Privacy Policy: Protecting Your Digital Treasure

Last Updated: November 2025
Effective Date: November 2025

At Pirate777, we treat your personal information with the same diligence we guard our most valuable treasures. This Privacy Policy explains what data we collect from you, how we use it, why we need it, and how we keep it secured under our bank-grade security infrastructure.

By registering an account and using the Pirate777 platform, you agree to the terms of this policy.

1. The Treasure We Collect (Data Collected)

We only collect data necessary to provide you with secure, compliant, and enjoyable service. This “treasure” falls into three categories:

A. Data You Provide Directly (Registration & Verification)

Personal Identity Data: Name, date of birth, gender, nationality, and Malaysian NRIC or Passport number
Contact Data: Residential address, email address, and mobile phone number (for WhatsApp support)
Verification Data (KYC): Copies of identity documents, proof of address, and other information required to confirm your age and identity, ensuring compliance with Anti-Money Laundering (AML) laws
Financial Data: Details required to process deposits and withdrawals, including bank name, account number, and FPX/E-wallet details

B. Data Collected Automatically (Usage and Technical)

Transaction Data: Comprehensive history of your deposits, withdrawals, wagers, winnings, and account balances
Technical Data: IP address, device model, operating system, browser type, time zone settings, and location data (for security and geo-compliance)
Activity Data: Login times, pages viewed, time spent on the site, and interaction with our games and services

C. Data from Third Parties

We receive limited data from trusted partners, such as:

Payment service providers (confirming successful transactions)
External verification providers (confirming identity checks)
Game providers (session data, wagering activity)

2. How We Use Your Treasure (Purpose of Data Processing)

We process your data for the following essential purposes:

Purpose	Why We Need It
Service Delivery	To manage your account, process financial transactions (deposits/payouts), and provide access to our slot games
Security & Verification (KYC)	To verify your identity and age (must be 18+), detect and prevent fraudulent activity, and comply with strict Anti-Money Laundering (AML) regulations. This is non-negotiable for bank-grade security
Regulatory Compliance	To fulfill legal obligations related to licensing, financial reporting, and Responsible Gaming (RG) requirements (e.g., applying self-exclusion or limits)
Customer Support	To communicate with you regarding your account, resolve disputes, and respond to inquiries via email or WhatsApp Command Center
Responsible Gaming	To monitor player activity for signs of problem gambling and to enforce player protection measures you have requested
Marketing (Consent-Based)	To send you promotional materials, exclusive offers, and personalized bonuses, only if you have explicitly consented to receive such communications

2A. Legal Basis for Processing Your Data

Under data protection laws (including GDPR and Malaysian PDPA), we must have a lawful basis to process your personal data. Here’s our legal basis for each purpose:

Purpose	Legal Basis	Explanation
Service Delivery	Contract	Processing is necessary to provide you with gaming services you’ve requested
Identity Verification (KYC)	Legal Obligation	Required by AML/CTF regulations and gaming compliance laws
Security & Fraud Prevention	Legitimate Interest	We have a legitimate interest in protecting our platform and players from fraud
Regulatory Compliance	Legal Obligation	Required to comply with licensing, tax, and regulatory requirements
Customer Support	Contract	Necessary to fulfill our service agreement with you
Responsible Gaming Monitoring	Legal Obligation + Legitimate Interest	Required by gaming regulations and our duty of care to players
Marketing Communications	Consent	We only send marketing if you’ve explicitly opted in (you can withdraw consent anytime)

What this means: We only process your data when we have a valid legal reason to do so, and we’re transparent about that reason.

3. Cookies and Tracking Technologies

What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us:

Remember your login session (so you don’t have to log in repeatedly)
Track your preferences (language selection, display settings)
Analyze site performance and user behavior
Prevent fraud and enhance security
Deliver personalized gaming experience

Types of Cookies We Use:

Cookie Type	Purpose	Duration	Can You Disable?
Essential Cookies	Required for basic site functionality (login, security, session management)	Session	❌ No – site won’t work without them
Performance Cookies	Help us understand how visitors use our site (analytics)	Up to 2 years	✅ Yes – via browser settings
Functional Cookies	Remember your preferences (language, game favorites, settings)	Up to 1 year	✅ Yes – but you’ll lose saved preferences
Marketing Cookies	Used to show you relevant promotions (only if you’ve consented)	Up to 1 year	✅ Yes – via cookie preferences or opt-out

How to Manage Cookies:

Browser Settings:

You can control cookies through your browser settings:

Chrome: Settings → Privacy and Security → Cookies and other site data
Safari: Preferences → Privacy → Manage Website Data
Firefox: Options → Privacy & Security → Cookies and Site Data
Edge: Settings → Cookies and site permissions

Note: Disabling essential cookies will prevent you from logging in and using our services.

Third-Party Analytics:

We may use third-party analytics services (such as Google Analytics) to understand site usage patterns and improve our platform. These services use cookies to collect data about your visits.

For more information:

Google Analytics Privacy Policy: https://policies.google.com/privacy
Opt-out option: Google Analytics Opt-out Browser Add-on

4. The Digital Vault (Data Security and Retention)

A. Security Measures

Your data is protected by the Bank-Grade Security Infrastructure detailed on our About Us page. This includes:

Encryption:

✅ All communication between your browser and our servers is secured using TLS/SSL encryption (256-bit)
✅ Financial data is always encrypted both in transit and at rest
✅ Passwords are hashed and salted (we never store plain-text passwords)

Access Control:

✅ Access to player data is strictly limited to authorized personnel who require it for specific job functions (e.g., payout processing, compliance checks)
✅ Multi-factor authentication required for all staff accessing sensitive systems
✅ Regular access audits and activity logging

Infrastructure Security:

✅ Isolated, secured servers for storing highly sensitive personal and financial data
✅ Regular security penetration testing
✅ Firewall protection and DDoS mitigation
✅ Real-time monitoring for suspicious activity

B. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, including compliance with legal, accounting, and reporting requirements.

Account Data:

Active accounts: Retained for the duration your account is active
Closed accounts: Retained for a mandatory period (typically 5 years) after account closure for AML compliance and dispute resolution

Transaction Records:

Retained for 7 years (standard accounting and regulatory requirement)

Marketing Data:

Retained until you withdraw your consent or opt-out of receiving communications
Automatically purged within 30 days of opt-out

KYC Documents:

Retained for 5 years after account closure (AML regulatory requirement)

Support Communications:

Retained for 3 years for dispute resolution purposes

C. Data Breach Notification

While we employ bank-grade security, no system is 100% invulnerable. In the unlikely event of a data breach:

Our Response:

✅ Immediate investigation and containment
✅ Notification to affected users within 72 hours (where legally required)
✅ Notification to relevant regulatory authorities
✅ Detailed explanation of what data was affected
✅ Clear guidance on protective steps you should take

You Will Be Informed About:

What data was compromised
When the breach occurred
What we’re doing to prevent recurrence
Steps you should take (password reset, monitor bank accounts, enable 2FA, etc.)

How We’ll Contact You:

Email to your registered address
In-account notification upon login
WhatsApp message (if urgent and severe)

Note: We take security incidents extremely seriously and will always prioritize transparency and player protection over reputation concerns.

5. Sharing the Treasure (Disclosure of Data)

We will never sell your personal data. We only share it with trusted third parties necessary for running the service or complying with the law:

Who We Share With:

Payment Processors:

Banks, FPX, and E-wallet providers (Touch’n Go, GrabPay, ShopeePay, DoitNow)
Data shared: Name, account details, transaction amounts
Purpose: To facilitate deposits and withdrawals

Game Providers:

Certified studios (Playtech, Pragmatic Play, PG Soft, Mega888, etc.)
Data shared: Account ID, current balance, wagering activity
Purpose: To enable game functionality and track wagers/winnings

Identity Verification Partners:

External KYC services used to cross-reference identity documents
Data shared: Name, date of birth, ID documents, address
Purpose: Prevent fraud, verify age, comply with AML regulations

Service Providers:

Cloud hosting, analytics, customer support tools
Data shared: Varies by service (minimal necessary data)
Purpose: Platform operation and improvement

All third parties are bound by strict confidentiality agreements and data protection obligations.

5A. International Data Transfers

Where Your Data May Be Stored:

Pirate777 operates internationally, which means your personal data may be:

Stored on servers located outside Malaysia
Processed by service providers in different countries
Accessed by our support team from various locations

Regions Where Data May Be Processed:

Singapore (primary data center hosting)
European Union (game provider servers)
United States (analytics and security services)
Cloud infrastructure (AWS, Google Cloud, or similar with global presence)

How We Protect Your Data Internationally:

When we transfer your data outside Malaysia, we ensure it’s protected by:

Standard Contractual Clauses (SCCs): We use EU-approved contract templates with all data processors
Adequacy Decisions: We prioritize countries with strong data protection laws recognized by international standards
Encryption in Transit: All data transfers use encrypted channels (TLS/SSL)
Vendor Due Diligence: We only work with processors who meet international security standards (ISO 27001, SOC 2, etc.)

Your Rights Remain: Regardless of where your data is processed, your rights under this policy remain fully enforceable. You can always exercise your data rights by contacting us.

6. Marketing Communications & Your Choices

Types of Marketing:

We may send you marketing communications:

Email: Promotional offers, new game announcements, exclusive bonuses
SMS: Time-sensitive offers and account updates
WhatsApp: Personalized promotions
In-Platform Notifications: Banners and pop-ups when you log in

How to Opt Out (Unsubscribe):

Instantly Opt Out of All Marketing:

WhatsApp: Message us “Unsubscribe” or adjust your preferences

Alternative Methods:

Email: Click the “Unsubscribe” link at the bottom of any marketing email
SMS: Reply “STOP” to any promotional SMS message
Contact Support: Email us with “Unsubscribe” in the subject line

Important Note:

Opting out of marketing does NOT stop:

✅ Account security notifications (password resets, suspicious login attempts)
✅ Transaction confirmations (deposits, withdrawals, pending transactions)
✅ Responsible gaming communications (limit reminders, self-exclusion confirmations)
✅ Legal/compliance updates (policy changes, regulatory notices, terms updates)

These are essential communications required to operate your account safely and legally. You cannot opt out of these.

How Long Until It Takes Effect:

Email/SMS opt-out: Immediate (you may receive 1-2 already-scheduled messages within 24 hours)
WhatsApp opt-out: Immediate
Database update: Fully synced across all systems within 48 hours

7. Your Captain’s Rights (Your Data Rights)

As a Pirate777 player, you have the following rights regarding your personal data:

Right to Correction (Rectification)

What it means: You can request that we correct any data you believe is inaccurate or incomplete

How to exercise: Log into your account and update information directly, or contact support for fields you cannot change

Response time: Corrections processed within 48 hours for simple updates

Right to Erasure (‘Right to be Forgotten’)

What it means: You can request the deletion of your data

Important limitations: This is subject to our legal and regulatory obligations (e.g., AML data retention requirements of 5 years)

How to exercise: Contact support with “Data Deletion Request”

What happens: We will delete all data not required for legal compliance. Legally required data (KYC, transactions) will be retained per regulatory timelines, then permanently deleted

Right to Object

What it means: You can object to the processing of your data for marketing purposes at any time

How to exercise: Use any of the opt-out methods listed in Section 6

Effect: Immediate cessation of marketing communications

Right to Data Portability

What it means: You can request your data in a commonly used, machine-readable format

How to exercise: Contact support with “Data Portability Request”

What you’ll receive: Your data in CSV or JSON format (where technically feasible)

Right to Restrict Processing

What it means: You can request we limit how we use your data while we investigate a complaint or concern

How to exercise: Contact support explaining your concern

Effect: We will “freeze” your data and only use it for essential purposes until the issue is resolved

Response Timeline:

Simple inquiries (marketing opt-out, preference changes): Within 48 hours
Data access requests (copies of your data): Within 14 days
Complex requests (data correction, partial erasure): Within 30 days
Urgent security matters (suspected breach, unauthorized access): Within 24 hours

If we need more time due to complexity, we’ll inform you within the initial period and provide a revised timeline.

8. Children’s Privacy

Pirate777 is strictly 18+ only.

We do not knowingly collect personal data from anyone under 18 years of age.

If We Discover Underage Use:

✅ Account will be immediately suspended
✅ All personal data will be permanently deleted
✅ Deposits will be refunded to the original payment source
✅ Winnings will be forfeited (as per our Terms & Conditions)

If You’re a Parent or Guardian:

If you believe your child has provided us with personal data:

Contact us immediately
Subject line: “Underage Account Report”
We will: Promptly investigate, verify, and delete any data

Parental Control Tools:

We strongly recommend parents use filtering software to prevent minors from accessing gambling sites:

NetNanny: https://www.netnanny.com
Qustodio: https://www.qustodio.com
Norton Family: https://family.norton.com
Built-in Controls: iOS Screen Time, Android Family Link

These tools can block gambling websites and monitor online activity.

9. Communication and Contact

If you have any questions about this Privacy Policy, the data we hold on you, or if you wish to exercise your rights, please contact us:

Contact Information:

💬 Contact | 📧 Email

💬 Available in:

English
Bahasa Malaysia
Chinese (中文)

📍 Our Commitment:

We aim to respond to all legitimate requests within the timelines specified in Section 7. Your privacy concerns are our priority, and we’re here to help with any questions or requests.

10. Changes to This Privacy Policy

How We Update This Policy:

We may update this Privacy Policy from time to time to reflect:

Changes in our data practices
New legal or regulatory requirements
Enhanced security measures
User feedback and improvement requests
New features or services

How We’ll Notify You of Changes:

When we make significant changes, we will notify you through:

✅ Email notification to all registered users
✅ Prominent banner on our website for 30 days
✅ Updated “Last Modified” date at the top of this policy
✅ Summary of changes posted in a “What’s New” section

Minor changes (typo corrections, clarifications) may be made without notification, but the “Last Updated” date will always reflect the most recent revision.

Your Acceptance:

Continued use of Pirate777 after changes are posted constitutes acceptance of the updated policy. If you do not agree with the changes, you may close your account by contacting support.

Policy Information

Last Updated: November 2025
Effective Date: November 2025
Next Review Date: November 2026
Policy Version: 1.0

Regulatory Compliance

This Privacy Policy complies with:

✅ Malaysia Personal Data Protection Act 2010 (PDPA)
✅ General Data Protection Regulation (GDPR) – EU Regulation 2016/679
✅ Singapore Personal Data Protection Act 2012 (PDPA-SG)
✅ International data protection best practices

Related Policies

Terms & Conditions – Complete rules and player agreements
Responsible Gaming Policy – Player protection and safety tools
Fair Play Policy – Game integrity and fairness commitments
About Us – Learn more about Pirate777
Resource Hub – Policies, guides, and help

Summary: Your Privacy Matters

At Pirate777, we believe:

🔒 Your data is YOUR treasure – We guard it as carefully as our own
⚖️ Transparency builds trust – We’re clear about what we collect and why
🛡️ Security is non-negotiable – Bank-grade protection for all player data
👤 You’re in control – Exercise your rights anytime, without judgment
📞 We’re here to help – Questions? Contact us 24/7

Thank you for trusting Pirate777 with your personal information. We take that trust seriously and work every day to protect your digital treasure. ⚓