1. Data Controller
For the purpose of the General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR"), the controller of personal data processed in connection with the MintBets platform is LUXVERITAS LTD, a private limited liability company incorporated in the Republic of Cyprus with registration number HE 491127, having its registered office at Kerkyras & John Kennedy 11, Amaranthe House, Ground Floor, 3107, Limassol, Cyprus ("MintBets", "we", "us" or "our"). Enquiries concerning this Privacy Policy may be addressed to our data-protection team at privacy@mintbets.com.
2. Scope of this Policy
This Privacy Policy describes how we collect, use, disclose, retain and protect personal data when you access mintbets.com, any associated subdomain, mobile interface or application (collectively, the "Service"). It also describes the rights available to you in respect of your personal data. This Policy should be read together with our Terms of Service, the Cookie Policy, the AML Policy and any supplementary notice published on the Service.
Where the Service contains links to third-party websites or services, this Policy does not apply to such third parties. We encourage you to review the privacy notices of any third party with which you interact.
3. Categories of Personal Data We Process
3.1 Information you provide to us
Identity and contact data (full name, date of birth, nationality, residential address, email address, telephone number, username and password); identity verification data (government-issued identification documents, "selfie" images, proof of address, video verification footage); financial and transaction data (cryptocurrency deposit and withdrawal addresses, transaction hashes, balance history, wager history, bonus history); customer-service correspondence (the content of support tickets, live-chat transcripts, complaint records); and any other information you choose to provide.
3.2 Information we collect automatically
Device and connection data (IP address, device identifier, browser type and version, operating system, language preference, time-zone setting); usage data (pages viewed, features used, links followed, referring URL, gameplay timestamps, session duration); and technical telemetry (crash reports, error logs, performance metrics) generated by your interaction with the Service.
3.3 Information from third parties
Identity verification and sanctions-screening providers (verification outcomes, document authenticity scores, politically-exposed-person status, sanctions matches); blockchain analytics providers (risk scores associated with deposit and withdrawal addresses, cluster attributions, exposure to high-risk counterparties); payment-related affiliates and game studios (deposit confirmations, gameplay data necessary for the operation of third-party games); and marketing partners (referral attribution data, campaign performance data).
3.4 Special categories
We do not seek to collect special categories of personal data within the meaning of Article 9 GDPR. Where such data is incidentally provided to us (for example, biometric information contained in a government identification document), it will be processed solely for the purpose for which it was provided and protected with appropriate technical and organisational safeguards.
4. Purposes and Legal Bases for Processing
4.1 Performance of contract (Article 6(1)(b) GDPR)
Account creation and administration, processing of deposits and withdrawals, operation of Games, application of Bonuses, settlement of Wagers and the provision of customer support.
4.2 Compliance with legal obligations (Article 6(1)(c) GDPR)
Verification of identity and age, prevention and detection of money laundering and terrorist financing, screening against sanctions and politically-exposed-person lists, tax reporting, regulatory reporting, fraud prevention, and responding to lawful requests from competent authorities. Certain processing of this kind is also justified under Article 6(1)(c) and 6(1)(e) GDPR where it concerns substantial public interest.
4.3 Legitimate interests (Article 6(1)(f) GDPR)
Maintenance of the security and integrity of the Service, fraud prevention and risk management, network and information security, prevention of bonus abuse and collusion, monitoring and improvement of the Service, conduct of analytics on a pseudonymised basis, internal management reporting, the conduct and defence of legal claims, and the enforcement of these Terms. Where we rely on legitimate interests, we have weighed those interests against your rights and freedoms and consider that the processing in question does not unduly prejudice you.
4.4 Consent (Article 6(1)(a) GDPR)
Marketing communications by email, SMS or push notification, the placement of non-essential cookies, and the use of personal data for any purpose not described in this Policy. Consent may be withdrawn at any time, without affecting the lawfulness of any processing carried out prior to such withdrawal.
4.5 Vital interests (Article 6(1)(d) GDPR)
In rare cases, processing may be necessary in order to protect the vital interests of you or another person, for example where there is a credible indication of risk to life or of a serious safeguarding concern.
6. International Transfers of Personal Data
The Service is operated from the Republic of Cyprus and personal data is primarily processed within the European Economic Area (EEA). Where personal data is transferred to a recipient established outside the EEA or the United Kingdom, we ensure that an adequate level of protection is in place by relying on one of the safeguards available under Chapter V GDPR, including (a) European Commission adequacy decisions, (b) the European Commission Standard Contractual Clauses (and the United Kingdom International Data Transfer Addendum where relevant), or (c) any other lawful transfer mechanism. Copies of the relevant safeguards are available on request from privacy@mintbets.com.
7. Retention
We retain personal data for as long as is necessary to fulfil the purpose for which it was collected and to comply with our legal, regulatory, accounting and reporting obligations. In particular, identity verification records and transactional records are retained for a minimum of five (5) years after the closure of the Account, as required by anti-money laundering legislation. Where personal data is no longer required and there is no overriding legal obligation to retain it, it is securely deleted or anonymised. Specific retention periods applicable to each category of data are documented internally and made available on request.
8. Security
We implement appropriate technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or unauthorised access. Such measures include encryption of data in transit and at rest, strict access controls based on least-privilege principles, network segregation, multi-factor authentication for staff access, continuous monitoring and intrusion detection, regular penetration testing and vulnerability scanning, secure development practices, formal incident-response procedures, and ongoing staff training. While we strive to maintain a high standard of protection, no method of transmission or storage can be guaranteed to be entirely secure, and we cannot accept liability for unauthorised access to personal data caused by factors beyond our reasonable control.
9. Your Rights
Subject to applicable law, you have the right to (a) obtain confirmation as to whether personal data concerning you is being processed and, where this is the case, access to that personal data; (b) request the rectification of inaccurate personal data; (c) request the erasure of personal data ("right to be forgotten"); (d) request the restriction of processing in defined circumstances; (e) object to processing based on legitimate interests, including profiling, on grounds relating to your particular situation; (f) object at any time to processing for direct-marketing purposes; (g) receive personal data which you have provided to us in a structured, commonly-used and machine-readable format and, where technically feasible, to have such data transmitted directly to another controller (data portability); (h) withdraw consent at any time where processing is based on consent; and (i) lodge a complaint with the Cyprus Office of the Commissioner for Personal Data Protection (www.dataprotection.gov.cy) or with the supervisory authority of the EU member state in which you are habitually resident.
Certain of these rights are not absolute and may be subject to exceptions provided for by law. In particular, we may be unable to delete personal data where retention is required for the purpose of complying with a legal obligation, in connection with the prevention of money laundering and fraud, or in connection with the establishment, exercise or defence of legal claims. Requests may be submitted to privacy@mintbets.com. We will respond to verified requests within one (1) month of receipt, subject to any extension permitted by Article 12(3) GDPR.
10. Automated Decision-Making and Profiling
We use automated tools and risk-scoring models to support a number of compliance and fraud-prevention activities, including (a) verifying your identity, (b) screening transactions against anti-money laundering rules, (c) detecting and preventing bonus abuse, multi-accounting and other prohibited conduct described in our Terms of Service, and (d) identifying patterns of play that may indicate problem gambling. Where a decision producing legal effects concerning you, or similarly significantly affecting you, is taken solely on an automated basis, you have the right to obtain human intervention, to express your point of view and to contest the decision. Such requests may be submitted to privacy@mintbets.com.
12. Marketing Communications
Where you have provided the relevant consent, or where permitted by law on the basis of an existing customer relationship, we may contact you with information about promotions, new Games, VIP benefits and other commercial communications by email, SMS, push notification or in-platform messaging. You may opt out of any marketing communication at any time by following the unsubscribe instructions contained in the relevant message, by updating your notification preferences in your Account, or by contacting privacy@mintbets.com. Operational communications (for example, communications relating to the security of your Account, transaction confirmations or material changes to these Terms) are sent on the basis of our contractual obligation and cannot be unsubscribed from for so long as you maintain an Account.
13. Children
The Service is intended for persons who are at least eighteen (18) years of age, or the legal age of majority in their jurisdiction (whichever is higher). We do not knowingly collect personal data from children. Where we become aware that personal data of a person under the age of majority has been collected, we will take prompt steps to delete it and to close any related Account. If you believe that a minor has provided personal data through the Service, please contact privacy@mintbets.com.
14. Changes to this Policy
We may amend this Privacy Policy from time to time in order to reflect changes in our practices, technological developments or regulatory requirements. Where an amendment is material, we will notify you by reasonable means in advance of the amendment taking effect. The date at the top of this Policy indicates when it was most recently updated. We encourage you to review this Policy periodically.
15. Contact
Questions, requests or complaints in respect of this Policy or our processing activities may be addressed to LUXVERITAS LTD, Attn: Data Protection, Kerkyras & John Kennedy 11, Amaranthe House, Ground Floor, 3107, Limassol, Cyprus, or by email to privacy@mintbets.com. If you are not satisfied with the response received, you have the right to lodge a complaint with the Cyprus Office of the Commissioner for Personal Data Protection or with the supervisory authority of the EU member state in which you are habitually resident.
© 2026 LUXVERITAS LTD. All rights reserved. Registered in the Republic of Cyprus under company number HE 491127.
