Luckyfy Privacy Policy

Introduction

Welcome to our Privacy and Cookies Policy. We are committed to protecting your privacy and handling your personal information in a transparent and secure manner. This Policy applies globally to our social casino platform, including our websites and mobile applications (the “Platform”), and explains how ADS Projects Group Ltd. (“we” or “us”) collects, uses, and shares your personal data. It also describes your rights under applicable privacy laws and how we comply with regulations like the EU General Data Protection Regulation (GDPR) (and UK GDPR) and the California Consumer Privacy Act (CCPA) (as amended by the CPRA), among others. We have integrated our cookies information into this single document for ease of reference, following best practice to ensure all privacy and tracking disclosures are in one place. By using our Platform, you acknowledge that you have read and understood this Policy. If you do not agree with any part of it, please refrain from using our services.

Data Controller: For the purposes of data protection laws, the data controller of your personal data is ADS Projects Group Ltd.,. You can contact us at: info@luckyfycasino.com with any questions or requests regarding your personal data.

Information We Collect

We collect personal and technical information from and about users of our Platform in order to provide and improve our services. The types of data we may collect include:

  • Identity and Contact Information: such as your name, username, avatar, email address, and other contact details you provide when registering an account or contacting us for support.
  • Age and Eligibility Information: (if required) to verify that you are old enough to use our social casino (e.g. confirmation that you are 18 or older, since our services are not intended for minors).
  • Account Credentials: such as login ID and password (stored in encrypted form) for your account security.
  • Device and Technical Data: information about the device and browser you use to access the Platform, including IP address, operating system, device identifiers, browser type, language, and app version. We also collect usage data such as pages or screens viewed, features used, links clicked, session duration, game play statistics, and other interaction data. This helps us understand how you engage with our Platform.
  • Cookies and Tracking Data: on our websites, we use cookies and similar tracking technologies, and in our mobile apps we use analogous technologies (like advertising IDs and analytics SDKs) to collect information about your browsing and usage behavior, preferences, and engagement with our content. This can include data such as click-stream data, referring/exit pages, and other behavioral analytics data. (See Cookies and Tracking Technologies below for details.)
  • Transactional and Payment Information: if you make purchases for virtual credits or in-app content on the Platform, we collect information about those transactions. This may include purchase history and, in some cases, payment details (for example, billing address or partial credit card information) as processed by app stores or payment processors. Note we do not store full financial account numbers; payments in mobile apps are typically handled by Apple App Store or Google Play, and we receive confirmation of your purchase and associated user ID rather than your sensitive payment data.
  • Communications and Support Data: information you provide when contacting us for support, submitting feedback, or otherwise corresponding with us (e.g. via email or in-app support chat). This can include your contact details and the content of your communications.
  • Third-Party Social or Platform Data: if you choose to link or log in via a social network (such as Facebook) or another third-party platform, we may receive information from that source – for example, your social media profile name, friend list (if you allow it), or other information you agree to share from your account on that third-party service. We use and protect any such information in accordance with this Policy.
  • Approximate Location Data: we may infer your general location (country or region) from your IP address or device settings. This is used for purposes like matchmaking in games, content localization, or ensuring compliance with regional legal requirements. We do not collect precise GPS location from your device unless you expressly grant permission through your device settings.

We collect the above information either directly from you (for example, when you register, fill out forms, or communicate with us) or automatically through technology (such as when our system or third-party analytics tools record usage data via cookies, SDKs, or similar tech). In some cases, we may also obtain data about you from third parties – for instance, advertising or analytics partners, or if a friend invites you to the Platform, we might receive your nickname or ID from them. We limit our collection to what is relevant and necessary for the purposes described in this Policy.

How We Use Your Information

We use the personal and technical information collected for the following purposes, in accordance with applicable law:

  • Providing and Operating the Service: We process data to allow you to register and maintain an account, to let you play our social casino games, and to enable core features of the Platform. This includes remembering your in-game progress, virtual currency balances, account settings, and preferences. We use your information to authenticate your logins, deliver the game content, update your in-game status, and otherwise perform the contract with you for using our Platform.
  • Improving and Personalizing the User Experience: We analyze usage data and feedback to understand how our users interact with the Platform and to make improvements. This helps us fix bugs, optimize performance, and develop new features or games that better suit our users’ preferences. In addition, we may use your data (such as game history or preferences) to personalize content and recommendations – for example, suggesting games you might enjoy, tailoring the in-game offers or bonuses to your play style, or customizing the user interface.
  • Behavioral Analytics: We utilize analytics tools (both our own and third-party services like Google Analytics or similar) to collect aggregated statistical information about how users behave on our Platform. This behavioral data (e.g. which game levels are most played, where users tend to spend the most time, how they respond to new features) is used to make data-driven decisions in improving game design and user engagement. These analytics are typically performed on de-identified or aggregated data (not on data that directly identifies you) wherever possible.
  • Personalized Advertising and Marketing: With your consent where required, we use data for targeted advertising and promotional communications. This means we (or third-party advertising partners) may process certain identifiers and usage data to show you ads that are relevant to your interests on our Platform or on other websites/apps. For example, we might display in-app advertisements for promotions or other games tailored to what we think you’ll enjoy, or allow partners to use cookies/SDKs to deliver interest-based ads. We also may send you marketing emails or push notifications about new features, contests, or special offers, but you can opt-out of these messages at any time. (See Your Rights and Choices below for how to control advertising preferences.) Note: We do not engage in sharing your contact info with unaffiliated third parties for their own marketing; all personalized ads you see are either provided through our Platform or via authorized ad networks in accordance with this Policy.
  • Communications and Customer Support: We use your contact information (like email) to send service-related communications. These include confirmations of account actions (e.g., password resets), important announcements about the Platform (such as changes to this Policy or alerts about service availability), and responses to any inquiries or support requests you send us. We also use data from your messages to address any issues or improve our support services.
  • Security and Fraud Prevention: We process certain data to maintain the security and integrity of our Platform and community. For instance, we may monitor gameplay and interactions to detect cheating, bot activity, or violations of our Terms of Service. We also use personal identifiers and technical data to prevent, detect, and investigate fraud, hacking, harassment, or other malicious activities. This helps keep our Platform a fair and safe environment for all players.
  • Legal Compliance and Enforcement: We may use or disclose personal information as necessary to comply with applicable laws, regulations, legal processes or enforceable governmental requests. For example, we might retain transaction records for tax or auditing obligations, or disclose data in response to a lawful subpoena. We also will use data as needed to enforce our Terms and Conditions, to assert or defend against legal claims, and to protect our rights, property, and safety or that of our users or others (for instance, investigating fraud or security incidents).

Our use of personal data is grounded in one or more legal bases under GDPR/UK GDPR. Generally, the primary bases include: performance of a contract (providing the services you requested), legitimate interests (such as improving our products, ensuring security, and marketing to existing customers in a proportional way), consent (for certain marketing cookies or where required by law for e.g. electronic marketing communications), and compliance with legal obligations. We balance any processing under legitimate interests against your privacy rights and will honor your rights to object or opt-out as described below.

Cookies and Tracking Technologies

What Are Cookies: Cookies are small text files placed on your device (computer or mobile) when you visit a website. They allow the site to remember your actions or preferences over time. Similar tracking technologies used in our mobile apps include software development kits (SDKs) or mobile identifiers that function analogously to cookies. In this Policy, we refer to all these technologies collectively as “cookies.” We use cookies and similar technologies on our Platform to collect and store certain information when you use or interact with our services.

Why We Use Cookies: We utilize cookies for several important purposes: (1) to make our Platform work efficiently and enable core functionality, (2) to remember your preferences (such as language or game settings), (3) to gather analytics data about usage of our Platform, and (4) to support personalized advertising and marketing. Cookies help us provide a smooth experience – for example, by keeping you logged in, saving your progress, and delivering content relevant to you.

Types of Cookies We Use: Our cookies (and third-party cookies on our sites) can be categorized as follows:

  • Strictly Necessary Cookies: These cookies are essential for the operation of our website and services. They enable core features such as user authentication, security, and network management. For instance, they remember your session ID so you can stay logged in, or keep track of items in a shopping cart. Without these, the services you have asked for (like access to secure account areas) cannot be provided. These cookies do not require user consent under privacy laws as they are used solely to provide the service you requested. However, we still disclose their use here for transparency.
  • Functionality Cookies: These cookies allow our Platform to remember choices you make and provide enhanced, more personal features. For example, they may recall your game settings, language preference, or sound options so that you don’t have to reconfigure them each time. They can also enable certain non-essential but useful features, like remembering if you’ve already seen a tutorial so as not to show it again. The information collected by functionality cookies is not used to track your browsing activity on other sites, and these cookies can often be disabled via your browser without fully disabling the core service (though some preferences might not be saved).
  • Performance & Analytics Cookies: These cookies collect information about how visitors use our website or app – for instance, which pages or screens are visited most often, how users navigate through the Platform, and if any errors occur. We use this information in aggregate form to understand and improve how our Platform works. For example, analytics cookies help us learn which game features are popular or identify performance issues. Data from these cookies does not directly identify you (it’s typically aggregated and anonymized). Some of these cookies are set by third-party analytics providers (like Google Analytics) on our behalf. We treat these cookies as optional – meaning, where required by law (e.g., in the EU/UK), we will only deploy them with your consent.
  • Targeting or Advertising Cookies: These cookies are used to deliver advertisements that are more relevant to you and your interests. They may be set through our site by our advertising partners or ad networks with our permission. They remember that you have visited our Platform and may track your browsing habits over time and across different websites or apps. This data is used to build a profile of your interests so that the ads you see (whether on our Platform or elsewhere) are tailored to you. For example, if you often play a certain type of casino game, we or our partners might show you promotions for similar games you haven’t tried yet. Advertising cookies also help limit the number of times you see the same ad and measure the effectiveness of ad campaigns. These cookies involve sharing some data with advertisers or third-party networks (like an identifier to recognize your device). Important: We do not allow third-party advertisers to collect directly identifiable personal information (like your name or email) via cookies on our site; they mainly receive pseudonymous data (like a cookie ID or device ID) linked to your browsing behavior. Nevertheless, because advertising cookies can be intrusive to privacy, we obtain your consent to use them where required, and provide you the ability to opt out of targeted advertising (see below).

In addition to the above, we may use Web Beacons/Pixels, which are small transparent images or scripts, in our emails or webpages. These work in combination with cookies to understand whether a particular page was visited or an email was opened (e.g., to gauge the success of a marketing campaign). We also may use local storage or other device storage methods for similar purposes as cookies.

Third-Party Cookies and SDKs: Some cookies (or mobile app trackers) on our Platform are placed by third parties that provide services to us. For example, analytics providers may set cookies to track user interactions (so that they can compile usage statistics for us), and advertising partners may set cookies or mobile ad IDs to enable delivering personalized ads. Social media plugins might also set cookies if you interact with a “Like” or “Share” button. These third parties may recognize your device when you visit our Platform and also when you visit other sites or apps. We do not control these third-party technologies, and their use is subject to the third parties’ own privacy policies. However, we do contractually require our service providers to only use data from cookies as needed to provide their services, and not for their independent purposes. We recommend you review the privacy and cookie policies of any such third-party services (e.g., Google, Facebook) for more information on their practices.

Your Choices: Managing Cookies and Opt-Out: You have several options to control or limit how cookies and similar technologies are used:

  • Cookie Consent Banner: On our website (in jurisdictions where required), we provide a cookie consent banner or preference center when you first visit. This allows you to choose which categories of cookies you consent to. Essential cookies (which are necessary for service) will run regardless, but you can opt-in or opt-out of analytics and advertising cookies. You can change your preferences at any time by accessing our cookie settings tool (e.g., via a “Cookie Preferences” link on our site). We will honor any choices you make and won’t use non-essential cookies without your consent, in line with GDPR’s requirements for a “clear affirmative action”.
  • Browser Settings: Most web browsers let you refuse or delete cookies. You can set your browser to block all cookies or to alert you when a cookie is being set. You can also usually delete cookies that have already been set. Please note, if you disable all cookies, some parts of our website may not function properly (for example, you might not be able to stay logged in or use certain interactive features). For guidance on how to adjust browser cookie settings, you can consult your browser’s help documentation or resources like the UK ICO’s guide on cookies setting]. Even if you opt out of advertising cookies, you may still see ads – they just won’t be personalized based on cookies.
  • Mobile Device Settings: If you are using our mobile apps, cookies per se aren’t used, but your device’s advertising identifier or similar may be used for ads personalization. Modern mobile operating systems provide settings to control targeted advertising. For example, on iOS you can go to Settings > Privacy & Security > Apple Advertising and turn off Personalized Ads, and on Android you can go to Settings > Privacy > Ads and use the option to Delete or Reset your Advertising ID and/or opt out of interest-based ads. Using these settings will limit our app’s ability (and third parties’ ability) to use your data for targeted ads on that device.
  • Do Not Track and Global Privacy Control: “Do Not Track” (DNT) is a browser setting that signals a preference not to be tracked across websites. Our Platform currently does not respond to DNT signals in a uniform way, due to lack of industry standard, and instead we rely on the consent and opt-out mechanisms described in this Policy. However, we recognize the Global Privacy Control (GPC) signal, which is an emerging standard specifically supported under California law for opting out of “sales/sharing” of personal data. If our website detects a GPC signal from your browser, we will treat it as a valid opt-out of cookies that could be considered a “sale” or for targeted advertising to the extent required by CCPA/CPRA. In other words, California consumers can use GPC and we will honor it as we would a manual opt-out request.

For more detailed information on our use of cookies, you can refer to this Policy (which, as recommended, explains what cookies are used, for what purposes, and how you can opt-out). If you have questions about specific cookies or need assistance managing your preferences, please contact us.

Disclosure of Information

We treat your personal information with care and do not sell it to data brokers for money. However, in the normal course of operating our social casino Platform, we do share information with certain third parties, as detailed below. Whenever we disclose data, we ensure there is a valid legal basis and, where required, contractual safeguards in place (such as data processing agreements) to protect your information.

  1. Service Providers: We use trusted third-party companies to perform services on our behalf, and we may need to give them access to personal information for those purposes. Examples of service providers include: cloud hosting providers (that store our databases and content), payment processors (that facilitate purchases you make), analytics providers (that help us understand Platform usage), customer support tools, and email/SMS delivery services. These service providers are bound by obligations to only use your data under our instructions and for the intended service, and to keep it secure. They do not have independent rights to use your personal information for their own marketing or other purposes.
  2. Advertising and Marketing Partners: We may share certain limited information with third-party advertising networks or partners in order to facilitate personalized ads on our Platform or on third-party channels. For example, we might upload a hashed version of your email or device ID to a platform like Facebook or Google to target ads to you (only if you’ve allowed marketing). Or, we enable third-party ad SDKs in our app that may collect device identifiers and usage data to serve targeted ads. Importantly, any such sharing is done only for advertising purposes in connection with our services. Under the CCPA , sharing data for cross-context behavioral advertising is defined as a “sharing” (or even a “sale” in some cases) of personal information. We want to be transparent that, while we do not sell your data for monetary consideration, the use of third-party advertising cookies/identifiers on our Platform may be considered a “sale” or “sharing” under California law because it involves transferring data (like your device ID or browsing activity) to an ad partner to create profiles about you to show ads. Your rights: If you are a California resident, you have the right to opt out of this kind of data sharing (see Your Rights section below for how to exercise this). We will comply with opt-out requests by not sharing identifiable data for targeted advertising and/or by instructing our ad partners to disable personalized ads for your profile.
  3. Business Partners & Affiliates: In some cases, we may share your information with strategic partners or affiliates (companies under common ownership with us) if doing so is necessary to provide the services or integrate additional features. For instance, if our social casino platform runs promotions in partnership with another company, your data may be shared with that partner for the limited purpose of executing the promotion (and only with appropriate notices to you). If ADS Projects Group Ltd. ever forms subsidiaries or merges with another company, your data might be shared within that corporate family. All such entities will honor the commitments in this Policy. If we ever seek to share data with third parties for their own independent purposes (for example, a game studio that wants to offer you a special deal in their separate app), we would only do so with your consent.
  4. Legal and Safety Disclosures: We may disclose personal information when we believe in good faith that such disclosure is necessary to comply with a legal obligation or valid legal process (e.g., a court order or government subpoena). We may also disclose data to protect our rights or property, or the rights, property, and safety of our users or the public. For example, if we detect fraudulent activity, we might report details to law enforcement. If users engage in potentially illegal behavior (like real-money gambling or harassment via our Platform), we might share data with appropriate authorities or investigators as permitted by law. Additionally, if required for an audit or to respond to regulators (such as data protection authorities), we may provide relevant information. We ensure any disclosure for legal reasons is reviewed carefully and is limited to the information reasonably necessary to fulfill the purpose.
  5. Corporate Transactions: In the event of a merger, acquisition, bankruptcy or sale of all or a portion of our business/assets, user information may be transferred to the acquiring or merging entity. We would require any such successor to handle personal data in a manner consistent with this Policy (and we will notify you, for example via email or a notice on our site, if your data becomes subject to a new Privacy Policy as a result of a business transaction). Your choices regarding your personal information would remain, and we would give you an opportunity to opt out or delete your data if the new entity’s use of data differs materially from what is described here.

Aside from the situations above, we will not disclose your personal information to third parties without your consent. We do not sell mailing lists or personal details to third-party marketers. Any sharing of data is mainly for the operation of the Platform, compliance with the law, or protecting our legitimate interests as described. When we do share data, we strive to do so in a minimized and secure way – for example, sharing anonymized or aggregated statistics where possible, rather than raw personal data.

International Data Transfers

Our Platform is global, so your information may be transferred to and processed in countries other than your own. ADS Projects Group Ltd. is based in the United Kingdom, and many of our servers and service providers are located in the United States and other regions. This means that if you are an EU/EEA resident or from another region with data protection laws, your personal data might be transferred to jurisdictions (like the UK or USA) that may not have the same level of data protection laws as your home country. For example, the UK is no longer in the EU but currently benefits from an EU adequacy decision, and the US generally does not have an adequacy decision (aside from specific frameworks) – so we take additional steps for those transfers.

Whenever we transfer personal data internationally, we take measures to ensure appropriate safeguards are in place to protect your information in line with GDPR and other regulations. These safeguards may include:

  • Standard Contractual Clauses (SCCs): If we transfer EU/EEA or UK personal data to a third party in a country without an adequacy decision (e.g., to the US), we’ll often rely on European Commission or UK-approved contractual clauses that legally bind the recipient to protect the data according to EU/UK standards.
  • Data Privacy Frameworks: We may rely on certified compliance frameworks for data transfer, where applicable. (For instance, if a US service provider is certified under the EU-US Data Privacy Framework or Swiss-US framework, we might transfer data under those assurances.)
  • Binding Corporate Rules: If applicable within our corporate group (in the event we have multiple entities processing EU data), we may adopt Binding Corporate Rules approved by regulators to enable free intra-group transfers with adequate protection.
  • Other Safeguards: We also consider technical measures such as encryption in transit and at rest, as well as minimization (sending only what’s necessary). We evaluate on a case-by-case basis whether additional supplementary measures are needed to ensure data is afforded essentially equivalent protection to that in the EU.

By using our Platform or providing us your information, you consent to the transfer of your personal data across international borders as described in this section (to the extent such consent is required and valid in your jurisdiction). We understand our responsibility to protect your data wherever it is processed, and will handle it securely and in accordance with this Policy. If you have questions about our international transfer mechanisms, you can contact us for more information.

Data Retention

We will retain your personal information only as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. In practice, this means:

  • Active account data (such as your profile, game progress, etc.) is kept for as long as you have an account with us.
  • If you delete your account or it becomes inactive, we will either delete or anonymize your personal data after a specified period, unless we need to keep it longer to comply with legal obligations or to resolve disputes. For example, we might retain some transaction records for tax or anti-fraud purposes even after account deletion, if required by law.
  • Data collected for marketing purposes (like email contact info) is kept until you unsubscribe or ask us to delete it, or if we notice you haven’t engaged with our communications for a long time.
  • Cookies and analytics data have varying retention periods – some cookies expire automatically after you close your browser, while others may persist for a set period (e.g., 30 days, 90 days, or longer). We align with industry norms and legal requirements in setting these durations, and you can clear cookies at any time manually.
  • Backup and archival copies: our systems may retain backup copies of your data (e.g., in server backups or log files) for a certain period beyond deletion, but these are secured and only retained for continuity and recovery purposes before being overwritten or destroyed.

Where we process personal data based on your consent and you withdraw that consent, we will stop processing the data for that purpose. However, we may need to retain some information to note that you’ve opted out, so we don’t inadvertently contact you again (for example, maintaining your email on a suppression list). We also may retain information if necessary to establish, exercise, or defend legal claims.

In summary, we strive to keep data only for as long as truly needed. We regularly review what data we have and erase or anonymize personal data that is no longer required. If deletion is not feasible (for example, because the data is stored in backups), we ensure it is not used for any active purpose until it can be deleted.

Data Security

We have implemented appropriate technical and organizational security measures to protect your personal information from unauthorized access, loss, misuse, or alteration. These measures include, for example, encryption of data in transit (using TLS for our websites), access controls and authentication requirements for our databases, and regular security audits of our systems. We also limit access to personal data to employees and contractors who need it to perform their roles, and they are subject to strict confidentiality obligations.

Additionally, we monitor our Platform for potential vulnerabilities and attacks, and we have incident response plans ready in case of any data breaches. If we discover a security breach that compromises your personal data, we will notify you and the relevant authorities as required by law.

Please note, however, that no method of transmission over the Internet or method of electronic storage is 100% secure. While we are committed to protecting your information, we cannot guarantee absolute security. You also play a role in keeping your data safe – we urge you to use a strong, unique password for your account and to keep your login credentials confidential. If you suspect any unauthorized access to your account or any security vulnerabilities, please contact us immediately.

Your Rights and Choices

You have various privacy rights regarding your personal data, which may vary depending on your location. We are dedicated to honoring these rights and have processes in place to enable you to exercise them. Below, we outline key privacy rights for users in different jurisdictions and how you can use them:

Rights for EU and UK Individuals

If you are located in the European Union, United Kingdom, or a jurisdiction with similar data protection laws, you have the following rights under the GDPR (and UK GDPR) in relation to your personal data:

  • Right to Be Informed: You have the right to clear and transparent information about how we collect and use your personal data (hence this Privacy Policy, which aims to provide that information).
  • Right of Access: You can request a copy of the personal data we hold about you, and obtain supplemental information about how it is processed. This is commonly known as a “data subject access request.” We will provide you with a copy of the data in a common format, usually within 1 month (unless an extension is permitted by law).
  • Right to Rectification: If any of your personal information is inaccurate or incomplete, you have the right to ask us to correct it. For example, if you change your email address, you can update it in your account settings or ask us to update our records.
  • Right to Erasure: You have the right to request deletion of your personal data in certain circumstances. This is sometimes called the “right to be forgotten.” We will erase your data upon request if it’s no longer necessary for us to retain it for the purposes it was collected, or if you withdraw consent (where consent was the basis) and no other legal basis justifies keeping it. Note that this right is not absolute – sometimes we must retain certain data to comply with laws or defend legal claims, in which case we will inform you. Deleting your data may involve terminating your account and removing identifiable information from our systems.
  • Right to Restrict Processing: You can ask us to limit the processing of your data (i.e., keep it but not actively use it) in certain situations – for example, while we are addressing a data accuracy correction, or if you have objected to processing and we are considering that request. When processing is restricted, we will mark the data as limited and only process it with your consent or for legal reasons.
  • Right to Data Portability: You have the right to receive the personal data you have provided to us in a structured, commonly used, machine-readable format, and to have that data transmitted to another controller where technically feasible. This right applies when processing is based on your consent or a contract and carried out by automated means. Essentially, it allows you to take your data to another service.
  • Right to Object: You have the right to object to our processing of your personal data when the basis is our legitimate interests or a task in the public interest. If you object, we will consider whether our reasons for using your data outweigh your privacy rights. If they do not, we will stop that processing. You also have an absolute right to object to direct marketing – which means if you object to or opt-out of marketing communications, we will stop sending them. This includes profiling related to direct marketing. (In practice, you can unsubscribe from emails via the link provided, or adjust your preferences in settings.)
  • Right not to be subject to Automated Decisions: We do not make any legally significant decisions about you solely by automated means (without human involvement). However, GDPR gives you the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal or similarly significant effects. In the event we ever implement such automated decision-making (for example, an algorithmic account action with significant effect), you would have the right to request human review of the decision. Currently, our personalized features (like game suggestions) involve no such impactful decisions.

To exercise any of these rights, please contact us at info@luckyfycasino.com with your request. We may need to verify your identity before fulfilling the request (to ensure we do not disclose data to the wrong person). We will respond within one month of receiving a valid request, or inform you if we need more time. There is no fee for making a request, except in exceptional cases of repetitive or excessive requests where a small fee may be allowed by law.

Additionally, EU and UK users have the right to lodge a complaint with a supervisory authority (such as the UK Information Commissioner’s Office, or your country’s Data Protection Authority) if you believe our processing of your personal data violates the law. We encourage you to contact us first so we can address your concerns, but you are free to reach out to the authorities at any time.

Rights for California Residents

If you are a resident of California, you are entitled to certain rights under the CCPA (California Consumer Privacy Act) and the CPRA (California Privacy Rights Act, which amends the CCPA). These rights, as of the effective date of this Policy, include:

  • Right to Know: You have the right to request that we disclose the specific pieces and categories of personal information we have collected about you in the past 12 months, the categories of sources of that information, the business or commercial purposes for collecting it, and the categories of third parties with whom we shared or sold that information. Essentially, you can ask, “What personal information do you have about me and how have you used or shared it?” and we must provide that information to you in a portable format (once we verify your request).
  • Right to Delete: You have the right to request that we delete personal information we have collected from you (and direct our service providers to do the same), subject to certain exceptions. If you request deletion, we will remove the personal information we hold about you from our records and instruct our service providers to do so as well, unless retaining the information is necessary for us or our providers for a reason allowed by the CCPA. For example, we may deny deletion if the data is required to complete a transaction you requested, to detect security incidents, to comply with a legal obligation, or other limited purposes enumerated by law. We will inform you of any such exceptions that apply if we cannot fulfill part of your deletion request.
  • Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you (taking into account the nature of the information and the purposes of processing). If you become aware that we have incorrect information (e.g., an outdated email or an incorrect profile detail), you can ask us to update it, and we will do so upon verification and where feasible.
  • Right to Opt-Out of Sale or Sharing: You have the right to opt out of the “sale” or “sharing” of your personal information to third parties. As noted earlier, we do not sell personal data for money; however, we may share certain data with third parties for advertising which may be considered a “sale” or “sharing” under California law (i.e., sharing for cross-context behavioral advertising). California residents can exercise this right by using the “Do Not Sell or Share My Personal Information” link on our website (if applicable) or by contacting us. Once you opt out, we will stop sharing your data with third parties for those purposes, and instruct our advertising partners to cease using data from our site/app for targeted ads directed to you. We also honor global privacy control (GPC) signals as an opt-out request.
  • Right to Limit Use of Sensitive Personal Information: The CPRA introduces a right to limit the use of “sensitive personal information” (SPI) if a business uses SPI beyond what is necessary for providing the services. Examples of SPI include precise geolocation, account passwords, genetic data, etc. We do not collect or use sensitive personal information for purposes that would trigger this right (we don’t engage in profiling using sensitive data, for instance). If in future we did, California users would have the right to direct us to limit the processing of their sensitive data to only what is necessary. We will update this Policy and provide a mechanism (such as a “Limit Use of My Sensitive Info” link) if that ever becomes relevant.
  • Right to Non-Discrimination: You have the right not to receive discriminatory treatment from us for exercising any of your CCPA rights. This means we will not deny you goods or services, charge you a different price, or provide a lesser quality of service just because you exercised your privacy rights under CCPA. For example, if you opt out of the sale of your data, we won’t disable your account or reduce your game functionality as a consequence (except to the extent a data feature was inherently tied to providing a personalized experience you opted out of). However, the law does allow businesses to offer different prices or services if that difference is reasonably related to the value of your data. We do not currently offer any such financial incentives or price differences based on data sharing. If we ever do (e.g., a loyalty program that offers rewards in exchange for certain data uses), we will provide you with terms of that program and you can choose to opt in. Regardless, we will never penalize you for exercising your rights.

How to Exercise California Rights: If you are a California resident and wish to exercise any of the above rights, you (or your authorized agent) can contact us by email at info@luckyfycasino.com with the subject line “California Rights Request” and specify which right you seek to exercise. For opt-out of sale/sharing, you may also use the designated “Do Not Sell or Share” link on our website (if available) or send us an opt-out request via email. We will need to verify your identity to a reasonable degree of certainty before fulfilling requests to know, delete, or correct (to ensure we are acting on the right person’s behalf). This might involve matching information you provide with data we have on file or asking for additional verification information. We will respond to verifiable requests within 45 days as required by CCPA (or notify you if an extension of up to 45 more days is needed). If we cannot fulfill your request, we will explain the reason (for example, we could not verify your identity or an exemption applies).

If you have an authorized agent submitting a request on your behalf, we will require proof of the agent’s authorization (such as a written permission from you or a power of attorney). We also may need you to verify your own identity with us directly, unless the agent has an appropriate power of attorney under California law.

For more information about your California rights, you may also visit the California Attorney General’s CCPA page. Our goal is to process your requests in compliance with the law and to give you control over your information.

Other Jurisdictions

If you reside in other states or countries, you may have similar rights under local laws (for example, certain other U.S. states have privacy laws providing rights to access, delete, etc., and many countries have GDPR-inspired laws). We will respect any applicable rights you have. You can contact us to inquire about your privacy rights and we will assist you in accordance with the applicable legislation.

Regardless of location, all users can request deletion of their account or data, or opt out of marketing communications, at any time, and we will endeavor to comply as fully as possible. We believe in giving users control and choice over their data.

Children’s Privacy

Our Platform is not intended for anyone under the age of 18. We do not knowingly collect personal information from children or minors under 18 years old. The games on our Platform simulate gambling and are meant for adults; thus, we take steps to avoid admitting underage users. If you are under 18, you must not use the Platform or provide any personal data to us (if we learn that you are under 18, we will terminate your account). Parents or guardians should supervise their children’s online activities and consider using parental controls available from online services.

If we become aware that we have inadvertently collected personal information from a child under 18, we will take immediate steps to delete that information from our records. If you are a parent or guardian and you believe that your child under 18 has provided us with personal information, please contact us immediately at: info@luckyfycasino.com. We will then work to locate and erase the data in question. (For users in certain jurisdictions with higher age thresholds: If local law requires a higher minimum age for collection of personal data without parental consent, we will comply with that requirement as well.)

For clarity, our policy is to refuse service to minors and to comply with all applicable laws such as the U.S. Children’s Online Privacy Protection Act (COPPA) which applies to children under 13, even though our content is aimed at adult audiences. We do not knowingly solicit data from or market to children.

Updates to This Privacy Policy

We may update or revise this Privacy and Cookies Policy from time to time in response to evolving legal, technical, or business developments. When we make changes, we will post the updated Policy on this page and update the “Last Updated” date at the end of this document. If the changes are significant, we may also notify you through additional means (such as by sending you an email notification or by placing a prominent notice in the game or on our site).

We encourage you to review this Policy periodically to stay informed about how we are protecting your information. Your continued use of our Platform after any changes to this Policy have been posted will signify your acceptance of the updated terms, to the extent permitted by law. If we materially change how we use or share personal data, we will obtain consent for those new practices if required. This Policy is an important document – please keep it for your records and refer to it when needed.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy and Cookies Policy or the way your personal information is handled, please do not hesitate to contact us:

ADS Projects Group Ltd.

Email: info@luckyfycasino.com

We are keen to address any privacy-related inquiries promptly and transparently. Whether you want to exercise your rights, report a problem, or simply ask a question about our data practices, we will respond and do our best to resolve your issue. Your privacy is important to us, and we are committed to upholding the principles and procedures outlined in this Policy to give you a safe and enjoyable experience on our Platform.

Last Updated: August 25, 2025