SkyCrown Casino Privacy Policy
Version: 6.1
Effective From: February 13, 2022
Last Updated: April 15, 2025
Privacy frameworks evolve alongside global compliance landscapes. Sky Crown Australia highly recommend reviewing this Policy periodically to remain fully aware of how your personal data is collected, processed, and safeguarded.
This Privacy Policy (the “Policy”) outlines our structural procedures for managing your personal information. All processes conform to top-tier international data protection laws, including the General Data Protection Regulation (GDPR) and the Personal Information Protection and Electronic Documents Act (PIPEDA).
1. General Provisions & Ownership
The official platform https://sky-crown-casinos.com/ (referred to herein as the “Casino”, “we”, or “us”) is owned and operated by Metlait SRL.
- Corporate Address: El Guayaval, Residencial La Campina Casa Numero Q-11, Cartago, El Guarco, Tejar, 30801 – Costa Rica
- Registration Number: 3-102-911867
Metlait SRL acts directly as the Data Controller, deciding the operational purposes and methods for handling your information throughout our commercial relationship.
Data Protection Officer (DPO)
For dedicated technical questions regarding data security, privacy compliance, or to exercise your administrative rights, you can contact our designated Data Protection Officer directly at: [email protected].
2. Comprehensive Data Processing
We operate on the principle of data minimization. We only collect personal details that are accurate, relevant, and strictly necessary to manage your gaming profile.
2.1 Categories of Data Collected
| Data Category | Specific Elements Processed |
| 1. Identity Data | Legal first and last name, account username, date of birth, biological gender, nationality, and official government identification markers (e.g., passport, national ID card, or driver’s license number). |
| 2. Contact Data | Physical residential address, verified proof of residency paperwork (such as utility bills), email addresses, mobile telephone numbers, and adjacent digital communication channels. |
| 3. Financial & Transactional | Bank account routing codes, encrypted credit/debit card details, comprehensive payment histories (deposits, stakes, and cashouts), and mandatory Source of Wealth (SoW) or Source of Funds (SoF) proofs (such as tax declarations or certified bank statements). |
| 4. Gaming Activity | Granular logs of individual games launched, chronological login/logout timestamps, wagering histories, real-time balance metrics, promotional bonus utilization, and mandatory responsible gaming event tracking. |
| 5. Technical Footprint | Device IP addresses, localized geo-location telemetry, individual account login credentials, web browser specifications, local time zone configurations, operating system architectures, and underlying device metadata. |
| 6. Communications | Individual preferences regarding promotional outreach, corporate newsletters, and records of conversations held with support via live chat, email, or ticketing systems. |
| 7. Voluntary Information | Any supplemental documentation, text, or profile context provided by choice when interacting with our player relations team. |
2.2 Core Information Sources
To protect platform integrity and ensure compliance, data is gathered via two channels:
- Direct Submissions: Data you manually fill out during your skycrown registration, profile adjustments, or support inquiries.
- Third-Party Databases: Verification records pulled from financial networks, localized AML/PEP tracking databases, independent credit reporting systems, and collaborative regulatory or responsible gambling frameworks.
2.3 Retention Guidelines
We store your data only for as long as required by its processing purpose or statutory laws.
Regulatory Compliance Hold: To satisfy global Anti-Money Laundering (AML) mandates, core identity, financial history, and contact documentation must be securely retained for a minimum of five (5) years starting from the exact date your SkyCrown account is officially closed.
Once these statutory preservation terms expire, your data is permanently deleted, scrubbed from physical archives, or rendered completely anonymous using modern data protection standards.
2.4 Legal Grounds for Data Processing
[Data Processing at SkyCrown]
│
├──► Contractual Performance ─── (To administer accounts, process payments, and support gameplay)
├──► Statutory Obligations ──── (To enforce AML checks, KYC verification, and responsible gaming)
├──► Legitimate Interests ───── (To monitor network integrity, prevent fraud, and run analytics)
└──► User Consent ───────────── (To deliver personalized marketing and tailored bonuses)
2.5 Data Disclosures & Trusted Third Parties
We never sell your personal information. To maintain uninterrupted services, we selectively share essential data vectors with vetted third parties contractually bound to privacy regulations. Authorized categories include:
- Affiliate companies within our corporate group.
- Licensed iGaming software and game aggregation providers.
- Regulated payment gateways and financial processors.
- Automated KYC verification tools and credit screening databases.
- External legal advisors, accountants, and industry auditors.
- Prospective corporate entities in the event of a merger, sale, or structural acquisition (users are notified beforehand).
3. Cross-Border Data Transfers
Because our technical infrastructure operates internationally (including distributed IT hosting networks, 24/7 service centers, and data nodes), your information may cross regional borders. To protect your data, all cross-border transmissions rely on recognized safety mechanisms, such as the European Commission’s Standard Contractual Clauses (SCCs) or transfers to jurisdictions with established adequacy decisions.
4. Your Rights as a Data Subject
Under modern data frameworks, you retain full ownership of your personal information. You can invoke the following administrative rights at any time by contacting our DPO:
- Right of Access: Request a complete digital readout of all personal information currently tied to your profile.
- Right to Rectification: Mandate immediate changes to any outdated or inaccurate personal details.
- Right to Erasure (“Right to be Forgotten”): Request full data deletion, provided the information is no longer bound by active statutory retention frameworks (such as the 5-year AML hold).
- Right to Restrict Processing: Limit how your data is handled under specific scenarios (e.g., during active accuracy disputes).
- Right to Data Portability: Request a structured, machine-readable transfer of your personal data to an alternative digital platform.
- Right to Object: Oppose specific data uses tied to corporate legitimate interests or commercial marketing initiatives.
- Right to Consent Withdrawal: Cancel marketing permissions at any time via your account dashboard or helpdesk links.
- Right to Complain: File a formal grievance regarding our processing methods with your localized Data Protection Authority.
Automated Systems Note: We do not employ fully automated decision-making or algorithmic profiling systems that carry legal consequences for our users. Should such systems be integrated, you will receive a standalone disclosure detailing those mechanics.
5. Protection of Minors
Access to SkyCrown Casino is strictly limited to individuals who are 18 years of age or older (or the respective legal age of majority within your domestic jurisdiction). We run active verification loops to identify and stop any underage registration attempts. If we discover that a minor has bypassed these checks using false info, all associated data is wiped from our active systems, and the profile is instantly terminated.
6. Advanced Data Security Infrastructure
To secure your personal data against structural vulnerabilities, malicious intercepts, or unauthorized viewing, Metlait SRL deploys a multi-layered security grid:
Physical & Environmental Facility Controls
Our main processing servers are hosted in highly secure, industry-certified data centers. Physical access points are protected by perimeter guards, biometric locks, video surveillance, and restricted clearance protocols.
System Access Mechanisms
Internal database architectures are protected by firewalls and mandatory authentication layers. Administrative privileges are siloed using unique user credentials, making it impossible for unauthorized staff to query the core database.
Internal Data Access Governance
Data handling inside our corporation follows the “Need-to-Know” principle. Staff members are only granted access to the specific data strings required to fulfill their roles (e.g., KYC document verification). We also enforce clean data separation practices to prevent cross-contamination or accidental mixing of player files.
Organizational Strategy
We train all platform personnel on data privacy laws, compliance standards, and information security risks. Our operations are audited under the direct supervision of our Data Protection Officer.