Your data is yours. This policy explains exactly what we collect, why we collect it, how we protect it, and how you can control it. Written in plain English — no fine print tricks.
★ Privacy Policy at a Glance
Don't have time to read 5,000 words? Here's the essence: We collect only what we need to operate, comply with law, and serve you well. We never sell your data. We use bank-grade encryption. You can request access, correction, or deletion anytime via WhatsApp. The rest of this page explains the details.
Effective Date: April 2026 · Last Updated: April 2026 · Version: 4.2
1. Who We Are
This Privacy Policy describes how Sanatana777 ("we," "us," "our," or the "Platform") collects, uses, processes, stores, and discloses personal data of users ("you," "your," "Player," or "User") of our online betting and gaming services, accessible at sanatana777.com and via our mobile interfaces.
Sanatana777 operates as an internationally licensed online gaming brand. Our gaming operations run on platforms licensed under Curacao eGaming jurisdiction, with payment processing handled through internationally licensed financial service providers.
2. Information We Collect
2.1 Identity Information
When you register for and use a Sanatana777 betting ID, we collect:
Full legal name
Date of birth (to verify 18+ age requirement)
Gender (optional)
Country and state of residence
Nationality
Government-issued ID document images (Aadhaar, PAN, Passport, Voter ID, or Driving License) — for KYC compliance
Self-declared occupation (for AML risk assessment)
2.2 Contact Information
Mobile phone number (primary contact channel)
WhatsApp number (if different from mobile)
Email address (optional)
Postal address (when required for KYC verification)
2.3 Financial Information
UPI ID for deposits and withdrawals
Bank account number and IFSC code (for direct bank transfers)
Payment instrument details (last 4 digits of cards used)
Transaction history (deposits, withdrawals, bets, wins, losses)
Source of funds declarations (for high-value transactions per AML rules)
Note: Sanatana777 does NOT store full credit card numbers, CVV codes, UPI PINs, or net banking passwords. All payment authentication happens through licensed payment service providers.
2.4 Activity & Behavioral Data
Betting and gaming activity (which markets, sports, games, frequency, amounts)
Login times, sessions, device used
IP address (for fraud prevention and geo-compliance)
Browser/app version, operating system
Approximate location (city/state level — never precise GPS)
Customer support conversation history
Bonus and promotion participation
2.5 Technical & Cookie Data
Session cookies for login functionality
Preference cookies (language, display settings)
Performance cookies (page load times, error tracking)
Analytics cookies (anonymized usage patterns) — only if you consent
2.6 Information We Do NOT Collect
We do not collect biometric data beyond what is on your government ID
We do not access your phone contacts, photos, microphone, or camera (except KYC document upload)
We do not track your browsing on websites outside Sanatana777
We do not collect data about your political views, religion, sexual orientation, or health (these are unnecessary for our service)
We do not buy data from third-party data brokers
3. How We Use Your Information
We process your personal data only for specific, lawful purposes:
3.1 Service Delivery (Contract Performance)
Creating and managing your betting account
Processing deposits and withdrawals
Settling bets and crediting winnings
Providing customer support
Sending transaction confirmations
3.2 Legal Compliance
Verifying your age (mandatory 18+ check)
KYC (Know Your Customer) compliance with international gaming regulations
AML (Anti-Money Laundering) obligations including suspicious activity monitoring
Tax reporting where legally required
Responding to lawful requests from regulatory authorities
Court orders, subpoenas, and law enforcement cooperation
Preventing multi-account abuse and bonus exploitation
Protecting our platform from cyber attacks
Investigating policy violations
3.4 Service Improvement
Analyzing aggregated, anonymized usage patterns
Identifying technical issues and improving platform stability
Designing better features based on user behavior
Quality-monitoring customer support interactions
3.5 Marketing (With Your Consent)
Sending promotional offers via WhatsApp, SMS, or email — only with explicit opt-in
Personalizing bonus offers based on betting preferences
You can opt out of all marketing at any time with no impact on service
3.6 Responsible Gaming
Detecting patterns suggestive of problem gambling
Triggering proactive support outreach when concerning patterns appear
Enforcing self-exclusion and limit settings
Preventing access to excluded players
4. How We Share Your Information
Sanatana777 is committed to data minimization in sharing. Specifically:
★ Our Data Sharing Promise
We never sell your personal data to anyone, ever. We do not sell, rent, lease, trade, or otherwise commercialize player data with advertisers, marketers, data brokers, social media platforms, or any third party. This is a core ethical commitment, not just a legal one.
4.1 Trusted Service Providers
We share necessary minimum data with vetted service providers operating under strict data processing agreements:
Payment processors (UPI gateways, banks): To process deposits and withdrawals
KYC verification services: To authenticate your government ID documents
Cloud infrastructure providers: For secure data storage and platform hosting (data encrypted at rest)
Customer support tools: For ticket management and conversation history
Game providers (slots, live casino): For game session continuity (no PII shared, only anonymized session tokens)
Fraud detection services: For pattern analysis to prevent account compromise
4.2 Legal Authorities (When Required)
Tax authorities for high-value transaction reporting
Courts in response to subpoenas and discovery requests
We do not voluntarily share data with authorities without legal compulsion. We resist overly broad requests and require properly executed legal process.
4.3 Independent Dispute Resolution
If you initiate a formal dispute, relevant data is shared with eCOGRA ADR or our designated dispute resolution partner
Only data relevant to the specific dispute is shared
4.4 Business Transitions
In the unlikely event of business sale, merger, or restructuring, player data may transfer to the successor entity
Players are notified in advance with the option to close accounts and request data deletion before any transition
5. Data Security
We protect your information with multi-layered security:
Encryption in transit: All data transmission uses TLS 1.3 encryption (256-bit). Our SSL configuration is rated A+ by SSL Labs
Encryption at rest: Stored personal data, including KYC documents, is encrypted using AES-256
Access controls: Only authorized personnel access player data, on a strict need-to-know basis. All access is logged and audited
Two-factor authentication: Available on all player accounts (strongly recommended)
PCI DSS compliance: Payment infrastructure meets Payment Card Industry Data Security Standards
Incident response: Defined procedures for breach detection, containment, and notification within 72 hours
Employee training: All staff receive mandatory annual data privacy and security training
6. Data Retention
We retain personal data only as long as necessary:
Data Category
Retention Period
Legal Basis
Account & transaction data
7 years after account closure
AML/Tax compliance
KYC documents
5 years after account closure
AML compliance
Betting history
7 years
AML/dispute resolution
Customer support logs
3 years
Service quality, dispute records
Marketing preferences
Until you opt out + 30 days
Consent
IP address logs
12 months
Security/fraud prevention
Cookies (session)
Until logout / 24 hours
Service operation
Cookies (analytics)
13 months max
Consent
Self-exclusion records
Permanently (anonymized after 7 years)
Player protection
7. Your Privacy Rights
Regardless of your location, Sanatana777 honors the following data subject rights for all players:
7.1 Right to Access
You can request a copy of all personal data we hold about you. We provide this within 30 days of verified request, free of charge.
7.2 Right to Rectification
If your data is inaccurate or incomplete, you can request correction. Most corrections (name spelling, contact details) are processed within 24 hours.
7.3 Right to Erasure ("Right to Be Forgotten")
You can request deletion of your personal data. We honor this for non-mandatory data immediately. However, certain data must be retained for legal compliance:
Marketing data, optional profile fields, and customer support history can be deleted on request.
7.4 Right to Data Portability
You can request your data in a structured, commonly used, machine-readable format (JSON or CSV) for transfer to another service.
7.5 Right to Restrict Processing
You can request that we limit how we use your data while a dispute or correction is being resolved.
7.6 Right to Object
You can object to processing based on legitimate interest (e.g., marketing, profiling for promotions). We will stop unless we have compelling legitimate grounds that override your interests.
7.7 Right to Withdraw Consent
Where processing is based on consent (marketing, optional analytics), you can withdraw consent anytime without affecting prior lawful processing.
7.8 Right to Complain
You can lodge complaints with applicable data protection authorities. In India, this includes the upcoming Data Protection Board under the DPDP Act 2023.
How to Exercise Your Rights
Contact us via WhatsApp at wa.link/sanatana247 with subject "Data Subject Request." We may need to verify your identity before processing requests to protect your data from unauthorized access. All verified requests are processed within 30 days, and most within 7 days.
8. Cookies & Tracking Technologies
8.1 What Are Cookies
Cookies are small text files stored on your device when you visit our platform. They help us recognize you on return visits, remember preferences, and improve security.
8.2 Types We Use
Strictly Necessary Cookies: Required for the platform to function (login, session management). Cannot be disabled
Functional Cookies: Remember your language, region, display preferences
Performance Cookies: Help us identify slow pages, errors, and technical issues
Analytics Cookies: Anonymized usage patterns to improve the platform — opt-in only
Marketing Cookies: Personalize promotional offers — opt-in only
8.3 Managing Cookies
You can control cookies through your browser settings. Disabling strictly necessary cookies may break platform functionality. Disabling other cookies has no impact on service delivery, only on personalization.
9. International Data Transfers
As an internationally operated platform, your data may be processed in jurisdictions outside India, including locations where our cloud infrastructure providers, KYC services, or operational teams are based. When data transfers occur internationally:
We ensure receiving jurisdictions provide adequate data protection
We use Standard Contractual Clauses for transfers to non-adequate jurisdictions
Data is encrypted during all transfers
Service providers agree to data processing agreements binding them to our privacy standards
10. Children's Privacy
Sanatana777 is strictly for adults 18 years or older (or higher minimum age in jurisdictions requiring it). We do not knowingly collect data from minors. If we discover an account belongs to someone under 18:
The account is immediately closed
Deposits are returned to original payment source
Any winnings are voided
The personal data is deleted (except records required for legal compliance)
If you believe a minor is using our platform, please notify us immediately via WhatsApp.
11. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or services. When we make material changes:
We notify active players via WhatsApp/email at least 30 days in advance
The "Last Updated" date at the top of this page changes
Significant changes are highlighted in a notice on the platform
Your continued use of the platform after changes constitutes acceptance
Previous versions are archived and available on request.
12. Contact for Privacy Matters
For any privacy-related queries, complaints, or to exercise your data subject rights:
Primary channel: WhatsApp at wa.link/sanatana247 with subject "Privacy Inquiry"
Data Protection Officer: Available through WhatsApp escalation for complex privacy matters
Response time: Acknowledgment within 24 hours, full response within 30 days
Frequently Asked Questions About Privacy
We collect data in five main categories, each for specific purposes:
Identity data: Name, date of birth, government ID (for KYC and 18+ verification)
Contact data: Phone number, email, WhatsApp number (for service communication)
Financial data: UPI ID, bank details, transaction history (for deposits/withdrawals)
Activity data: Bets placed, games played, login times (for service operation and pattern analysis)
Technical data: IP address, device info, cookies (for security and platform improvement)
We deliberately practice data minimization — we collect only what is necessary for service delivery, legal compliance, and player protection. We do not collect data we don't need.
Absolutely not. Sanatana777 does not sell, rent, lease, trade, or otherwise commercialize player data. This is one of our most fundamental commitments. Specifically:
We do not sell data to advertising networks
We do not sell data to marketing companies
We do not sell data to data brokers
We do not sell data to social media platforms
We do not allow third-party tracking pixels for advertising purposes
Our business model is built on operating a quality betting platform — not on monetizing player data. Many "free" services online survive by selling user data; this is the opposite of how we operate.
We use multiple layers of security specifically for sensitive financial and KYC data:
AES-256 encryption at rest: All KYC documents and financial records are encrypted in storage
TLS 1.3 encryption in transit: Data moving between your device and our servers is encrypted to bank-grade standards
Tokenization: Financial details are replaced with non-sensitive tokens for internal use
Restricted access: Only specifically authorized personnel can access KYC documents, on a strict need-to-know basis. All access is logged
PCI DSS compliance: Our payment infrastructure meets Payment Card Industry Data Security Standards
Regular security audits: Annual third-party security audits and penetration testing
Segregated storage: Sensitive data is stored separately from non-sensitive data with different access controls
Two-factor authentication: Available for all player accounts to prevent unauthorized access
Importantly, we do not store full credit card numbers, CVV codes, UPI PINs, or net banking passwords — these are handled exclusively by licensed payment service providers under their own security frameworks.
Different data types have different retention periods based on purpose and legal requirements:
Account and transaction records: 7 years after account closure (required by AML and tax law)
KYC documents: 5 years after account closure (required by AML regulations)
Customer support conversations: 3 years (for dispute resolution)
IP address logs: 12 months (for fraud prevention)
Marketing preferences: Until you opt out, then deleted within 30 days
Self-exclusion records: Permanently retained but anonymized after 7 years (this protects players from creating new accounts to bypass exclusion)
After retention periods expire, data is securely deleted or anonymized so it can no longer be linked to you. We do not keep data "just in case" — every retention period has a specific legal or operational justification.
Yes, you have the Right to Erasure (also called "Right to Be Forgotten"). To request data deletion:
Message us on WhatsApp at wa.link/sanatana247 with subject "Data Deletion Request"
We verify your identity (typically through KYC document re-verification)
We process your request within 30 days (most within 7 days)
You receive written confirmation when deletion is complete
What we will delete:
Marketing preferences and contact lists
Optional profile information (occupation, etc.)
Non-mandatory communications history (after 3 years)
Browser cookies and tracking data
Saved payment preferences
What must be retained for legal reasons:
Transaction records (7 years for AML/tax)
KYC documents (5 years for AML)
Self-exclusion records (permanently, for player protection)
Even retained data is anonymized where possible and stored under strict access controls. After mandatory retention periods expire, the data is automatically deleted.
We use cookies in several categories with different purposes:
Strictly necessary cookies: Login session management, security tokens. Cannot be disabled without breaking the platform
Functional cookies: Language preferences, regional settings, display options. Can be disabled but reduces convenience
Performance cookies: Page load times, error tracking, technical diagnostics. Help us improve the platform
Analytics cookies: Anonymized usage patterns. Opt-in only — disabled by default unless you consent
Marketing cookies: Personalized offers and promotions. Opt-in only — disabled by default
You can control cookies through:
Browser settings (block all cookies, block third-party only, etc.)
Cookie banner choices on first visit
Account preferences page (for analytics and marketing cookies)
Disabling strictly necessary cookies will break login functionality. Disabling other cookies has no impact on betting service quality, only on personalization. We respect "Do Not Track" browser signals.
We share minimum necessary data with specific categories of trusted parties:
Service providers we share with:
Payment processors (UPI gateways, banks) — for processing transactions only
KYC verification services — for ID document authentication
Cloud infrastructure providers — for secure data hosting (encrypted)
Customer support platforms — for ticket management
Game providers — for game session continuity (anonymized session tokens only)
Fraud detection services — for security analysis
All service providers operate under strict Data Processing Agreements requiring them to:
Use data only for the specific purpose we contract for
Maintain security standards equivalent to ours
Not retain data longer than necessary
Not subcontract without our approval
Legal authorities (only when legally required): Tax authorities, law enforcement with valid orders, regulatory bodies, courts. We do not voluntarily share with authorities; we require properly executed legal process.
What we never do: Sell data to advertisers, marketers, data brokers, or social media platforms. This is non-negotiable.
This is a legitimate concern. Our commitments in such scenarios:
If Sanatana777 is sold or merged:
Player data may transfer to the successor entity, but only if they commit to honoring this Privacy Policy or stronger
Players are notified at least 30 days before any transition
You have the option to close your account, withdraw your balance, and request data deletion before transfer
Any successor entity is contractually bound to respect existing privacy commitments
If Sanatana777 ceases operations:
All players are notified with reasonable advance time to withdraw balances
Player funds are held in segregated accounts protected from operational creditors
Personal data is securely deleted after legal retention periods expire
KYC and transaction data is transferred to a designated custodian for the legally required retention period, then destroyed
Our business is structured to protect player interests through commercial transitions. Player funds are segregated, and player data has clear protection commitments — these are not afterthoughts.
Despite our extensive security measures, no system is 100% breach-proof. Our incident response plan includes:
Immediate response (0-4 hours):
Containment of the breach to prevent further data exposure
Internal investigation by the security team
Forensic preservation of evidence
Assessment (4-24 hours):
Identification of affected players and data categories
Severity classification
Risk assessment for affected individuals
Notification (within 72 hours of confirmation):
Regulatory authorities notified per applicable data protection law
Affected players notified directly via WhatsApp/email/SMS
Notification includes: what happened, what data was affected, what actions to take, our response
Remediation:
Forced password resets if credentials may be exposed
Free credit monitoring if financial data is exposed
Account security upgrades
Root cause analysis and prevention measures
We take responsibility for breaches caused by failures on our side and provide appropriate remediation. Our annual security audits and continuous monitoring exist specifically to prevent breaches in the first place.
Opting out of marketing is easy and immediate:
WhatsApp: Send message "STOP MARKETING" to wa.link/sanatana247
SMS: Reply STOP to any promotional SMS
Email: Click "Unsubscribe" link in any email footer
Account settings: Toggle marketing preferences in your account dashboard
After opt-out:
Marketing communications stop within 24 hours
You will still receive transactional messages (deposit confirmations, withdrawal updates, security alerts) — these are not marketing
Your account functionality is not affected in any way
Marketing data is deleted from our systems within 30 days
You can re-subscribe anytime through your account settings. We respect your choice — opting out has zero negative consequences for your account, support quality, or service.
Privacy Questions? We Respond
Any privacy-related inquiry, data subject request, or concern. Direct response from our team.