Parimatch collects only the information needed to provide and improve services, meet legal duties, and protect users.

Categories of personal data

• Identity and KYC: name, date of birth, address, photographs, KYC documents, nationality
• Contact details: email, phone number, postal address
• Account data: username, preferences, responsible gaming settings, self-exclusion status
• Transaction and payment data: deposits, withdrawals, payment method identifiers handled by providers
• Technical and usage data: device identifiers, IP address, log files, cookies, performance metrics
• Compliance and risk data: verification outcomes, sanctions and PEP screening results, fraud flags

Why collection takes place

• To create and service accounts, process transactions, and provide customer support
• To carry out identity checks, age verification, and due diligence as required by law
• To enforce platform rules, prevent fraud, manage disputes, and ensure responsible gaming
• To analyse performance, improve online services, and maintain security

Security measures

• Encryption in transit and at rest, TLS for data in motion
• Access controls, least-privilege principles, and multi-factor authentication for staff
• Network monitoring, logging, and vulnerability management
• Regular training, audits, and incident response procedures
• Payments processed by PCI DSS compliant providers

Retention

Information is retained only as long as necessary for the purpose collected and for legal, tax, and anti-money laundering requirements, typically 5 to 10 years for statutory records.

Compliance

Operations align with the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000 and applicable rules, and anti-money laundering obligations. Practices also follow widely accepted privacy principles similar to GDPR.

Your rights

• Access: request a copy of your personal data
• Correction: ask to update inaccurate information
• Deletion: request erasure where retention is not required by law
• Restriction and objection: limit or object to certain processing
• Consent withdrawal: change your choices at any time for consent-based processing
• Grievances: escalate complaints through the in-site Help Centre; you may also approach the Data Protection Board of India under the DPDP Act

Parimatch uses personal data for lawful, fair, and transparent purposes:

• Account servicing: registration, authentication, and profile management
• Transactions: deposits, withdrawals, and payment reconciliation through providers
• Customer care: responses to queries, complaints handling, and troubleshooting
• Service improvement: analytics, quality assurance, and performance optimisation
• Personalisation: preferences and responsible gaming settings to tailor user experience
• Marketing: only in line with user choices, including opt outs in account settings
• Compliance: KYC, AML, fraud prevention, sanctions screening, and record keeping
• Security: detection of suspicious activity and protection of the platform
• Research and statistics: aggregated or anonymised insights that do not identify users

Processing is restricted to stated purposes, based on consent, contractual necessity, legitimate interests, or legal obligations.

Users can manage personal information in account settings or by submitting a request through the Help Centre.

Requests and procedures

• Access: receive a copy of your data in a commonly used format, subject to verification
• Correction: update or complete inaccurate or outdated records
• Deletion: request erasure where there is no legal basis to retain the information
• Timelines: responses are usually provided within 30 days, subject to complexity and volume
• Identity checks: proof of identity may be required to protect your account and prevent fraud

By using Parimatch, users consent to security checks, identity verification, and processing of payment information by payment providers for transactions and compliance.

Legal limits

• Some data cannot be deleted while a transaction is in progress or where retention is required by tax, anti-money laundering, payment, or dispute resolution laws.

The services are intended for adults aged 18 and above. The operator cannot confirm age without receiving documents for verification. If a parent or guardian informs the platform that a minor has provided personal information, steps will be taken to close the account, stop processing, and delete the information where allowed by law. Requests can be raised through the Help Centre by providing proof of relationship and identity.

Personal data may be stored and processed outside India where Parimatch technology partners, payment providers, or support teams operate. Use of the services constitutes consent to international transfers, subject to applicable laws. Safeguards include contractual protections, confidentiality obligations, and security controls aligned to recognised standards. Transfers are limited to partners that agree to protect information and handle it only for documented purposes. Users may request a description of transfer safeguards through the Help Centre.

This policy contains disclaimers that may define or limit the scope of certain rules to the extent permitted by applicable law. If any provision conflicts with mandatory law, that law prevails and the remaining terms continue in effect. The policy applies once a user indicates consent by clicking to agree, continuing to use the services, or otherwise signalling acceptance, including accession during sign-up. Records of acceptance may be kept as proof of consent and agreement to the policy.

Cookies are small text files stored on a device to remember settings and understand how users interact with websites. The platform uses cookies for statistics, behaviour analysis, personalisation, security, and improving site performance.

Types and purposes

• Essential: required for login, session management, and payments
• Analytics: measure usage, diagnose errors, and improve services
• Functional: remember preferences and responsible gaming choices
• Advertising: show relevant messages subject to consent

Controls and retention

• Cookie retention is typically up to 1 year, unless a shorter period is indicated in the cookie settings
• Users can manage preferences in the cookie banner or browser settings; disabling some cookies may affect functionality

Using Parimatch means full acceptance of this Privacy Policy and any updates posted on the website. The most recent version takes precedence over older versions. Continued use of the services after changes are posted indicates agreement to the updated document. Users who do not agree should adjust preferences or discontinue use of the services.

Personal information may be shared in limited cases and only for defined purposes:

• Service providers: identity verification, payments, fraud prevention, cloud hosting, analytics, customer support
• Legal and compliance: regulators, courts, tax authorities, and law enforcement where required
• Disputes: payment chargebacks, recovery of funds, and resolution of claims
• Corporate events: reorganisation, merger, or acquisition subject to confidentiality

A list of key categories of partners is provided on the website. If a specific party is not listed, users will be informed of the purpose and scope where required by law.

Providing personal information constitutes consent to such sharing for documented purposes. Third parties must use the information only as instructed and must protect confidentiality.

The website may contain links to external websites that operate under their own privacy policies. Parimatch is not responsible for how those websites collect, use, or disclose personal information. Users should review the privacy notices of each external site and exercise caution before sharing data on third-party platforms.