Download

Privacy Policy

  • for the use of the online gaming platform doubleucasino.com/de

  • 1. Controller, EU Representatives and Contact

    (1) The controller within the meaning of the General Data Protection Regulation (GDPR) is DoubleUGames, Inc., 16F Gangnam Finance Center, 152 Teheran-ro, Gangnam-gu, 06236 Seoul, Republic of Korea, email: support@doubleucasino.com

    (2) The EU Data Protection Representative pursuant to Article 27 GDPR is: VeraSafe Ireland Ltd., Unit 3D North Point House, North Point Business Park, New Mallow Road, Cork T23AT2P, Ireland; phone: +420 228 881 031; web: www.verasafe.com. Data protection inquiries may be submitted via the form at this link or by email to support@doubleucasino.com.

    (3) The central point of contact within the EU – without acting as provider – is Whow Games GmbH, Bohnenstraße 2, 20457 Hamburg, Germany, Tel.: +49 40 609 4372 30, email: data-privacy@whow.net.

    (4) Whow Games GmbH appointed as Data Protection Officer Mr Maximilian Hartung, SECUWING GmbH & Co. KG, Frauentorstraße 9, 86152 Augsburg, Germany, email: epost@datenschutz-agentur.de.

  • 2. General Information on Data Processing

    (1) We process personal data exclusively in accordance with the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the Telecommunications-Telemedia Data Protection Act (TTDSG).
    (2) Personal data means any information relating to an identified or identifiable natural person (Article 4 No. 1 GDPR).
    (3) Processing is carried out only to the extent necessary for the provision, use, billing and security of our services, if a legal obligation exists or consent has been granted.

  • 3. Categories of Personal Data

    (1) Registration and profile data: email address, username, country, age/date of birth, language settings.
    (2) Usage and gameplay data: game progress, scores, interactions, in-app purchases, subscription status, timestamps.
    (3) Technical data: device and identifiers (e.g., device ID, advertising ID), IP address, operating system and version, app version, device language, network/connection data, log files.
    (4) Communication data: support tickets, emails, chat content, community posts (if available).
    (5) Payment and billing metadata: transaction IDs, purchase history, payment service references (no full payment data if processed via app stores).
    (6) Marketing and campaign data: clicks, installations, conversion information, newsletter preferences.
    (7) Cookie and tracking data in accordance with Section 10.

  • 4. Purposes and Legal Bases of Processing

    (1) Provision and operation of the platform, creation and management of user accounts, authentication, in-app purchases and subscriptions: Article 6(1)(b) GDPR.
    (2) Customer service, communication, handling of inquiries and complaints: Article 6(1)(b) GDPR; where required, Article 6(1)(f) GDPR (legitimate interest in efficient support).
    (3) Security, prevention of misuse and fraud, resolution of disruptions, enforcement of the Terms of Service: Article 6(1)(f) GDPR (legitimate interest in the security and integrity of the services).
    (4) Compliance with legal obligations (e.g., tax/commercial retention, official orders): Article 6(1)(c) GDPR.
    (5) Product analysis, reach measurement, error correction, quality improvement: Article 6(1)(f) GDPR (legitimate interest in further development of the services).
    (6) Direct marketing via email/push notifications only with consent: Article 6(1)(a) GDPR; consent may be withdrawn at any time with effect for the future.
    (7) Personalized advertising and cross-device tracking (web/app) only with consent via the consent management tool: Article 6(1)(a) GDPR in conjunction with Section 25(1) TTDSG.
    (8) Age verification and youth protection (platform for adults 18+): Article 6(1)(c) GDPR and Article 6(1)(f) GDPR.

  • 5. Recipients and Categories of Recipients

    (1) IT and hosting service providers, cloud/server providers, content delivery networks (CDNs).
    (2) Payment service providers and app store operators (e.g., Apple, Google) for the processing of purchases.
    (3) Advertising and analytics partners (e.g., Google Ireland Ltd., Meta Platforms Ireland Ltd., ironSource Ltd., Vungle Inc., AppsFlyer Ltd.) only on the basis of your consent.
    (4) Fraud prevention and security providers (e.g., device fingerprinting, IP reputation) to prevent misuse.
    (5) Authorities, courts and legal advisors, where legally required or necessary for legal defense.
    (6) EU representatives for data protection and user communication: WHOW Games GmbH and VeraSafe Ireland Ltd. (Article 27 GDPR).
    (7) Data processing agreements exist with all processors in accordance with Article 28 GDPR.

  • 6. Data Transfers to Third Countries

    (1) Transfers to countries outside the EU/EEA may occur. We ensure an adequate level of protection, for example through EU Commission adequacy decisions (e.g., EU-US Data Privacy Framework) or EU Standard Contractual Clauses (Article 46 GDPR) including supplementary technical and organizational measures.
    (2) In accordance with Article 13 GDPR, we would like to inform you that we transfer certain personal data to DoubleU Games Inc., Republic of Korea, for the operation and analysis of our gaming services. The transfer is based on the EU Standard Contractual Clauses (Implementing Decision (EU) 2021/914, Module 3) and a Transfer Impact Assessment. The Republic of Korea is subject to an adequacy decision by the European Commission.
    (3) Information on specific recipients and transfers can be requested at support@doubleucasino.com. Copies of the relevant safeguards can be provided upon request, where legally permissible.

  • 7. Retention Periods and Deletion

    (1) As a general rule, data is deleted or anonymized as soon as the purpose ceases to apply and no legal retention obligations prevent deletion.
    (2) Game and account data are generally deleted or anonymized no later than 24 months after the last use.
    (3) Extended retention may occur where we are legally obliged or where necessary for the establishment, exercise or defense of legal claims.
    (4) System and security logs are generally retained for 12 to 24 months; backups are overwritten according to our deletion and backup policy.

  • 8. Rights of Data Subjects

    You have the right of access (Article 15 GDPR), rectification (Article 16 GDPR), erasure (Article 17 GDPR), restriction of processing (Article 18 GDPR), data portability (Article 20 GDPR) and to object (Article 21 GDPR).
    If processing is based on your consent, you may withdraw it at any time with effect for the future (Article 7(3) GDPR).
    To exercise your rights, please contact support@doubleucasino.com or VeraSafe via this link.
    You also have the right to lodge a complaint with a supervisory authority, e.g., the Hamburg Commissioner for Data Protection and Freedom of Information (www.datenschutz-hamburg.de).

  • 9. Direct Marketing and Newsletters

    (1) Email newsletters or push notifications about our own similar offers are sent only with your prior consent. You may withdraw your consent at any time, e.g., via the unsubscribe link, device settings or our support team.
    (2) The use of your data for personalized advertising in web/app environments takes place only after consent via the consent management tool (see Section 10).

  • 10. Cookies, SDKs and Similar Technologies (TTDSG)

    (1) We use cookies and SDKs to provide the platform technically (essential) and – with your consent – for analytics and marketing purposes.
    (2) Non-essential technologies are activated only after your consent via our consent management platform (CMP); consent can be withdrawn at any time with effect for the future.
    (3) Technically necessary cookies are processed on the basis of Article 6(1)(f) GDPR.
    (4) Services used (excerpt, depending on consent): Google Analytics, Meta, ironSource Ltd., Vungle Inc., AppsFlyer Ltd.

  • 11. Community Features and User Content

    (1) If community features (e.g., chat, forums, profile pictures) are provided, please note that content may be public or visible to other players. Do not disclose sensitive data.
    (2) We reserve the right to moderate, block or delete content to comply with legal obligations or to uphold our community rules. Legal bases: Article 6(1)(b) and (f) GDPR.

  • 12. Minors

    (1) Our services are intended exclusively for adults aged 18 and over. Registration or use by minors is not permitted.
    (2) We do not knowingly collect data from individuals under 18. If we become aware of unauthorized use, the corresponding accounts will be blocked and data deleted without delay, unless retention is legally required.
    (3) Parents or guardians may contact us at support@doubleucasino.com; we will promptly assist with deletion or deactivation.

  • 13. Security of Processing

    (1) We implement appropriate technical and organizational measures (TOMs) pursuant to Article 32 GDPR to protect personal data against loss, destruction, unauthorized access or misuse.
    (2) Communication generally takes place using TLS/SSL encryption. Security measures are regularly reviewed and adapted to the state of the art.

  • 14. Amendments to this Privacy Policy

    (1) We reserve the right to amend this Privacy Policy, in particular in the event of changes in legal requirements, our services or data processing. The current version is available at https://duc-dev.doubleugames.com/support_terms/de/privacy_policy.
    (2) Where necessary, we will obtain your consent for new processing activities in advance.
  • Version: October 2025