Skip links

Data Retention Policy for Wanted Dead Or a Wild Slot Game in UK

Punt Casino Bonus Code ᐅ Free Chips & Promo Offers (2025)

Playing Wanted Dead Or a Wild Slot game means submitting personal data. This document details exactly how long we keep it, why, and what technical protections underpin each category—all aligned with UK GDPR, the Data Protection Act 2018, and PCI DSS. We process identity documents, financial transactions, gameplay telemetry, responsible gambling markers, and marketing consents, each with its own retention clock. Identity records are retained for five years after account closure. Financial logs are stored for seven, matching HMRC requirements. Gameplay data undergoes 24 months before anonymisation is applied. Full card numbers never enter our systems—only tokenised aliases—and every byte is encrypted. Independent auditors check our automated deletion routines, and any schedule slip activates a full incident response. A version-controlled policy log tracks every edit, and we provide you 30 days’ notice before material changes take effect. Subject access and deletion requests are managed within statutory deadlines.

Fundamental Definitions and Extent of Personal Data

We cast a wide net on what constitutes personal data. Direct identifiers—name, email, billing address, masked payment details—are accompanied by indirect signals like hashed IP addresses, device fingerprints, browser agents, and advertising tokens. Behavioural data covers session length, bet sizing, spin velocity, and how often feature triggers fire. Even pseudonymised logs can identify again a person when stitched together, so we treat them as personal. Our lawful bases are contractual necessity, legitimate interest for fraud prevention, and explicit consent for game-related marketing. Full card numbers get tokenised before storage. We never collect special category data. Encryption and access controls apply uniformly, and retention rules extend across live databases, archives, and backups without exception. Each window commences from the last activity or transaction date, spelled out below. We review definitions every six months to stay aligned with regulatory guidance.

Access Request and Erasure Workflows

When an SAR lands, we generate a organized JSON/CSV export of all non-purged data within one month, expandable by two months for complex cases. The export spans live databases, encrypted archives, and processor tokens, provided via a one-time secure link that expires in 72 hours. For deletion, we implement a cascade: immediate account suppression and token revocation, then queued erasure of all personal data not subject to legal hold. We create a confirmation report outlining erased versus retained categories and their justifications. This report is maintained as auditable proof for as long as the longest surviving data category. All requests are recorded immutably for five years.

Monetary Transaction and Settlement Records

Funding, withdrawal, and wager logs are retained for seven years from the transaction date, per HMRC and FCA rules. We do not store full PANs or CVVs. We capture only the BIN, last four digits, and a tokenised alias. Chargeback disputes halt the contested record until final outcome, after which the seven-year clock restarts. Data is partitioned quarterly so automated purging operates cleanly, with monthly deletion runs verified by auditors. Tokenised card references remain valid only while your account is open and are erased within thirty days of closing. Aggregated, anonymised totals persist for financial reporting without any personal identifiers. All financial data is secured and isolated from marketing systems.

Secured Payment Instruments and Processor References

Payment gateways create vaulted tokens that map your card to a non-sensitive alias. We keep them for the account lifetime plus a thirty-day grace window, then send deletion commands to the processor and clear our own mapping. The only evidence left behind is an anonymised transaction hash used in aggregate statements, themselves purged after seven years. No usable credentials ever sit on our systems. We track token revocation daily and raise incidents if deletion fails. Tokens are linked to our merchant code and cannot be used other places. Weekly reconciliation confirms validity, and tokens tied to lost or stolen cards are invalidated immediately. All token operations are logged and verifiable. Aggregate reports never expose individual transaction hashes.

Responsible Gambling and Self-Exclusion Registers

Betting limits, reality checks, and timeout settings are kept for your account’s lifetime and never removed while it is active. If you choose to ban yourself, your hashed identity and device fingerprints are added to a specific exclusion register maintained indefinitely under UKGC licence requirements. The register is secured separately, checked only at login or registration, and never used for analytics. Permission is confined to trained compliance staff, and all queries are tracked for three years. The register holds only identity blocks—no monetary or gameplay records. We check it annually to rectify errors and remove deceased individuals. Otherwise, it is kept indefinite. This retention is obligatory and free from deletion requests.

Session Awareness and Play Time Restriction Enforcement

Reality check counters use temporary session counters that restart every 24 hours, beginning again from your first spin after midnight. Your chosen interval—say, 30 minutes—is kept persistently and automatically reactivates when you return, even after a long break. Changing the interval mid-session sets the new value immediately for the next reminder. These settings are removed only upon validated account deletion. Session timer data sits in a specific, encrypted store separate data-api.marketindex.com.au from gameplay analytics. The 24-hour counter is based on play start, not midnight, for correctness. All timer configurations are verifiable through the same three-year access log standard. We at no time analyze or market based on these settings.

Marketing Approval and Message Logs

We maintain your consent document—timestamped, IP-stamped, and with capture method—for the duration of our relationship plus six years after cancellation, to comply with PECR obligations. Send logs for e-mails, push notifications, and SMS are kept for only thirteen months. Revoking consent right away halts communications while retaining historical proof. A segmented database provides suppression without lag, and consent logs are held in a dedicated compliance archive. Send logs contain metadata only—heading, time, status—not full message content. The six-year post-withdrawal period reflects the statute of limitations for regulatory probes. Quarterly audits confirm no expired consents initiate mailings. We never tailor offers with gameplay or financial data beyond explicit authorisations.

Gaming Session and Analytics of Behavior Data

All spins on Wanted Dead Or a Wild records reel positions, RNG seed, and net outcome with microsecond precision. We keep these raw logs for twenty-four months, then condense them into an anonymous statistical digest used for game design. Session behavioural profiles—average bet, spin cadence, feature buy-ins—persist for the same 24-month window and are then deleted. Feature trigger heatmaps persist for 12 months before merging into a global model. RNG seed audit trails get 36 months. Error diagnostics get 90 days. No individual gameplay data goes into credit or marketing profiling. All logs are encrypted and off-limits to marketing teams.

  • Spin-level logs: 24 months from event date, then anonymized aggregation
  • Session behavioural profiles: 24 months from last session, then deleted
  • RNG seed audit trails: 36 months to comply with technical standards
  • Feature trigger heatmaps: 12 months, then combined into global model
  • Error and crash diagnostic logs: 90 days, then cycled out

Technology Framework and Data Location

Which MI Online Casino Has the Best Welcome Bonus? | Pokerfuse

All data is stored in UK-based ISO 27001 Tier III+ data centres, with no replication outside the UK. A hot disaster recovery site in a separate UK zone synchronizes every six hours. Backups are encrypted client-side and adhere to identical retention rules. We implement least privilege with hardware MFA for administrators, capturing their sessions in an immutable three-year audit trail. Multi-factor authentication integrates a hardware token and biometric check. Penetration tests run quarterly, and an independent auditor confirms automated purge schedules. Any deviation raises a Severity 1 incident, reported to our DPO within four hours. We also maintain an air-gapped backup rotated weekly, following the same deletion policies.

Key Lifecycle Administration

Master keys are renewed every 90 days automatically inside an HSM. New keys are never exported in plaintext. Rotated keys are retained for the data’s retention period plus 12 months for lawful forensic access. When a data category is purged, its key is deleted inside the HSM, making any backups unrecoverable. We bind each key to a single data partition, avoid reuse, and conduct quarterly witnessed key ceremonies logged immutably for five years. The offline archive of old keys demands dual control and is stored on write-once media in a fireproof safe. Annual recovery drills ensure forensic decryption works when needed. No plaintext key material ever exits the HSM boundary.

Registration Account and Verification of Identity Data

Core identity profiles—government ID scans, address verification, biometric selfie matches—are kept for five years after your final session or account closure, whichever comes later wanteddeadorwild.uk. This encompasses contractual limitation periods and AML obligations. We retrieve only the essentials: ID number, expiration date, citizenship. The high-resolution image gets shredded right after extraction. Once the five-year period pass, all original data is erased, but a hash of the verification outcome persists for an additional two years inside an audit log. Identity data sits stored encrypted with AES-256-GCM, kept separate from analytics, and every data access is recorded for three years. Optional fields like birthplace are deleted at verification time to shrink the data size. Yearly audits confirm accuracy and proactively delete expired data.

File Upload and Biometric Processing

Submit an ID through our safe portal and automated checking completes within ninety seconds. We extract the document number, expiration date, country of citizenship, and a confidence score, then shred the high-resolution image instantly—it never touches disk. The original file stays in an memory buffer and vanishes after processing. A reduced, stamped preview is generated for audit purposes and kept only for the ID lifecycle. That thumbnail lives in a write-once vault with tight controls and is never exposed to client support. Collected information are encrypted and kept for the five-year plus two-year hash timeframe. All processing runs on ISO 27001 certified UK servers, and every small image access is recorded immutably.

Specifics of Biometric Data

Liveness checks capture a short video stream completely in memory. Images are processed and discarded within milliseconds. Only a mathematical vector of facial points persists. This vector lacks any image data and cannot be reconstructed into a face. It remains for the entire identity verification process and is permanently deleted upon account termination or after a five-year period. The vector sits in a specialized HSM with auto-expiry and is never transferred. Authentication checks happen inside the HSM’s secure enclave without disclosing the original vector. The data set is linked to a anonymous identifier unlinked from marketing data, which makes re-identifying highly challenging. Even system admins cannot see or rebuild facial attributes from the stored vector.

Policy Assessment and Data Breach Protocols

We evaluate this policy every six months or upon material change to the game or regulation. Reviews are documented with DPO, CISO, and legal counsel. A public summary is published in our privacy centre, minus confidential details. Material changes are emailed 30 days ahead. Minor edits are silently recorded. If a breach occurs affecting data under this policy, we notify affected individuals within 72 hours if high risk, file with the ICO, and post a transparency notice. Third-party processor breaches must follow the same protocol. We keep a breach notification log audited quarterly. Post-incident reviews adjust controls as needed. Biannual tabletop exercises simulate misconfigurations and ransomware to test our response.

Policy Versioning and Revision History

We keep a version-controlled history of this policy with semantic versioning and plain-English summaries of each change. The log details exactly which sections changed and why. Previous versions remain accessible for comparison, so you can see precisely what was added or removed. Material modifications affecting your rights are communicated via email at least thirty days in advance. Minor typographical fixes are deployed silently but still recorded. Each entry is cryptographically signed to prove integrity, and annual independent audits verify the log’s accuracy. The log is a living document reflecting our evolving data practices. You can access the full change log through a link in our privacy centre at any time. This transparent approach shows our commitment to accountable data governance.

Explore
Drag