Playing Wanted Dead Or a Wild Slot means providing personal data wanteddeadorwild.uk. This document details exactly how long we keep it, the rationale, and what technical protections underpin each category—all built around UK GDPR, the Data Protection Act 2018, and PCI DSS. We manage identity documents, financial transactions, gameplay telemetry, responsible gambling markers, and marketing consents, each with its unique retention clock. Identity records are kept for five years after account closure. Financial logs are stored for seven, matching HMRC requirements. Gameplay data gets 24 months before anonymisation kicks in. Full card numbers never reach our systems—only tokenised aliases—and every byte is protected. Independent auditors verify our automated deletion routines, and any schedule slip triggers a full incident response. A version-controlled policy log records every edit, and we provide you 30 days’ notice before material changes are implemented. Subject access and deletion requests are handled within statutory deadlines.
Core Definitions and Range of Personal Data
We adopt a comprehensive approach on what constitutes personal data. Direct identifiers—name, email, billing address, masked payment details—are accompanied by indirect signals like hashed IP addresses, device fingerprints, browser agents, and advertising tokens. Behavioural data encompasses session length, bet sizing, spin velocity, and how often feature triggers fire. Even pseudonymised logs can identify again a person when stitched together, so we regard them as personal. Our lawful bases are contractual necessity, legitimate interest for fraud prevention, and explicit consent for game-related marketing. Full card numbers get tokenised before storage. We never collect special category data. Encryption and access controls apply uniformly, and retention rules span live databases, archives, and backups without exception. Each window starts ticking from the last activity or transaction date, spelled out below. We revisit definitions every six months to stay aligned with regulatory guidance.
Consent for Marketing and Message Logs
We maintain your consent document—time-stamped, IP-marked, and method-recorded—for the entirety of our partnership plus six years after cancellation, to satisfy PECR rules. Dispatch records for electronic messages, push messages, and SMS are retained for only thirteen months. Revoking consent right away halts communications while retaining historical proof. A partitioned database provides suppression without delay, and consent logs are kept in a distinct compliance archive. Delivery logs contain metadata only—subject, timestamp, status—not full message content. The six-year post-withdrawal timeframe reflects the statute of limitations for regulatory probes. Quarterly audits confirm no expired consents initiate mailings. We never personalise offers with gameplay or financial data beyond explicit consents.
Safe Gambling and Player Ban Registers
Betting limits, session reminders, and timeout settings are stored for your account’s whole period and never removed while it is active. If you self-exclude, your hashed identity and device fingerprints enter a specialized exclusion register maintained permanently under UKGC licence requirements. The register is coded separately, queried only at login or registration, and never utilized for analytics. Permission is restricted to qualified compliance staff, and all lookups are recorded for three years. The register stores only identity blocks—no financial or gameplay records. We examine it annually to fix errors and remove deceased individuals. Otherwise, it is kept everlasting. This retention is obligatory and free from deletion requests.
Reality Check and Play Time Restriction Enforcement
Reality check counters use short-lived session counters that restart every 24 hours, restarting from your first spin after midnight. Your selected interval—say, 30 minutes—is kept persistently and routinely reactivates when you return, even after a long break. Modifying the interval mid-session introduces the new value immediately for the next reminder. These settings are purged only upon verified account deletion. Session timer data lies in a specific, encrypted store separate from gameplay analytics. The 24-hour counter is based on play start, not midnight, for accuracy. All timer configurations are verifiable through the same three-year access log standard. We never categorize or market based on these settings.
Technical Infrastructure and Data Storage
All data sits in UK-based ISO 27001 Tier III+ data centres, never replicated outside the UK. A hot disaster recovery site in a separate UK zone synchronizes every six hours. Backups are encrypted client-side and follow identical retention rules. We implement least privilege with hardware MFA for administrators, logging their sessions in an immutable three-year audit trail. Multi-factor authentication uses a hardware token and biometric check. Penetration tests run quarterly, and an independent auditor confirms automated purge schedules. Any deviation generates a Severity 1 incident, reported to our DPO within four hours. We also maintain an air-gapped backup rotated weekly, following the same deletion policies.
Encryption Key Lifecycle Management
Master keys rotate every 90 days automatically inside an HSM. New keys are never exported in plaintext. Rotated keys are stored for the data’s retention period plus 12 months for lawful forensic access. When a data category is purged, its key is destroyed inside the HSM, making any backups unrecoverable. We link each key to a single data partition, do not reuse, and conduct quarterly witnessed key ceremonies logged immutably for five years. The offline archive of old keys demands dual control and is stored on write-once media in a fireproof safe. Annual recovery drills guarantee forensic decryption works when needed. No plaintext key material ever exits the HSM boundary.
Gameplay Session and Analytics of Behavior Data
All spins on Wanted Dead Or a Wild records reel positions, RNG seed, and net outcome with microsecond precision. We retain these raw logs for twenty-four months, then compact them into an anonymous statistical digest utilized for game design. Session behavioural profiles—average bet, spin cadence, feature buy-ins—stay for the same 24-month window and are then deleted. Feature trigger heatmaps stay for 12 months before merging into a global model. RNG seed audit trails have 36 months. Error diagnostics have 90 days. No individual gameplay data goes into credit or marketing profiling. All logs are encrypted and off-limits to marketing teams.
- Spin-level logs: 24 months from event date, then anonymized aggregation
- Session behavioural profiles: 24 months from last session, then removed
- RNG seed audit trails: 36 months to meet technical standards
- Feature trigger heatmaps: 12 months, then integrated into global model
- Error and crash diagnostic logs: 90 days, then cycled out
Payment Transaction and Payment Records
Deposit, withdrawal, and wager records are kept for seven years from the transaction date, per HMRC and FCA rules. We do not store full PANs or CVVs. We capture only the BIN, last four digits, and a tokenised identifier. Chargeback disputes halt the contested record until final settlement, after which the seven-year clock resumes. Data is partitioned quarterly so automated purging operates cleanly, with monthly deletion runs audited by auditors. Tokenised card references remain valid only while your account is active and are erased within thirty days of closure. Summarised, anonymised totals remain for financial reporting without any personal details. All financial data is secured and quarantined from marketing systems.
Secured Payment Instruments and Processor References
Payment gateways produce vaulted tokens that map your card to a non-sensitive reference. We hold them for the account lifetime plus a thirty-day grace interval, then issue deletion commands to the processor and clear our own reference. The only evidence left behind is an anonymised transaction hash used in aggregate reports, themselves removed after seven years. No usable credentials ever reside on our systems. We track token revocation daily and raise incidents if deletion is unsuccessful. Tokens are linked to our merchant code and cannot be used other places. Weekly reconciliation verifies validity, and tokens tied to lost or stolen cards are cancelled immediately. All token operations are recorded and verifiable. Aggregate reports never expose individual transaction hashes.
Registration Account and Identity Verification Data
Primary identity records—government ID scans, address verification, biometric selfie verifications—are held for a five-year period after your last activity or account termination, whichever is later. This covers statutory limitation periods and AML obligations. We extract only the necessary details: document number, validity, country of citizenship. The high-resolution image gets destroyed upon extraction. Once the five-year period pass, all source data is erased, but a encrypted hash of the verification outcome persists for an additional two years inside an audit trail. Personal identity information sits encrypted in storage with AES-256-GCM, isolated from analytics, and every data access is recorded for 3 years. Non-essential fields like birth location are removed at verification stage to shrink the data volume. Yearly reviews confirm precision and proactively delete expired entries.
Uploading Documents and Biometric Processing
Provide an ID through our safe portal and automatic verification finishes within a minute and a half. We retrieve the ID number, validity, nationality, and a trust score, then destroy the full-resolution image right away—it never reaches storage. The initial file stays in an memory buffer and vanishes after analysis. A reduced, marked small image is generated for auditing purposes and retained only for the identity verification period. That preview lives in a write-once storage with rigorous controls and is never exposed to support staff. Collected information are encrypted and stored for the 5-year-plus-2-year hash period. All handling runs on UK-based ISO 27001 servers, and every preview retrieval is stored unchangeably.
Biometric Information Details
Liveness verifications collect a brief video feed solely in memory. Frames are processed and discarded within milliseconds. Only a data vector of facial landmarks survives. This numerical representation lacks any image data and cannot be turned back into a face. It remains for the entire identity verification process and is irreversibly removed upon closure of account or after a five-year period. The numerical representation sits in a specialized HSM with self-expiry and is never transferred. Authentication checks happen inside the HSM’s protected enclave without disclosing the raw vector. The numerical representation is bound to a anonymous identifier disconnected from marketing profiles, which makes re-identifying very hard. Even system admins cannot see or reconstruct face characteristics from the saved data.
Data Subject Access Request and Deletion Workflows
When a subject access request arrives, we produce a formatted JSON/CSV export of all non-purged data within one month, expandable by two months for complex cases. The export includes live databases, encrypted archives, and processor tokens, provided via a one-time secure link that expires in 72 hours. For deletion, we implement a cascade: immediate account suppression and token revocation, then batched erasure of all personal data not subject to legal hold. We create a confirmation report detailing erased versus retained categories and their justifications. This report is kept as auditable proof for as long as the longest surviving data category. All requests are logged immutably for five years.
Policy Assessment and Breach Notification Protocols
We assess this policy every six months or upon material change to the game or regulation. Reviews are recorded with DPO, CISO, and legal counsel. A public summary is displayed in our privacy centre, minus confidential details. Material changes are emailed 30 days ahead. Minor edits are silently recorded. If a breach occurs affecting data under this policy, we alert affected individuals within 72 hours if high risk, file with the ICO, and post a transparency notice. Third-party processor breaches must follow the same protocol. We maintain a breach notification log audited quarterly. Post-incident reviews update controls as needed. Biannual tabletop exercises simulate misconfigurations and ransomware to test our response.
Policy Version Control and Update Log
We keep a version-controlled history of this policy with semantic versioning and plain-English summaries of each change. The log outlines exactly which sections changed and why. Previous versions remain accessible for comparison, so you can see precisely what was added or removed. Material modifications affecting your rights are communicated via email at least thirty days in advance. Minor typographical fixes are deployed silently but still recorded. Each entry is cryptographically signed to prove integrity, and annual independent audits confirm the log’s accuracy. The log is a living document reflecting our evolving data practices. You can access the full change log through a link in our privacy centre at any time. This transparent approach reflects our commitment to accountable data governance.
Recent Posts
Uncategorized
Alternativas Legales a los Esteroides Anabólicos
Uncategorized
Optimalisatie van Bodybuilding: Veilig en Effectief Gebruik van Steroïden
Uncategorized
Essential Preparations for Competition Success