logo

This Privacy Policy explains how we collect, use, disclose and protect personal information when you visit or use Vegastars websites, apps and related services (the Services). By creating an account or using the Services you acknowledge this Policy.

Controller: Neptune Projects SRL, registration number 3-102-900308, with registered address at De la POPS de Curridabat, 300 Sur, 75 Este, casa gris con celeste,11801, San Jose, Granadilla, Curridabat, Costa Rica (“Vegastars”, “we”, “us”, “our”).
Privacy contact: [email protected].

We collect the following categories of personal information:

  • Identity & contact data including but not limited to: name, date of birth, residential address, email, phone, nationality, proof of identity/address.
  • Account & transaction data: account credentials, deposits, withdrawals, wager and gameplay history, payment method details, bonuses and redemptions, chargebacks.
  • KYC/AML data: verification results, due‑diligence records, sanctions/PEP screening outcomes, source of funds information as appropriate.
  • Technical & usage data: device identifiers, IP address and approximate location (e.g., city/country), browser/OS, cookies, session/activity logs, crash/error diagnostics, security logs.
  • Communications: emails, chats, webforms, and support tickets.
  • Responsible gaming signals: session duration, spend patterns, RG tool usage.
  • Preferences: marketing and cookie choices.
  • Survey/feedback data: responses you choose to provide.

We do not knowingly collect data from any person below the minimum permitted age for gambling. If we become aware of underage data, we will delete it and close the account.

We use personal information to:

  • Provide the Services: create and manage accounts, enable gameplay, process payments/withdrawals, operate bonuses and loyalty, and provide support.
  • Verify identity & meet legal duties: conduct KYC/AML checks and monitoring, sanctions/PEP screening, fraud prevention, responsible‑gaming measures, and other compliance obligations.
  • Secure and improve the platform – security monitoring, incident detection/response, troubleshooting, testing, service quality and product development.
  • Operate the business: analytics and reporting, forecasting, finance, auditing and compliance oversight.
  • Marketing with consent: send offers/news where you have opted‑in; you may withdraw consent at any time.

We rely on one or more of the following legal bases as applicable: contract (providing the Services), legal obligation (e.g., AML/CTF and gaming regulation), legitimate interests (security, fraud prevention, service improvement), and consent (for marketing or where local law requires it for certain cookies/analytics).

We use cookies, SDKs and similar tools to operate and improve the Services. 

Categories: 

  • Essential required for sign‑in, security and core features.
  • Functional remember choices (e.g., language), help diagnose issues and improve performance.
  • Analytics measure usage and performance to inform improvements.
  • Advertising measure campaigns and, where permitted, deliver more relevant marketing.

Manage nonessential cookies via Cookie Settings in your browser/device controls. Blocking certain cookies may affect site functionality.

We do not sell or share personal information. We disclose limited data to:

  • Service providers / processors: e.g., hosting and security, KYC/AML vendors, payment processors, fraud‑prevention providers, game studios (to operate content), CRM and communications services; bound by contract and safeguards.
  • Group companies: for consolidated operations, support and compliance on a need‑to‑know basis.
  • Regulators and public authorities: where required by law or regulation (e.g., gaming, AML/CTF, tax or law‑enforcement obligations).
  • Business transfers: in connection with a merger, acquisition or reorganization, subject to protections in this Policy.
  • With your direction or consent: where you ask us to share or publish data (e.g., leaderboard nickname).

We only use or disclose information for the purposes for which it was provided, to operate the Services, with your consent, or where disclosure is required by law or an official investigation.

We may process and store personal information in countries other than your own. When we transfer information internationally, we implement contractual and other safeguards designed to provide protections comparable to those required under applicable laws.

We retain account, transaction and customer due diligence records for as long as they are needed, or longer where required by law or to establish, exercise or defend legal claims, or due to regulatory requirements.

We apply layered technical and organizational measures appropriate to the risk, including encryption in transit, strict access controls, logging and monitoring, network segregation, vulnerability management and incident response. Access to customer information is limited to authorized personnel under confidentiality obligations and a needtoknow principle.

You can exercise the following rights, subject to verification and any legal/regulatory limits (for example, AML/CTF record‑keeping):

  • Right to be informed: clear information about how we use your data. We will provide prominent notice of material changes.
  • Right of access: request a copy of your personal information we hold.
  • Right to rectification: ask us to correct inaccurate or incomplete information.
  • Right to erasure: request deletion of personal information where there is no overriding legal basis for us to keep it. Certain records must be retained to meet our legal and regulatory obligations.
  • Right to restriction: ask us to restrict processing in certain circumstances (e.g., while we verify accuracy or a contested objection).
  • Right to object: object to processing based on our legitimate interests (including related profiling). You can object to direct marketing at any time.
  • Right to data portability: request certain information in a structured, commonly used and machine‑readable format and/or ask us to transmit it to another controller where technically feasible.
  • Right to withdraw consent: where we rely on consent (e.g., for marketing or certain cookies/analytics), you may withdraw at any time; this will not affect processing carried out before withdrawal.
  • Rights relating to automated decisions: where a decision producing legal or similarly significant effects is made solely by automated means, you may request human review, express your point of view and contest the decision, where provided by law.
  • Right to anonymity or pseudonymity (where lawful and practicable): in limited contexts we may allow use of a pseudonym; for regulated gambling services, identity verification is generally required.
  • Right to complain – you may raise concerns with us at any time and, if unresolved, you may have the right to contact your local data‑protection authority. We will cooperate with competent authorities as required by law.

To exercise rights, contact [email protected]. We will verify your identity and respond within applicable timeframes.

We use automated tools to assist with fraud prevention, AML screening, safer-gaming monitoring and (with consent) to tailor marketing. We do not make decisions that produce legal or similarly significant effects about you solely by automated means; any such outcomes involve human review and final judgment. You can object to direct-marketing profiling at any time.

The Services are not for persons under the minimum permitted age for gambling. We perform ageverification and will close accounts and delete data where required if underage use is detected.

If you have concerns about how we handle your data, contact [email protected]. We will investigate and respond. You may also have the right to contact your local data‑protection authority. We cooperate with our gaming licensing authority and other competent authorities as required by law, including in the event of a security incident affecting personal information.

We may update this Policy from time to time. If we make significant changes, we will provide prominent notice (e.g., on‑site banner, email) and log the version and date. Your continued use of the Services after changes take effect signifies your acceptance of the updated Policy.

At signup, we present a clear notice and require you to acknowledge and accept the Terms & Conditions and this Privacy Policy. We also record “electronic footprint” details (e.g., IP address and device information) to operate the Services securely and to meet compliance obligations.