MegaPari Privacy Policy
This document explains how this platform manages the collection, processing, protection, disclosure, and deletion of personal data for India users. Use of the services indicates consent to the practices described in this policy. The policy aims to provide transparent information on what is collected, why it is used, and how it is safeguarded. It also explains user rights and how to exercise them.
Privacy and Data Protection
- Personal data that may be collected
- Identification and contact details: name, date of birth, address, email, mobile number, government identity details for KYC.
- Account information: username, security credentials, verification records.
- Transaction data: payment method details, deposits, withdrawals, UPI or card references handled by payment providers.
- Usage and device data: IP address, device identifiers, browser type, language, time zone, app and website activity, approximate location.
- Responsible gaming information: self-exclusion status, limits, activity patterns relevant to safer play.
- Why this data is collected
- To create and administer accounts and provide online services.
- To verify age and identity and meet anti-money laundering and counter-terrorist financing obligations.
- To process payments, prevent fraud, and manage risk.
- To provide customer support, resolve disputes, and enforce terms.
- To improve products, analytics, and site performance.
- Protection measures
- Technical safeguards: TLS encryption in transit, encryption and tokenisation for sensitive information, firewalls, anti-fraud controls, secure development practices, monitoring and logging.
- Organisational measures: role-based access, staff training, vendor due diligence, incident response procedures, regular audits, PCI DSS alignment for card data handled by certified partners.
- User rights
- Access: request a copy of personal information.
- Correction: update inaccurate or incomplete records.
- Deletion: request erasure where permitted by law and contract.
- Restriction and objection: limit certain processing in specific cases.
- Consent withdrawal: opt out of non-essential processing.
- Legal compliance
- Compliant with India’s Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and the SPDI Rules, 2011.
- Anti-money laundering and KYC requirements under applicable Indian laws and guidelines.
- GDPR-aligned principles applied where relevant to international users.
- Retention
- Personal data is retained only for as long as needed for the purposes described, and to meet legal and regulatory requirements. This may include retention for audit, tax, and AML obligations, often 5 to 10 years after account closure.
- Contact
- Users can contact the Data Protection team through in-account support or the contact details published on the website for privacy queries.
Use of Collected Information
- Account and service delivery
- Create and manage accounts, provide gaming and sportsbook services, process transactions, and maintain security.
- Compliance and risk
- Perform identity checks, age verification, sanctions screening, fraud detection, AML monitoring, and report to authorities where required by law.
- Customer support
- Respond to requests, complaints, disputes, and service issues.
- Improvement and analytics
- Analyse site usage, troubleshoot, test features, and enhance performance and usability.
- Personalisation
- Tailor content, language, and settings based on user preferences and prior activity.
- Marketing and consent choices
- Send service-related communications. Non-essential marketing is sent only where permitted by law and user preferences, and can be withdrawn at any time.
- Legal bases for processing
- Consent provided by the user for defined purposes.
- Performance of a contract to deliver services and process payments.
- Legal obligations including AML, tax, and regulatory requests.
- Legitimate interests such as security, fraud prevention, and product improvement, balanced against user rights.
Access to Information
- How to access or update
- Review and edit profile information in account settings where available.
- Submit a request through the Help Centre or the contact details on the website to obtain a copy of personal data.
- Correction
- Provide details of the information to be corrected and supporting documents if required for verification.
- Requests are handled in a reasonable time, typically within 30 days.
- Deletion
- Users may request deletion where processing is no longer necessary or consent is withdrawn. Certain records must be retained to meet legal and AML requirements.
- Identity verification
- Before disclosing or altering information, identity verification may be required to protect user privacy and prevent unauthorised access.
- Security checks and payments
- By using MegaPari, the user consents to security checks for KYC, AML, sanctions screening, and to processing of payment data by payment service providers and banks.
Protection of Children’s Privacy
- Access is restricted to persons aged 18 years and above.
- Age cannot be reliably verified without documents. Identity and age checks may be requested at registration, before withdrawals, or during risk reviews.
- If a parent or legal guardian believes a minor has provided personal information, a request may be made for prompt deletion. Proof of guardianship and the minor’s details will be required. Any related account will be closed and associated data removed where permitted by law.
International Data Transfers
- Personal data may be processed in other countries where service providers, payment partners, customer support, or hosting providers operate.
- Use of the websites and services signifies consent to these transfers, subject to applicable law.
- Safeguards include contractual protections, confidentiality undertakings, standard contractual clauses where relevant, access controls, and encryption.
- Partners are bound to maintain confidentiality and apply security measures that are appropriate for the sensitivity of the information.
Legal Disclaimer
- This disclaimer clarifies that some provisions may be limited by applicable law, regulatory guidance, or contractual terms. Interpretation of this policy may be adjusted to reflect those requirements.
- The disclaimer applies once the user accepts this policy through signature, online acceptance, or accession to the terms during registration or continued use of the services.
- If any provision is invalid under law, the remaining parts continue to apply to the maximum extent permitted.
Use of Cookies
- Definition
- Cookies are small text files stored on a device by a browser when visiting websites or using services. Similar technologies include pixels, SDKs, and local storage.
- Purposes
- Essential operation and security.
- Statistics and analytics to understand usage and improve performance.
- Behaviour analysis to detect fraud and maintain service integrity.
- Personalisation of content and settings.
- Advertising and measurement subject to consent where required.
- Retention
- Non-essential cookies are retained for up to 1 year unless deleted earlier by the user. Essential cookies may have different lifespans needed for service delivery.
- Choices
- Cookie preferences can be managed in the browser and, where provided, through the site’s cookie banner or settings. Disabling some cookies may affect functionality.
Acceptance of Privacy Policy
- Use of the websites and services constitutes full acceptance of this policy and any related documents referenced here.
- The current version published on this page prevails over prior versions. Users should review updates periodically, including after material changes.
Third-Party Privacy Practices
- Sharing may occur with
- Payment processors, banks, and UPI partners to process transactions.
- KYC, AML, and fraud prevention service providers.
- Hosting, security, analytics, and customer support vendors.
- Professional advisers, auditors, and affiliates for compliance and governance.
- Law enforcement, regulators, courts, or tax authorities when required by law or to defend legal claims.
- Purpose and scope
- Data shared is limited to what is necessary for the stated purpose, subject to confidentiality and data protection obligations.
- Where a detailed list of third parties is not available on the site, the user will be informed of the purpose and scope on request.
- Consent
- Providing information and using the services indicates consent to sharing that information with third parties for the purposes described, in line with applicable law.
Links to Other Websites
- The websites may include links to external sites or services that have their own privacy policies.
- The operator is not responsible for how those parties collect, use, or disclose personal information.
- Users should review the privacy document and terms on any external site before providing information or continuing to use that service.
Updated: