Statement Regarding Parimatch India – Privacy Policy

This Privacy Policy describes how personal data is collected, processed, protected, disclosed, and destroyed with respect to the online services offered in India. This policy describes what data is collected, why it is collected, and how long the data is retained. Data processing is based on the user’s consent and is done lawfully, fairly, and transparently. Users of the website and applications accept the terms of this document and the actions described herein.

Parimatch privacy policy implemeted in India

Collection of Data & Privacy Protection

Your personal data that we collect may include various categories of information necessary for the provision of services and legal compliance.

Identity and Contact Information This category may include your full name, date of birth, address, email address, phone number, and country of citizenship.
Account and KYC Data This may include your username, and any documents used to verify your identity, including any photos of yourself that you may be submitting.
Payment and Transaction Data This may include any identifiers related to your payment methods, as well as records of any deposits or withdrawals.
Technical and Usage Data This may include the data related to your device, your IP address, your web browser, the version of the app you are using, and any other data related to your actions in the app or website.
Preference and Communication Data This data may include your preferred language, consent choices, and any correspondence you may have with customer support.

Reasons for Collecting Data

Personal data is collected and processed for necessary operational functions, security, and compliance.

To create and manage your user account and provide you the online services.
To carry out KYC and other risk assessments, to mitigate the risk of fraud, and to assist in responsible gaming.
To facilitate payments and retain necessary transaction records as required by law.

Protection Measures

Parimatch employs various measures to protect user data from unauthorized access or disclosure.

Encrypting data both at rest and in transit; setting access control and role-based permissions; separating duties; and assigning roles differently.
Ongoing network surveillance; managing vulnerabilities; and performing security testing on a regular basis.
Staff training and confidentiality obligation agreements; and audit logging.
Employing well-known payment service providers and adhering to relevant regulations such as PCI DSS and ISO 27001.

User Rights

Users maintain rights regarding their personal data, which they can exercise via profile settings or contacting support.

Obtain a documented copy of their personal data.
Correct data deemed imprecise or insufficient.
Request data deletion, unless the data must be retained for legal compliance.
Withdraw consent for optional data processing, as long as no restrictions are applied to the processing conducted previous to consent withdrawal.

Compliance Framework

Parimatch adheres to relevant statutory and international best practices regarding data protection.

Relevant Indian statute law, including the Digital Personal Data Protection Act, 2023 and the Information Technology Act, 2000, as well as regulations on reasonable security and sensitive personal data.
Best practice principles at the international level relating to openness, limitation of purpose, data minimisation, and accountability in relation to data.

Uses of Collected Information

Personal data collected from data subjects are for legitimate, transparent purposes, which are essential for operating and improving the service.

Setting up and managing accounts; authentication and user support.
Confidential data processing, issuing refunds, and data reconciliation with approved providers.
Controlling, managing, and improving the websites and mobile applications.
Conducting data analytics and using the results to improve performance of the service and to understand usage patterns.
Customising the content to provide an improved user experience.
Conducting identity verification, KYC, fraud control, risk assessment, and responsible gaming mechanisms.
The basis for marketing communications is opted-in consent, including opt-out capabilities at any time.
Fulfilling legal obligations, answering lawful requests, tax and audit needs, and dispute resolution.

Data Use Restrictions

There is no sale of personal data.
Profiling is restricted to the above purposes and is not subject to automated decision-making that has legal consequences unless it is reviewed by a person as a matter of law.

Access to Information

Users can actively manage their rights and preferences through the platform’s settings or by making formal requests through official support channels.

Validated Requests

The platform validates and processes several types of user rights requests:

Access: to get a summary of the personal data and the categories of its processing.
Correction: to amend the information that is inaccurate or incomplete.
Deletion: to request erasure, unless retention is mandatory for law or for the purposes of a dispute resolution.
Management of consent: to modify marketing, cookie, and optional processing preferences.

User Consent for Verification

Parimatch users consent to verification and security checks and to the processing of payment information by authorized payment service providers for transaction processing, screening, and chargeback management.

Children’s Privacy Protection

This service is designed for people over the age of 18.

Our operators do not collect an individual’s information without reviewing their identification.
If a parent or guardian feels a child has submitted personal information, a formal request can be sent through the site’s support system.
If we can confirm this information, we will deactivate that account and, to the extent we are legally required to do so, the child’s personal information will be purged from our records.

International Data Transfers

Your personal information will be stored and processed in India and in the other countries where our service providers work and are located. By using the site and the apps, you agree to the transfer of your personal information to other companies.

This includes countries where our providers have cloud servers, payment processors, analytics, and customer service representatives.
The laws on data protection in these countries may be less stringent than those of India, where we will take appropriate data protection and confidentiality measures.
All service providers operating outside India have legally binding confidentiality and data protection responsibilities, which include data transfer protection agreements in accordance with applicable Indian standards and other internationally accepted standards.

Legal Disclaimer

This legal disclaimer states that some obligations may be limited by applicable laws, regulatory obligations, fraud avoidance, or other legal requests by authorities.

To the extent of a conflict, the governing law and any binding obligations take precedence over this policy.
This disclaimer is applicable if the user clicks on acceptance of this policy, electronically signs, or otherwise consents by continuing to use the services.

Use of Cookies

Cookies are small text files that are placed on a user’s device to hold information. This document outlines the use of cookies for purposes of statistics, behaviour analysis, personalisation, and enhancement of the websites and apps.

Cookie Details:

Types used: strictly necessary, performance, functionality, analytics, and advertising cookies.
Purposes: remembering preferences, maintaining sessions, measuring usage, diagnosing problems, and improving features.
Retention: usually for up to 1 year, or as necessary for the purpose stated.
Control: in the user’s hands by setting the relevant controls in the user’s browser or device.
Consent: Where necessary, consent is obtained via a cookie banner or preference centre.

Acceptance of Privacy Policy

Using the websites and apps means fully accepting this Privacy Policy.

The newest version published on the site supersedes all previous versions.
Ongoing use after any changes will be considered acceptance of the changes unless material changes change this requirement.

Third Party Privacy Practices

Some information may be legitimately shared with lawyers and courts and with other third parties as this policy permits.

Third party privacy practices may include:

Payment processors, banks, and card schemes for transaction and chargeback activities.
Providers of identity verification, KYC, AML, and fraud prevention.
Providers of cloud hosting, customer support, analytics, and professional services.
Other third parties as this policy permits.

Some names or categories of the service providers may be disclosed on the website or collected at the point of collection. Users will be advised of any new purpose and of the new categories of sharing information.

Sharing your personal information means you consent to this policy, and such sharing will be governed by confidentiality and data for processing agreements.

Links to Other Websites

This site may contain links to apps or external websites that follow their own privacy policies.
The operator is not responsible for how these parties may obtain, handle, or utilize personal information.
Users should review any external site’s privacy policies and be careful when giving out personal information.