settings, bonuses | You; platform logs |
| Payments | Deposit/withdrawal method, masked card or VPA, UPI/IMPS/NEFT references, transaction amounts in INR | You; payment partners |
| Device & Technical | Device IDs, IP, app version, cookies, diagnostic logs for security & compliance | Your device; analytics & security tools |
| Support & Compliance | Tickets, recordings/chats (where permitted), dispute history, compliance flags | You; our support systems |
Data you choose to provide
- Registration details, KYC documents, and any preferences (limits, notifications).
- Optional feedback, surveys, contests, and marketing opt-ins you select.
Data we generate or collect automatically
- Security and fraud signals, device/connection metadata, log files required for cybersecurity compliance.
- Gameplay telemetry and performance metrics to keep the service stable and fair.
Why we process data & legal grounds
We process personal data on the basis of your consent and/or legitimate uses permitted by law, including to deliver the service you request, meet legal obligations, and protect the security of our platform.
Main purposes: account creation and verification; age and identity checks (KYC); responsible-gaming tools; payments (INR deposits/withdrawals); game operation and fairness; customer support; detecting and preventing fraud and misuse; complying with applicable Indian laws and regulatory directions; and service improvements (including analytics in a privacy-respectful way).
Marketing: we only send marketing where permitted and with an opt-out in each message. You can withdraw consent at any time from account settings or by contacting us.
Cookies & tracking technologies
We use cookies and similar technologies to remember your preferences, keep you signed in, secure the platform, and analyze performance. Essential cookies are required for the service to function. Optional analytics/marketing cookies operate only where permitted.
- Essential: security, load balancing, session continuity, fraud prevention.
- Functional/Analytics: preferences, performance metrics, error diagnostics.
- Controls: in-product settings let you manage non-essential cookies; your browser may also offer controls.
Sharing, cross-border transfers & retention
We share data only with trusted recipients under contract and only as needed for the purposes described. If data is processed outside India, we follow Indian law on cross-border flows (including any government-notified country restrictions). We retain data only as long as needed for the purposes described or as required by law and legitimate business needs (for example, tax, audit, security).
| Recipient Type | Purpose | Transfer/Retention Notes |
|---|---|---|
| KYC/AML & Fraud Vendors | Identity verification, sanctions/PEP checks, risk scoring | Cross-border processing may occur under contract; retain evidence per legal limits |
| Payment Partners | INR deposits/withdrawals (e.g., UPI/IMPS/NEFT), refunds, chargebacks | Transaction data kept for accounting, anti-fraud and dispute timelines |
| Game Providers & Platform | Running games, fairness audits, server operations | Pseudonymized gameplay and session data where possible |
| Security & Analytics | Threat detection, uptime monitoring, diagnostics | Certain logs retained to meet cybersecurity directions |
| Government/Regulators | Legal compliance, dispute handling, lawful requests | We disclose where legally required and proportionate |
Data minimization & deletion: when you close your account or withdraw consent (where applicable), we delete or de-identify data not required to be retained by law or for legitimate purposes (e.g., fraud prevention, chargeback windows, tax, audits).
Your rights & grievance redressal
Depending on applicable law, you may have the following rights over your personal data. We will verify your identity before acting on a request and respond in a reasonable time.
- Access: know what data we hold and how we use it.
- Correction: update inaccurate or incomplete data.
- Erasure: request deletion where permitted (for example, when data is no longer needed or consent is withdrawn).
- Consent withdrawal: stop processing based on consent, without affecting prior lawful processing.
- Grievance redressal: complain to our Grievance Officer; if unresolved, you may approach the competent authority.
- Nomination: nominate another person to exercise your rights in case of death or incapacity (where available).
Children: we do not knowingly allow accounts for individuals under 18. Where processing of a child’s data is required, we seek verifiable parental/guardian consent and do not conduct tracking or targeted advertising directed at children.
Security & incidents: we use reasonable technical and organizational safeguards, including encryption in transit, strict access controls, and monitored logging. If a personal data breach occurs that poses a risk, we will notify affected users and the competent authority in line with Indian requirements.
Contact (Grievance Officer): Grievance Officer, N8 Casino India, Email: support@n8casinoin.org, Phone: +91-00000-00000, Address: N8 Casino India, Customer Care Desk, India. Business hours: 10:00–19:00 IST, Mon–Fri (excluding public holidays).
Updates: we may update this Policy to reflect legal, technical or business changes. Material changes will be highlighted in-product or via notices. Continued use after an update means you accept the revised Policy.
Additional compliance notes (India)
Cybersecurity logs: we maintain essential ICT logs for security monitoring and incident response in accordance with applicable cybersecurity directions. Certain logs may be retained for defined periods to meet those obligations.
Sensitive data handling: where we process sensitive personal data (e.g., financial details, health/biometrics if used for KYC), we apply higher safeguards and limit access strictly to personnel and processors who need it.
Disclaimer
This Policy explains our privacy practices and is not legal advice. Eligibility: 18+ only. Use only your own payment instruments. Availability is subject to local law. Where this Policy conflicts with mandatory law, the latter prevails. Key legal references reflected above include: India’s DPDP Act (rights, extraterritorial scope, cross-border transfers by negative list, breach notice duties), SPDI Rules 2011 (sensitive data and grievance officer), and CERT-In Directions 2022 (log retention)
Children’s data protections (under-18, parental consent; restrictions on tracking/targeted ads) are reflected from Section 9 DPDP and draft rules guidance. Cross-border transfers are allowed except to countries restricted by government notification; retention and reasonable security safeguards are required; consent and legitimate uses form the legal basis framework under the DPDP.