Privacy Policy
This policy explains how Win2Day Bonus Oy ("we") processes personal data when you visit win2daybonus.com, play demo games, fill in a form, or chat with us. We comply with EU Regulation 2016/679 (GDPR), the Data Protection Act (1050/2018), and the Act on the Protection of Privacy in Electronic Communications (917/2014).
Data Controller
Urho Kekkosen katu 12 B
00100 Helsinki, Finland
Business ID 2948175-3
Data protection: tietosuoja@win2daybonus.com · +358 9 612 8840
We generally respond to requests within one month (GDPR Art. 12), sometimes a little longer in complex cases.
Data Protection Officer
Laura Virtanen serves as our Data Protection Officer. You can write to her directly at tietosuoja@win2daybonus.com or by post: Win2Day Bonus Oy / Data Protection, Urho Kekkosen katu 12 B, 00100 Helsinki.
What data we collect
We do not collect more than necessary. In practice, data comes from these sources:
- Contact form
- Name, email, message content, optional company, newsletter consent. IP is stored to prevent misuse.
- Chat
- Messages, timestamps, session identifier. Name or email only if you provide them yourself.
- Website and demos
- Browser, operating system, technical logs, cookies (cookie policy), demo play duration — no real money.
- Analytics
- Only if you accept cookies: page views, clicks, approximate country based on IP.
- B2B customers
- Contact person, company, business ID, billing address, contract correspondence. We do not store full card numbers.
We do not request national ID numbers and do not knowingly collect data from anyone under 18 (see Minors).
Why we process data
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Offers, customer relationship, invoicing | Contract 6(1)(b) |
| Security, bot prevention, service improvement | Legitimate interest 6(1)(f) |
| Newsletter, analytics cookies | Consent 6(1)(a) |
| Bookkeeping, taxes | Legal obligation 6(1)(c) |
Consent can be withdrawn at any time — it does not affect the lawfulness of processing carried out before withdrawal.
How long we retain data
| Data | Period |
|---|---|
| Contact enquiry, no contract | 24 months |
| Customer relationship | Contract + 6 years per Accounting Act |
| Chat logs | 12 months |
Cookie consent (w2d_cookies_en) | 12 months, then asked again |
| Analytics | 26 months, anonymised |
| Server logs | 90 days |
| Newsletter | Subscription + 30 days after unsubscribe |
Disclosures and transfers
We use subcontractors (hosting, email, CRM, analytics) under DPAs. Most servers are in the EU/EEA.
If data is transferred outside the EU, we use the Commission's standard contractual clauses or other GDPR Chapter V mechanisms. You can request a copy of safeguards: tietosuoja@win2daybonus.com.
We disclose to authorities only when required by law.
Your rights
Under the GDPR you may request:
- access to your data (Art. 15)
- rectification (Art. 16)
- erasure (Art. 17)
- restriction of processing (Art. 18)
- data portability (Art. 20)
- object to processing, especially marketing (Art. 21)
- withdraw consent (Art. 7)
We do not make automated decisions that significantly affect you (Art. 22). Send requests to tietosuoja@win2daybonus.com — we may verify your identity before disclosure.
Cookies
Consent is stored in the browser's local storage under the key w2d_cookies_en. More details: cookie policy.
Data security
HTTPS (TLS 1.2+), access controls, backups, staff training, sub-processor assessment. In the event of a data breach we notify the authority within 72 hours and the data subject where required.
Minors
The service is 18+. If you notice that someone under 18 has submitted data, contact tietosuoja@win2daybonus.com — we will delete it.
Complaint to the supervisory authority
You may lodge a complaint with the Office of the Data Protection Ombudsman (PL 800, 00531 Helsinki, tietosuoja@om.fi, tietosuoja.fi). We recommend contacting us first, however.
Changes to this policy
We update this page when needed. We will announce significant changes on the website and by email where appropriate.