Privacy and Personal Data Protection Policy

Identification and contact data

During the account registration and identity verification process, we collect information such as first name, last name, email address, phone number, and exact date of birth. Age verification is an absolute legal requirement in Poland – access to the Lemon Casino platform is allowed only for individuals over 18 years of age. This data is necessary to create a secure profile and ensure authorized access to the service's resources.

Technical data and system logs

We automatically record data such as IP address, device type, operating system, browser version, and unique hardware identifiers. This information is critical for monitoring platform stability, preventing DDoS attacks, and optimizing content display according to the technical specifications of the user's end device.

Activity and transaction data

We process information about how the service is used, login sessions, time spent in individual sections, and the status of technical operations performed. When using services that require billing, we process data on payment status, with detailed financial data being isolated and handled by certified external entities to ensure the highest level of information protection.

Data processing processes at Lemon Casino are based on the following legal foundations:

• Contract performance: When data is necessary to provide services requested by the user.
• Legal obligation: When Polish regulations impose on us the obligation to verify identity or report specific technical events.
• Legitimate interest: To ensure network cybersecurity, detect fraud, and improve analytical tools.
• User consent: For voluntary additional services, such as subscribing to informational messages.

We use the collected data to:

• Properly manage the user's account and verify their permissions.
• Provide efficient technical support and resolve reported operational issues.
• Analyze service performance to introduce ergonomic improvements and optimize code.
• Protect against cyber threats and actions that disrupt system stability.
• Comply with regulatory requirements regarding operational transparency in Poland.

We store personal data only for the period necessary to achieve the purposes for which it was collected, or for the time required by Polish law (e.g., archiving obligations). After this period, the data is permanently and securely deleted from our servers or subjected to anonymization, which makes it impossible to re-attribute the information to a specific natural person.

We never sell or rent user data to commercial entities. Data may only be transferred to trusted technical service providers (e.g., cloud server operators, cybersecurity companies) who act on our behalf based on strict data processing agreements. In situations provided for by law, we may be obliged to provide data to state authorities in Poland.

Most processing operations take place within the European Economic Area. In cases where our technical partners are located outside the EEA, we apply appropriate legal safeguards, such as Standard Contractual Clauses approved by the European Commission, to guarantee a level of data protection consistent with EU standards.

We use advanced solutions to protect data against loss, unauthorized access, or modification. Our protocols include:

• Connection encryption using SSL/TLS technology.
• Intrusion detection systems and firewalls.
• Strict access control for authorized personnel.
• Regular security audits and penetration tests of the infrastructure.

In accordance with the regulations, every user has the right to:

• Right to access their data and receive a copy of it.
• Right to rectify inaccurate or incomplete information.
• Right to erasure of data ("right to be forgotten").
• Right to restriction of data processing in specific cases.
• Right to data portability to another provider.
• Right to object to processing based on legitimate interest.

To exercise your rights or obtain additional explanations, please contact us at: [email protected]. We treat every request as a priority and respond to it within the deadlines provided by Polish law.

This policy is regularly reviewed and updated. Any changes will be published on this page, allowing users constant insight into how Lemon Casino manages their private sphere.