Privacy Notice (Stub)

1. Controller and Contact Details

Data controller: [Operator Legal Entity Name]

Registered address: [Operator Registered Address]

Email: support@auctiononpoker.com

EU/UK representative (if applicable): [Representative Name], support@auctiononpoker.com

Data Protection Officer (if appointed): [DPO Name], support@auctiononpoker.com

2. Categories of Personal Data

We collect account and KYC profile fields required for account operation and compliance checks. Required account fields: email and display name. Optional profile/KYC fields may include first name, last name, phone number, date of birth, and address details.

3. Purposes and Lawful Basis

• Account creation and authentication: Contract performance (GDPR Art. 6(1)(b))
• Fraud prevention, platform security, and abuse prevention: Legitimate interests(GDPR Art. 6(1)(f))
• Identity verification and legal compliance controls: Legal obligation(GDPR Art. 6(1)(c))

Where we rely on legitimate interests, those interests are preventing fraud, securing auction integrity, and maintaining enforceable audit records.

4. Recipients of Personal Data

Personal data may be shared with infrastructure and service providers that process data on our behalf, including cloud hosting, database hosting, and payment providers, subject to contractual safeguards.

Current providers (stub list): [Cloud Provider], [Database Provider], [Payment Processor].

We do not currently use third-party analytics or marketing tools that process personal data.

5. International Transfers

If personal data is transferred outside your jurisdiction, we apply appropriate safeguards such as Standard Contractual Clauses or equivalent lawful transfer mechanisms.

Transfer locations and safeguards (stub): [Transfer Regions and Safeguard Mechanism].

6. Retention Periods

We retain profile and KYC data for the duration of the account and for a limited period after account closure, unless a longer retention period is required by law.

Financial and audit-related records may be retained for statutory accounting and dispute-resolution periods.

See the internal data register for field-level retention mapping.

7. Your GDPR Rights

You may have the right to request access, rectification, erasure, restriction, objection, and portability.

If processing is based on consent, you may withdraw consent at any time without affecting prior lawful processing.

You also have the right to lodge a complaint with your local supervisory authority. Supervisory authority contact (stub): [Authority Name and Contact].

8. Whether Data Is Required

Some fields are required to create and maintain your account, complete identity checks, and comply with legal obligations. If required data is not provided, we may be unable to provide core platform services.

9. Automated Decision-Making

We do not use solely automated decision-making that produces legal or similarly significant effects in relation to account approval or denial.

Auction outcomes are algorithmic according to published game rules, but these outcomes are not used to profile users for legal-significance decisions.

10. Updates to This Notice

We may update this notice as legal requirements or processing activities change. Material updates will be published on this page.

Last updated: 2026-04-23