NewLine Privacy Charter
A comprehensive overview of how NewLine gathers, utilizes, and secures user information.
Table of Contents
- Preliminary Context
- Modifications to this Directive
- Classification of Harvested Information
- Motivations and Juridical Grounds
- Operational Deployment of Data
- Information Storage Timelines
- External Information Disclosure
- Transnational Data Migration
- Cybersecurity Architecture
- User Privacy Entitlements
- Digital Trackers & Cookies
- Conflict Management
- Communication Channels
1. Preliminary Context
This document serves as the official Privacy Charter for NewLine (also referenced herein as the "Operator", "we", "us", or "our"). It dictates the protocols surrounding the processing of personal data for individuals engaging with the NewLine ecosystem — encompassing the web portal, the dedicated macOS application, and our native mobile apps for iOS and Android. This directive covers all users who establish an Account, navigate the public domains, or interact with our digital services.
The Operator acts as the primary data controller for the information detailed in this charter. By utilizing our platform, you signify that you have reviewed both this Privacy Charter and the broader Terms & Conditions, and you fully acknowledge how your personal details are collected, applied, and securely shared.
Any capitalized vocabulary found in this text (such as "Account", "Real Funds", or "KYC") retains the exact legal definitions assigned to them within the Terms & Conditions.
2. Modifications to this Directive
The Operator reserves the right to revise this Privacy Charter to adapt to platform upgrades, shifting legal requirements, or evolving data management standards. The "Last updated" marker at the top of this document will always reflect the most recent adjustment.
Whenever substantial alterations occur, we will notify you via website announcements, in-product alerts, or direct emails to your connected address. Your ongoing interaction with the platform following these modifications indicates your acceptance of the revised rules. If you disagree with any new stipulations, you must cease using the service and may request immediate Account closure as outlined in the Terms & Conditions.
3. Classification of Harvested Information
The Operator acquires diverse sets of personal data depending on the depth of your engagement with the platform. The matrix below categorizes the primary data types along with specific examples.
| Category | Specific Examples |
|---|---|
| Profile Credentials | Email address, selected account currency, language settings, country of residence, and your password (which is strictly stored as a salted hash, never in plaintext). |
| KYC Verification Documents | Full legal name, birthdate, nationality, national ID numbers, digital copies of ID documents, proof-of-address paperwork, and liveness verification selfies. |
| Monetary Records | Ledger of withdrawals and deposits, chosen payment gateways (crypto, bank, e-wallet, card), masked credit card numbers (if applicable), and cryptocurrency wallet addresses. |
| Platform Engagement | Complete bet history, active game sessions, overall slot turnover, accumulated NewLine Points, and progression on bonus wagering requirements. |
| Device & Network Footprint | Current IP address, active operating system and browser type, app version, unique device tokens, time-zone configurations, and referral link data. |
| Customer Support Interactions | Transcripts from live chat sessions, email correspondences, submitted complaints, marketing opt-in statuses (emails/push notifications), and engagement with our outreach. |
| Analytics & Trackers | Temporary session data, persistent cookies, page navigation paths, feature interaction metrics, and allocations for A/B testing. |
The Operator strictly prohibits the intentional harvesting of data from individuals under 18 years of age. Should we discover that an underage user has provided personal details, their Account will be immediately shuttered and their data permanently expunged in accordance with legal obligations.
4. Motivations and Juridical Grounds
Every piece of data we process serves a specific function and is backed by a recognized legal foundation. The primary intersections of purpose and legality are as follows:
| Processing Motivation | Primary Legal Ground |
|---|---|
| Generating and maintaining your user Account | Execution of our mutual contract (Terms & Conditions) |
| Clearing financial transactions and wager outcomes | Execution of our mutual contract |
| Performing KYC, AML, and global sanctions checks | Fulfillment of mandatory legal obligations |
| Detecting fraud and monitoring anomalous behavior | Legitimate interests of the Operator and user community safety |
| Addressing complaints and providing customer support | Contract execution and legitimate business interests |
| Distributing marketing materials (emails, push alerts) | Your explicit consent (freely revokable at any moment) |
| Curating personalized game lists and bonus offers | Legitimate interests of the Operator |
| Executing A/B testing and overall system optimization | Legitimate interests of the Operator |
| Overseeing Responsible Gaming compliance | Legitimate interests and overarching legal mandates |
5. Operational Deployment of Data
In practical terms, your information is mobilized for the following core activities:
- Profile Authentication. Verifying your identity during login to repel unauthorized access. Since the Operator does not currently implement two-factor authentication (2FA), biometric logins, or hardware keys, security heavily relies on your password integrity alongside technical footprint analysis (IP and device tracking).
- Financial Facilitation. Routing your deposits, processing cashouts, and confirming that the payment instrument legally belongs to you, fulfilling international AML directives.
- Wager & Reward Processing. Archiving bet outcomes, calculating your net winnings, issuing promotional free spins, and dynamically adjusting your NewLine Points balance.
- Regulatory Adherence. Executing KYC identity checks, cross-referencing sanctions lists, flagging unusual monetary patterns, and submitting necessary reports to governing bodies.
- Alerts and Marketing. Dispatching essential operational notices (password resets, withdrawal clears, security pings) and, provided you have granted consent, sending promotional material regarding upcoming tournaments.
- User Assistance. Analyzing your historical data and chat transcripts to troubleshoot technical errors and answer queries sent to our helpdesk.
- System Optimization. Utilizing aggregated, anonymous data to balance server loads, execute A/B testing on our interface, and refine our game portfolio.
6. Information Storage Timelines
The Operator retains personal information strictly for the duration required to satisfy the objectives outlined in this charter, or as legally mandated by statutory laws. Our standard retention schedules are as follows:
| Data Classification | Standard Retention Protocol |
|---|---|
| Active Profile Information | Kept for the lifespan of the Account, plus any buffer period needed to clear outstanding financial obligations. |
| KYC Verification Documents | Maintained throughout the Account's active life, and retained post-closure for the mandatory duration dictated by AML legislation (typically several years). |
| Financial & Wager History | Stored for the lifespan of the Account and kept post-closure as required for financial auditing and legal compliance. |
| Customer Support Archives | Retained for several years post-interaction to assist in future dispute resolutions and quality assurance monitoring. |
| Marketing Consent Records | Preserved until you actively revoke your consent or successfully close your Account. |
| Analytics & Trackers | Ranging from momentary session lifespans up to a maximum of several months, based on the specific cookie configuration. |
Upon the expiration of the relevant retention period, all associated personal data is either securely eradicated or irreversibly anonymized.
7. External Information Disclosure
The Operator fundamentally rejects the sale of your personal data. We distribute information exclusively to the authorized entities listed below, and only sharing the absolute minimum necessary data.
| Authorized Recipient | Purpose of Disclosure |
|---|---|
| Financial gateways and cryptocurrency processors | To safely route and execute your deposits, cashouts, and refunds. |
| Identity verification and AML screening agencies | To authenticate your uploaded documents and cross-check global sanctions lists. |
| Casino software studios (around 70 partners including BGaming, Hacksaw, PG Soft, 3 Oaks Gaming) | To facilitate the actual gameplay mechanics when you launch a third-party title from our lobby. |
| Network tournament operators (Pragmatic Play, 3 Oaks Gaming, Playson) | To register your participation, tally your points, and distribute network-wide prizes. |
| Cloud infrastructure and server hosts | To maintain continuous platform uptime and securely warehouse our databases. |
| Analytics and attribution platforms | To measure application performance and execute A/B testing variations. |
| Helpdesk software providers | To power our 24/7 live chat tools and manage email support tickets. |
| Affiliate and marketing networks | To accurately attribute traffic and disburse partner commissions (using pseudonymized data wherever viable). |
| Legal counsel, auditors, and regulatory bodies | When strictly required to prove legal compliance, execute audits, or respond to binding legal demands. |
Every external vendor acting on our behalf is bound by rigid data processing agreements that forbid unauthorized data usage and demand rigorous security implementations.
8. Transnational Data Migration
Your data may occasionally be routed to, and housed on, servers located outside your country of residence, potentially in regions with varying data privacy laws. Whenever a cross-border transfer is executed, the Operator guarantees the implementation of appropriate legal safeguards—such as relying on recognized adequacy decisions or enacting Standard Contractual Clauses (SCCs) with the receiving party.
If you desire more details regarding the specific protections surrounding international data transfers, please direct your inquiries to [email protected].
9. Cybersecurity Architecture
The Operator deploys a robust mix of technical infrastructure and internal policies to safeguard your information against unauthorized access, modification, or destruction. Our primary defenses include:
- End-to-end TLS encryption to protect data in transit, alongside encryption for highly sensitive databases at rest.
- Mandatory password protection via cryptographic salted hashes—meaning your password is never stored or readable in plain text.
- Strict adherence to the principle of least privilege, ensuring our staff and third-party vendors access data on a strict "need-to-know" basis.
- Continuous network logging and monitoring to detect anomalous login patterns and potential cyber threats.
- Routine vulnerability scanning and the swift deployment of security patches across all digital assets.
- Comprehensive data protection training for all internal employees handling user information.
Despite these extensive measures, absolute invulnerability on the internet cannot be guaranteed. Because the Operator does not currently equip users with two-factor authentication (2FA), biometric sign-ins, or hardware-key support, the defense of your account rests heavily on your password strength. We strongly advise creating a complex, unique password and fiercely protecting your connected email account. Please note: NewLine representatives will never request your password.
10. User Privacy Entitlements
Depending on the specific privacy laws governing your jurisdiction, you are generally granted the following entitlements regarding the data we hold:
- Right of Access. You may request confirmation of our data processing actions and demand a full digital copy of your personal data.
- Right to Data Correction. You can compel us to rectify any factual inaccuracies or incomplete elements within your profile.
- Right to Erasure. You may ask for the deletion of your data, though this remains subject to overriding retention mandates under international AML laws.
- Right to Restrict Processing. You possess the right to ask us to temporarily freeze the processing of your data under specific dispute circumstances.
- Right to Data Portability. You can request your data be exported in a clean, machine-readable format for seamless transfer to an alternate service provider.
- Right to Object. You may formally object to our data processing if it relies solely on our legitimate interests, particularly regarding direct marketing.
- Right to Withdraw Consent. If you previously agreed to receive marketing alerts, you may revoke this consent at any time without penalizing your account's standing.
- Right to Lodge a Complaint. You are fully entitled to raise concerns directly with your local governmental data protection authority.
To invoke any of these privileges, please send an email to [email protected] using the address formally tied to your NewLine Account. We will likely require additional identity verification before acting on your request to prevent fraudulent access.
11. Digital Trackers & Cookies
Our platform employs web cookies, local storage, and mobile device identifiers to ensure seamless operation, recall your UI preferences, and monitor generalized site performance. These tracking technologies fall into four main classifications:
- Strictly Necessary Trackers — Essential for core functionalities like logging in, managing your active bets, and loading the cashier. The site cannot function without these.
- Functional Trackers — Designed to remember your chosen language, odds format, and localization settings.
- Analytics Trackers — Deployed to help our engineering team identify site bottlenecks, track server response times, and improve overall layout efficiency.
- Marketing Trackers — Utilized to evaluate advertising spend and present you with relevant promotional campaigns (active only with your explicit consent).
You retain full control over non-essential cookies via your browser's privacy settings. Be aware that disabling strictly necessary cookies will severely disrupt your ability to use the casino. On mobile platforms (iOS, Android, macOS apps), we rely on secure device tokens rather than traditional browser cookies to achieve these same objectives.
12. Conflict Management
If you suspect that the Operator has mishandled your personal data or breached this charter, we kindly request that you reach out to [email protected] first. Our team is committed to acknowledging all privacy-related complaints within 1 working day and will deliver a comprehensive, substantive resolution within 30 calendar days.
If our internal resolution process does not meet your expectations, you hold the absolute right to escalate the issue to the relevant data protection regulator in your jurisdiction. This statutory right operates completely independently of any arbitration clauses found in our general Terms & Conditions.
13. Communication Channels
If you require clarification on this charter or have specific requests regarding your data footprint, please route your inquiry to the appropriate channel below.
| Department | Contact Address |
|---|---|
| Privacy & General Account Inquiries | [email protected] |
| Corporate & B2B Relations | [email protected] |
| Affiliate Network Support | [email protected] |
| 24/7 Live Chat | Accessible directly via the website and all mobile/macOS clients. |
Need clarity on your data?
Send an email to [email protected] from your linked account email. We guarantee a preliminary acknowledgment within 1 working day, and a detailed follow-up within 30 calendar days.
Reach Out to Privacy Support