1. Introduction

gamewheel.it.com (“we”, “us”, “our”) is committed to protecting your privacy and handling your personal data with transparency and care. This Policy explains what information we collect, how we use it, your rights under the UK GDPR and Data Protection Act 2018, and how to contact us.

2. Data Controller

The data controller responsible for your personal data is gamewheel.it.com, registered in England & Wales. For details, refer to our Contact Information section below.

3. Information We Collect

3.1 Data You Provide

• Account Details: name, email, username, password, date of birth
• Contact & Billing: address, phone number
• Payment Data: card details processed by PCI-DSS-compliant providers
• Gaming Activity: purchase history, preferences, reviews
• Communications: support requests, feedback

3.2 Data Collected Automatically

• Technical Data: IP address, device, browser, operating system
• Usage Data: pages visited, session duration, interaction logs
• Performance Metrics: download speeds, error reports

4. How We Use Your Data

• Service Delivery: account setup, order processing, game delivery, customer support
• Communications: transactional messages, security alerts, marketing (with consent)
• Personalisation: recommendations, tailored offers
• Security & Fraud Prevention: monitoring, anti-fraud checks, access control
• Compliance: legal obligations, tax, age verification

5. Legal Bases for Processing

• Contractual Necessity: to fulfil orders and services you request
• Legitimate Interests: platform improvement, fraud prevention
• Legal Obligation: compliance with laws and regulations
• Consent: optional marketing communications and cookies

6. Data Sharing

6.1 Service Partners

• Payment processors, hosting providers, analytics, email platforms

6.2 Legal Requirements

We may disclose data to law enforcement or regulators as required by law.

6.3 Business Transfers

In the event of a merger or sale, personal data may be transferred under confidentiality protections.

7. Data Security

• SSL/TLS encryption for data in transit
• Encrypted storage and access controls
• Regular security audits and penetration testing
• Employee training on data protection best practices
• Incident response plan with breach notification procedures

8. Your Rights

• Access: obtain a copy of your data
• Rectification: correct inaccuracies
• Erasure: delete data where permitted
• Restriction: limit our processing
• Portability: receive data in machine-readable form
• Objection: object to processing based on legitimate interests

To exercise these rights, contact us using the details below. We will respond within one month.

9. Data Retention

• Account Data: retained until account deletion + 7 years
• Transaction Records: 7 years for legal compliance
• Support Logs: 3 years
• Marketing Consents: until withdrawal or 2 years inactivity
• Technical Logs: 12 months for performance monitoring

10. International Transfers

When transferring data outside the UK, we implement safeguards such as UK-approved Standard Contractual Clauses or adequacy decisions to ensure your rights are protected.

11. Children’s Privacy

We do not knowingly collect personal data from children under 13. Users aged 13–17 require parental consent for certain features, in line with UK law.

12. Changes to This Policy

We may update this Policy to reflect legal, technical, or business developments. Significant changes will be communicated via email and website notice.

Last Updated: June 17, 2025

13. Contact Us

For questions or to exercise your rights, contact: