lucky day todaylucky day todaylucky day todaylucky day todaylucky day todaylucky day today
Goa Club
Back to home

Legal

Privacy Policy

Effective date: 23 May 2026.

1. Scope & Status as Data Fiduciary

This Privacy Policy (the “Policy”) describes the manner in which Goa Club (the “Company”, “we”, “us” or “our”), acting in its capacity as a Data Fiduciary within the meaning of the Digital Personal Data Protection Act, 2023, and a data controller for the purposes of any other applicable data-protection legislation, collects, processes, stores, transfers and otherwise handles personal data relating to identified or identifiable natural persons (each, a “Data Principal” or “you”) in connection with the use of the Goa Club platform (the “Service”).

2. Categories of Personal Data

We process the following non-exhaustive categories of personal data: (i) identity data such as your mobile number and, where applicable, name and government-issued identification provided in connection with know-your-customer verification; (ii) account & financial data including wallet balances, betting and withdrawal history, ledger adjustments and audit trail entries; (iii) technical data such as device identifiers, IP addresses, browser type, time-zone settings, telemetry and log files; (iv) usage data including navigation patterns within the Service and interaction with notifications; and (v) communication data including in-app inbox messages and any correspondence with our operations desk.

3. Lawful Bases & Purposes of Processing

Personal data is processed exclusively on one or more of the following lawful bases: (a) contract, to the extent processing is necessary for the performance of the Agreement under which we provide the Service; (b) consent where freely given by you in respect of a specified purpose; (c) legal obligation, where required to comply with applicable law, regulation, court order or governmental request; and (d) legitimate interests, including security monitoring, fraud prevention, dispute resolution and improvement of the Service, provided always that such interests are not overridden by your fundamental rights and freedoms.

4. Disclosure of Personal Data

We do not sell personal data. We may share personal data with carefully selected processors and sub-processors who provide infrastructure, telecommunications and analytics services on our behalf under written agreements that mandate appropriate technical and organisational measures. We may further disclose personal data (i) to comply with any judicial process, governmental request or applicable legal obligation; (ii) to enforce our Terms and Conditions or protect the rights, property or safety of the Company, our Members or others; and (iii) in connection with a corporate transaction such as a merger, acquisition, financing or insolvency, subject to confidentiality protections.

5. International Transfers

Where personal data is transferred outside the Republic of India, the Company shall undertake such transfer only to jurisdictions notified or otherwise permitted under applicable law and shall implement contractual safeguards (including, where appropriate, standard contractual clauses) to ensure an adequate level of protection.

6. Retention

Personal data is retained only for so long as is necessary to fulfil the purposes for which it was collected, including for the satisfaction of any legal, accounting or reporting requirements. Inbox notifications relating to wallet events are automatically purged after twenty-four (24) hours pursuant to a server-side time-to-live mechanism. Result data is retained on a strict rolling thirty (30) day window with day-granular first-in-first-out pruning.

7. Security Measures

We implement industry-standard administrative, technical and physical safeguards designed to protect personal data against unauthorised access, alteration, disclosure, destruction or loss, including encryption in transit, hardened authentication primitives, principle-of-least-privilege access controls, defence-in-depth architecture, audit logging, and continuous monitoring. Notwithstanding the foregoing, no system can be guaranteed to be impervious to all attacks and you acknowledge that you submit personal data at your own risk.

8. Your Rights as a Data Principal

Subject to applicable law and verifiable identification, you have the right to (i) obtain confirmation of and access to your personal data; (ii) request correction or completion of inaccurate or incomplete data; (iii) request erasure of personal data no longer necessary in relation to the purposes for which it was processed; (iv) withdraw consent at any time, without affecting the lawfulness of prior processing; (v) lodge a grievance with our designated Grievance Officer; and (vi) lodge a complaint with the competent data protection authority.

9. Grievance Officer

In accordance with the Information Technology Act, 2000 and rules made thereunder, and the Digital Personal Data Protection Act, 2023, any grievance pertaining to the processing of personal data may be addressed to the Company’s Grievance Officer at admin@goaclub.com. We shall use commercially reasonable efforts to acknowledge each grievance within forty-eight (48) hours of receipt.

10. Updates to this Policy

We may amend this Policy from time to time. Material changes will be brought to your attention through reasonable means, including in-app notice. Your continued use of the Service following the effective date of any amendment shall constitute your acceptance of such amendment to the maximum extent permitted by applicable law.

Goa Club
Private members ledger

A premium private members' ledger · India

© 2026 Goa Club. All rights reserved. Play responsibly. Membership restricted to persons of legal age in their jurisdiction of residence.

Made with Emergent