Privacy Policy

Welcome to the Privacy Policy of Gold365 Exchange — India's premier online sports betting and gaming exchange platform. This Privacy Policy ("Policy") describes how Gold365 Exchange ("Gold365", "we", "us", or "our") collects, receives, uses, stores, processes, discloses, transfers, and protects the personal information of users ("you", "your", or "User") who access and use our website, mobile application, and associated services (collectively, the "Platform").

Privacy is not an afterthought at Gold365 Exchange — it is embedded into everything we build and every decision we make. In a digital world where personal data has never been more valuable or more vulnerable, we take our responsibility as custodians of your information with the utmost seriousness. Our commitment is simple: your data is yours. We collect only what we need, use it only for legitimate purposes, protect it with industry-leading security, and never sell it to third parties.

This Policy applies to all Gold365 Exchange users in India and covers all personal data processed in connection with your use of our Platform — from the moment you visit our website for the first time to any interactions you have as a registered member. By accessing or using the Gold365 Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein.

If you have any questions, concerns, or requests relating to your personal data or this Policy, please contact our dedicated Data Protection Officer (DPO) at privacy@gold365online.com. We are committed to responding to all privacy-related inquiries within 72 hours.

This Policy should be read in conjunction with our Terms and Conditions, our Cookie Policy, and our Responsible Gambling Policy.

Gold365 Exchange is an online sports betting and gaming exchange platform that serves users across India. For the purposes of applicable data protection law, Gold365 Exchange acts as the Data Fiduciary (as defined under India's Digital Personal Data Protection Act, 2023) in relation to the personal data of its users.

As a Data Fiduciary, Gold365 Exchange is responsible for determining the purposes and means by which your personal data is processed. We are accountable for ensuring that all data processing activities carried out by us — and by third parties acting on our behalf — comply with applicable privacy and data protection laws.

Data Protection Officer (DPO)

Gold365 Exchange has appointed a dedicated Data Protection Officer responsible for overseeing our data protection strategy and ensuring compliance with applicable laws. You can contact our DPO directly for any privacy-related matters:

Gold365 Exchange is committed to full compliance with the Digital Personal Data Protection Act (DPDP) 2023 of India, and where applicable, international privacy frameworks including GDPR principles for users who may access our platform from the European Union.

Gold365 Exchange collects personal data that is necessary and proportionate to providing you with a safe, secure, legally compliant, and excellent gaming and exchange experience. We do not collect personal data beyond what is reasonably necessary for these legitimate purposes.

Categories of Personal Data

Special Categories of Sensitive Data

Gold365 Exchange does not intentionally collect or process special categories of sensitive personal data (such as racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, or health data) unless you voluntarily provide such information — for example, in the context of a self-exclusion request related to problem gambling.

Gold365 Exchange collects personal data through a variety of methods and from multiple sources, all of which are described transparently below.

Direct Collection — Information You Provide to Us

• Register an account: Name, mobile number, email, date of birth, state of residence, and chosen password.
• Complete KYC verification: Government-issued ID documents, address proof, selfie verification.
• Make deposits or withdrawals: Bank account details, UPI ID, payment card information.
• Contact customer support: The content of your messages, emails, or chat conversations.
• Participate in promotions: Information submitted when entering contests, surveys, or promotional offers.
• Update your profile: Any changes you make to your account settings, preferences, or notification options.
• Submit feedback: Reviews, ratings, or suggestions you choose to share with us.

Automated Collection — Data Collected Automatically

• Log Data: IP address, browser type, pages visited, time spent on pages, links clicked, error reports, and access timestamps.
• Device Data: Device type (mobile, desktop, tablet), operating system, unique device identifiers, and screen resolution.
• Cookies and Similar Technologies: First-party and third-party cookies, pixel tags, web beacons, and local storage objects. See Section 9 for full details.
• Location Data: Approximate geographic location inferred from your IP address to enforce jurisdictional compliance.
• Gaming Session Data: Automatic logging of all gaming activity including bets placed, games played, outcomes, and session duration.

Third-Party Sources

• Payment Service Providers: Transaction confirmation and fraud-scoring data from payment gateways and banks.
• Identity Verification Services: Data from third-party KYC and AML compliance service providers for identity and document verification.
• Fraud Prevention Databases: Data from shared industry fraud databases to detect and prevent fraudulent registrations.
• Analytics Providers: Aggregated and anonymized behavioral data from analytics tools used to understand platform usage patterns.
• Referral Partners: Basic contact information (name and email) provided by existing users who refer new members to Gold365 with the new user's knowledge and consent.

Gold365 Exchange processes your personal data only for specific, explicit, and legitimate purposes. We never process your personal data in a manner that is incompatible with the purposes for which it was originally collected.

1. Providing and Managing Our Services

The primary purpose for which we process your personal data is to provide you with the Gold365 Exchange platform and all associated gaming, betting, and financial services. This includes creating and managing your account, processing bets and transactions, crediting winnings to your wallet, providing customer support, and maintaining your account preferences and settings.

2. Identity Verification and KYC Compliance

We are legally required to verify the identity of our users before permitting certain activities, particularly withdrawals above specified thresholds. We process your identity documents, photographs, and related information to fulfill our KYC (Know Your Customer) obligations under Indian AML (Anti-Money Laundering) regulations and our own security policies.

3. Fraud Detection and Prevention

Protecting the integrity of our platform and the safety of all users is a top priority. We analyze account activity, device data, IP addresses, transaction patterns, and behavioral signals to detect and prevent fraud, money laundering, multiple account creation, bonus abuse, match fixing, and other prohibited activities.

4. Payment Processing and Financial Reporting

We use your financial data (bank details, UPI IDs, transaction history) to process deposits and withdrawals, reconcile accounts, generate financial reports, and comply with applicable Indian tax and financial reporting obligations, including TDS (Tax Deducted at Source) requirements under the Income Tax Act.

5. Responsible Gaming and Player Protection

Gold365 Exchange takes responsible gaming very seriously. We monitor gaming patterns, session duration, deposit frequency, and loss patterns to identify users who may be at risk of developing problem gambling behaviors.

6. Legal and Regulatory Compliance

Gold365 Exchange is subject to various legal and regulatory obligations in India. We process your personal data to comply with: AML and KYC regulations; tax reporting requirements; regulatory audits and investigations; court orders and legal proceedings; and any other applicable laws, regulations, or regulatory guidance.

7. Platform Improvement and Analytics

We use aggregated and, where possible, anonymized data to analyze how users interact with the Gold365 platform. This analysis helps us improve our services, optimize the user experience, develop new features, and make data-driven decisions about our product roadmap.

8. Marketing and Promotional Communications

With your explicit consent, we may process your contact details (email address and mobile number) to send you promotional communications about Gold365 offers, new games, upcoming events, and special promotions. You can withdraw your consent for marketing communications at any time.

9. Customer Support and Dispute Resolution

We process your personal data, gaming history, transaction records, and communication history to provide effective customer support, investigate and resolve disputes, respond to complaints, and improve our support processes based on feedback and case analysis.

Gold365 Exchange processes your personal data only where we have a valid and lawful basis for doing so under applicable Indian data protection law, particularly the Digital Personal Data Protection Act (DPDP Act) 2023. For each processing activity, we rely on one or more of the following legal bases:

You have the right to withdraw your consent at any time for processing activities that rely on consent as their legal basis. However, withdrawal of consent will not affect the lawfulness of any processing carried out prior to the withdrawal.

Gold365 Exchange does not sell, rent, or trade your personal data to any third party for their own commercial purposes — under any circumstances. However, to operate our platform and fulfill our legal obligations, we do share your personal data with certain trusted third-party categories under strict data processing agreements and confidentiality obligations.

Third-Party Categories We Share Data With

• Payment Service Providers and Banking Partners: We share your financial data with payment gateways (such as Razorpay, PayU, CCAvenue), banks, and UPI service providers solely to process your deposit and withdrawal transactions.
• KYC and Identity Verification Service Providers: We engage third-party KYC verification companies to conduct document authentication, facial recognition verification, and AML screening.
• Technology and Infrastructure Providers: We use cloud computing services, data storage providers, and cybersecurity services to operate and secure our platform.
• Analytics and Performance Monitoring Tools: We use analytics tools to understand platform usage patterns. Where possible, we use anonymized or pseudonymized data with these providers.
• Customer Support Platforms: We use third-party customer support software and live chat tools to manage user inquiries.
• Regulatory and Law Enforcement Authorities: We will disclose your personal data to government agencies, regulatory bodies, tax authorities, law enforcement agencies, or courts when required to do so by applicable Indian law.
• Gaming Industry Fraud Prevention Networks: Gold365 Exchange participates in industry-standard fraud prevention networks to prevent multi-platform fraud.
• Professional Advisors: We may share your data with our lawyers, auditors, accountants, and other professional advisors under strict confidentiality obligations.
• Business Transfers: In the event of a merger, acquisition, restructuring, or sale of all or part of our business assets, your personal data may be transferred to the acquiring entity as part of the transaction.

Protecting the security and integrity of your personal data is one of Gold365 Exchange's most fundamental responsibilities. We invest continuously in the technology, processes, and people required to defend your data against unauthorized access, disclosure, alteration, and destruction.

Data Breach Response

Despite our robust security measures, no digital platform can guarantee absolute security against all threats. In the unlikely event of a personal data breach that poses a risk to your rights and freedoms, Gold365 Exchange will:

• Contain and investigate the breach immediately upon detection
• Notify the relevant Indian regulatory authority within 72 hours (as required by the DPDP Act 2023)
• Notify affected users without undue delay if the breach is likely to result in high risk to their rights and freedoms
• Provide clear information about the nature of the breach, what data was affected, and what steps you should take to protect yourself
• Implement remedial measures and a full post-incident review to prevent recurrence

Your Security Responsibilities

While Gold365 Exchange implements comprehensive security measures on our end, some aspects of your account security depend on your actions. We ask you to: use a strong, unique password; enable two-factor authentication on your account; never share your login credentials with anyone; log out of your account after each session when using shared devices; and report any suspicious activity on your account to us immediately.

Gold365 Exchange uses cookies and similar tracking technologies to enhance your experience on our platform, keep you securely logged in, remember your preferences, analyze how our platform is used, and deliver relevant content and advertisements.

What Are Cookies?

Cookies are small text files that are placed on your device (computer, smartphone, or tablet) when you visit a website. They allow the website to remember information about your visit, such as your login status and preferences. Cookies set by the website owner (in this case, Gold365 Exchange) are called "first-party cookies". Cookies set by third parties are called "third-party cookies".

Types of Cookies We Use

Managing Your Cookie Preferences

• Cookie Preference Centre: Access our cookie preference centre at any time via the cookie banner or the privacy settings in your account to manage non-essential cookies.
• Browser Settings: Most web browsers allow you to control cookies through their settings.
• Google Analytics Opt-Out: Install the Google Analytics Opt-out Browser Add-on available from Google.
• Device Settings: On mobile devices, you can manage app tracking preferences through your device's privacy settings.

Please note that restricting or deleting essential cookies will impact the core functionality of the Gold365 Exchange platform and may prevent you from logging in, placing bets, or making transactions.

Under the Digital Personal Data Protection Act (DPDP Act) 2023 and other applicable data protection frameworks, you — as a Data Principal — have a number of important rights regarding your personal data. Gold365 Exchange is fully committed to respecting and facilitating the exercise of these rights.

How to Exercise Your Rights

To exercise any of your data rights, please contact our Data Protection Officer at privacy@gold365online.com with a clear description of your request.

We will acknowledge receipt of your request within 48 hours and aim to fulfill all legitimate data rights requests within 30 days. In complex cases, we may extend this period by an additional 30 days, in which case we will inform you of the reason for the extension.

Gold365 Exchange retains your personal data only for as long as is necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, resolve disputes, and enforce our agreements.

Upon expiry of the applicable retention period, Gold365 Exchange will securely delete or anonymize your personal data using industry-standard data destruction methods.

The safety and protection of children is a matter of the highest priority for Gold365 Exchange. Our platform is strictly intended for adults aged 18 years and above. We do not knowingly collect, process, or store personal data of individuals under the age of 18.

Guidance for Parents and Guardians

• Using parental control software and browser-based content filtering to block access to online gaming platforms
• Keeping your Gold365 login credentials (username and password) strictly private and secure
• Setting up PIN codes or biometric locks on devices that have the Gold365 app installed
• Educating children about the risks and legal age restrictions associated with online gambling and betting
• Reporting immediately to Gold365 if you believe a minor may have accessed our platform using your credentials or a separate account

If you are a parent or guardian and believe your child has created an account on Gold365 Exchange, please contact us immediately at safeguarding@gold365online.com.

Gold365 Exchange primarily stores and processes your personal data within India. However, some of our technology service providers, cloud infrastructure partners, and third-party tools may be located in, or may process data from, countries outside India. When your personal data is transferred outside India, we ensure that appropriate safeguards are in place to protect your data to a standard equivalent to or exceeding Indian data protection requirements.

• Standard Contractual Clauses: Legally binding data processing agreements incorporating standard data protection clauses approved by relevant regulatory authorities.
• Adequacy Decisions: Transfers to countries recognized by the Indian government as providing adequate levels of data protection.
• Data Processing Agreements: Comprehensive contractual obligations imposed on all third-party data processors, regardless of their location.
• Data Minimization for Transfers: Where data is transferred internationally, we limit the data transferred to the minimum necessary for the specific processing purpose.

If you would like more information about the specific international data transfers we undertake and the safeguards in place, please contact our Data Protection Officer at privacy@gold365online.com.

The Gold365 Exchange platform may contain links to third-party websites, services, or applications that are not owned or controlled by Gold365. These may include sports data providers, news outlets, payment gateway landing pages, social media platforms, and affiliate partner sites. This Privacy Policy applies solely to data collected and processed by Gold365 Exchange and does not cover the privacy practices of any third-party platforms.

We strongly encourage you to review the privacy policies of any third-party websites or services you access via links from the Gold365 platform, before providing them with any of your personal information.

Social Media Features

The Gold365 platform may include social media features and widgets (such as Facebook Like buttons, Twitter/X share buttons, or WhatsApp share links). These features may collect your IP address, the page you are visiting on our site, and may set cookies to enable the feature to function correctly. Your interactions with these features are governed by the privacy policies of the respective social media companies.

Affiliate and Referral Tracking

If you arrive at Gold365 Exchange via an affiliate partner link, we may collect information about the referral source (affiliate ID and tracking parameters) to credit the appropriate affiliate. This information is used solely for affiliate commission tracking purposes and does not affect your rights or the way your personal data is processed by Gold365 Exchange.

Gold365 Exchange reserves the right to update, modify, or revise this Privacy Policy at any time to reflect changes in our data processing practices, new services, changes in applicable law, or for any other legitimate business reason.

How We Notify You of Changes

• A prominent notice displayed on the Gold365 homepage and/or within your account dashboard
• An email notification sent to your registered email address
• An SMS notification sent to your registered mobile number
• An in-app push notification (where enabled)

For minor, non-material changes (such as typographical corrections, clarifications that do not change the substance of our commitments, or updates to contact information), we may update the Policy without direct notification, relying on the "Last Updated" date visible at the top of this document.

Your continued use of the Gold365 Exchange platform following the effective date of a revised Privacy Policy constitutes your acceptance of the changes.

Below are clear answers to the most frequently asked questions about Gold365 Exchange's privacy practices. If your question is not answered here, our Data Protection Officer and support team are always available to help.

Contact Our Data Protection Team