mario888 Privacy Policy

1. Introduction

This Privacy Policy ("Policy") describes how mario888 ("mario888", "we", "us", "our") collects, processes, stores, and discloses personal data in connection with the operation of the mario888 platform at mario888.win and all associated gaming services ("Platform"). This Policy applies to all registered and unregistered users accessing the Platform, including players based in Malaysia and other jurisdictions.

By registering a mario888 account, making a deposit, or continuing to use the Platform, you acknowledge that you have read this Policy in its entirety and consent to the data processing activities described herein. If you do not consent to any part of this Policy, you must discontinue use of mario888 immediately.

This Policy should be read alongside the mario888 Terms & Conditions and Responsible Gaming policy. All three documents collectively govern your relationship with mario888.

2. Personal Data We Collect

mario888 collects the following categories of personal data in connection with Platform operation:

2.1 Registration and Identity Data

• Full legal name as appearing on government-issued identification;
• Date of birth (collected to enforce the 21+ age restriction);
• Email address and account username;
• Country of residence and, where provided, physical address;
• Government-issued identification documents submitted during KYC verification (e.g., MyKad, passport).

2.2 Financial and Transaction Data

• Deposit and withdrawal transaction records, including amounts, timestamps, and payment method identifiers;
• eWallet account references (e.g., Touch n Go eWallet, Boost) used for transactions — mario888 does not store full eWallet credentials;
• Cryptocurrency wallet addresses used for USDT or Bitcoin transactions;
• Bank account details provided for IBG transfer withdrawals (Maybank, CIMB, Public Bank).

2.3 Gaming Activity Data

• Game session logs, wager amounts, outcomes, and game history;
• Bonus utilisation records and wagering requirement progress;
• Sportsbook bet selections, odds accepted, and settlement outcomes.

2.4 Technical and Device Data

• IP address and approximate geographic location derived from IP;
• Device type, operating system, and browser type;
• Session timestamps, login history, and Platform navigation patterns;
• Cookies and similar tracking technologies as described in Section 6.

2.5 Communications Data

• Support chat transcripts and email correspondence with mario888's customer service team;
• Responses to voluntary surveys or feedback submissions.

3. How mario888 Uses Your Data

mario888 processes your personal data for the following purposes:

• Account administration: Creating, maintaining, and securing your mario888 account; authenticating your identity at login; processing password resets and account recovery requests;
• Payment processing: Facilitating deposits and withdrawals via your chosen payment channels; reconciling transaction records; processing refunds where applicable;
• Regulatory compliance: Conducting KYC identity and age verification; meeting anti-money laundering (AML) obligations; responding to lawful requests from regulatory or law enforcement authorities;
• Fraud prevention and security: Detecting and investigating suspicious account activity, bonus abuse, multi-accounting, and other prohibited conduct outlined in the mario888 Terms & Conditions;
• Platform improvement: Analysing aggregated usage patterns to improve game selection, navigation, and performance for Malaysian players;
• Responsible gaming: Monitoring player behaviour for indicators of problem gambling; enforcing self-exclusion and deposit limit settings; fulfilling our duty of care obligations under mario888's Responsible Gaming policy;
• Marketing communications: Sending promotional emails and bonus notifications to players who have opted in to marketing communications. You may opt out at any time by contacting [email protected].

4. Legal Basis for Processing

mario888 processes personal data on the following legal grounds:

• Contractual necessity: Processing required to perform our obligations under the mario888 Terms & Conditions, including account management and payment processing;
• Legal obligation: Processing required to comply with applicable AML, KYC, and gaming regulatory requirements;
• Legitimate interests: Processing for fraud prevention, platform security, and responsible gaming monitoring, balanced against player privacy rights;
• Consent: Processing for marketing communications, where you have explicitly opted in. Consent may be withdrawn at any time.

5. Data Sharing and Disclosure

mario888 does not sell your personal data to third parties. We share personal data only in the following limited circumstances:

• Game providers: Licensed game studios integrated into the mario888 Platform receive session data necessary to operate their games. These providers are contractually bound by data protection obligations consistent with this Policy;
• Payment processors: eWallet operators, banking channels, and cryptocurrency processing services receive the minimum financial data necessary to process your transactions;
• KYC verification services: Third-party identity verification providers process identification documents solely for age and identity verification purposes;
• Regulatory and legal authorities: mario888 will disclose personal data to competent regulatory bodies, law enforcement agencies, or courts where required by applicable law or valid legal process;
• Corporate transactions: In the event of a merger, acquisition, or sale of substantially all assets, player data may be transferred to the successor entity subject to equivalent data protection commitments.

6. Cookies and Tracking Technologies

mario888 uses cookies and similar browser-based technologies on the Platform. The categories of cookies in use are:

• Strictly necessary cookies: Required for Platform functionality, including session authentication, security tokens, and load balancing. These cannot be disabled without impairing Platform use;
• Functional cookies: Store your preferences such as language settings, game lobby sort order, and last-visited game category;
• Analytics cookies: Aggregate, anonymised data on Platform usage patterns — page views, session duration, and game category engagement. This data does not identify individual players;
• Performance cookies: Monitor Platform response times and identify technical errors to support infrastructure improvement.

mario888 does not deploy third-party advertising cookies or behavioural tracking cookies for cross-site advertising purposes. You may manage cookie settings through your browser. Note that disabling strictly necessary cookies will impair your ability to use the mario888 Platform.

7. Data Retention

mario888 retains personal data for as long as your Account remains active and for such further period as is necessary to fulfil legal, regulatory, and contractual obligations. Specific retention periods include:

• Account registration and KYC records: retained for a minimum of 5 years from Account closure to satisfy AML regulatory requirements;
• Financial transaction records: retained for a minimum of 7 years from the date of each transaction;
• Game session logs: retained for 2 years from session date for dispute resolution purposes;
• Marketing opt-in records: retained until consent is withdrawn, plus 1 year thereafter as evidence of lawful processing;
• Support communications: retained for 3 years from last contact to facilitate follow-up dispute resolution.

Upon expiry of applicable retention periods, personal data is securely deleted or anonymised in a manner that prevents re-identification.

8. Data Security

mario888 implements technical and organisational security measures proportionate to the sensitivity of personal data processed. Security measures include:

• SSL/TLS 1.3 encryption on all data transmitted between your browser and the mario888 Platform;
• AES-256 encryption for sensitive data fields at rest within mario888's databases;
• Segregated storage of player funds separate from operational systems;
• Role-based access controls limiting staff access to personal data on a strict need-to-know basis;
• Regular security audits and penetration testing of Platform infrastructure;
• Two-factor authentication available and recommended for all mario888 Accounts.

Notwithstanding these measures, no internet transmission or electronic storage system is entirely secure. In the event of a personal data breach affecting your Account, mario888 will notify affected players and relevant authorities in accordance with applicable notification obligations.

9. Your Data Rights

As a mario888 player, you hold the following rights with respect to your personal data, exercisable by contacting [email protected]:

• Right of access: Request a copy of all personal data mario888 holds about you;
• Right of rectification: Request correction of inaccurate or incomplete personal data;
• Right to erasure: Request deletion of personal data where retention is no longer necessary, subject to our legal retention obligations;
• Right to restrict processing: Request that processing of your data be suspended while a dispute regarding accuracy or lawfulness is pending;
• Right to data portability: Receive a machine-readable copy of personal data you have provided to mario888;
• Right to object: Object to processing based on legitimate interests, including profiling for responsible gaming purposes;
• Right to withdraw consent: Withdraw consent for marketing communications at any time without affecting the lawfulness of prior processing.

mario888 will respond to data rights requests within 30 days. Where requests are complex or numerous, a 60-day extension may apply, with notice provided.

10. Children's Privacy and Age Restriction

The mario888 Platform is strictly prohibited to individuals under 21 years of age. mario888 does not knowingly collect personal data from individuals under 21. If mario888 becomes aware that personal data has been collected from an individual under 21, that Account will be immediately closed and all collected data will be securely deleted, with any deposited funds returned to the originating payment source following KYC verification.

Parents and guardians who believe a minor may have accessed mario888 are requested to contact [email protected] immediately for investigation and Account closure.

11. International Data Transfers

mario888's infrastructure and certain third-party service providers may process personal data in jurisdictions outside Malaysia. Where personal data is transferred internationally, mario888 ensures appropriate safeguards are in place — including standard contractual clauses or equivalent data protection instruments — to maintain protections consistent with those described in this Policy.

12. Third-Party Platform Links

The mario888 Platform may contain references to third-party game providers accessible via game launch interfaces. Once you leave the mario888 Platform environment, this Privacy Policy ceases to apply. Third-party game studios operate under their own privacy policies, which mario888 does not control. mario888 recommends reviewing the privacy policies of any third-party service you interact with.

13. Policy Updates

mario888 reserves the right to update this Privacy Policy at any time. Material changes will be communicated to registered players via email to their registered address no fewer than 7 days before the revised Policy takes effect. The "Last Updated" date at the top of this page reflects the most recent revision. Continued use of the mario888 Platform following a Policy update constitutes acceptance of the revised terms.

14. Contact and Data Enquiries

For all privacy-related queries, data rights requests, or to report a suspected data breach involving your mario888 Account, please contact:

• Email: [email protected]
• Subject line: "Privacy Request – [Your mario888 Username]"
• Response time: Within 5 business days for acknowledgment; 30 days for full resolution