To be able to provide you with our services securely and reliably, it is necessary to process various categories of data. We always limit ourselves to the absolute minimum required for the respective purpose.

Identity and Contact Data If you decide to open an account with Fruit Million, we must collect certain basic information to uniquely identify you. This typically includes your full name, your date of birth (for strict age verification), your physical residential address, and contact details such as a valid email address and a phone number. This data is essential for contract fulfillment and ensuring account security.

Usage and Technical Device Data With every interaction with our website, your device generates technical metadata. We collect information such as your Internet Protocol (IP) address, browser type and version, the time zone setting, the operating system, and technical details about the platform you use for access. Furthermore, we log usage data that documents how you navigate the website, which pages you visit, the duration of your visit, and your specific interactions with our platform functions.

Transaction and Interaction Data To the extent relevant for the provision of our platform services, we collect detailed records of your transactions. This includes histories of deposits, withdrawals, services used, and activities within your user account. It is important to emphasize that full credit card data or sensitive bank access data are never stored directly on our systems, but are processed via highly secure, encrypted gateways of our verified payment service providers.

Communication Data and Support History If you contact our customer service, whether by email, live chat, or phone, we document this communication. This serves not only to resolve your specific request, but also for quality assurance, staff training, and the maintenance of a complete record in case of potential misunderstandings or disputes.

Every processing of personal data by Fruit Million is based on a solid and documented legal basis. The primary legal basis is the fulfillment of a contract to which you are a party. If you accept our General Terms and Conditions, the processing of certain data is mandatory to provide you with the account and perform the agreed services.

Furthermore, we rely on legitimate interests, provided that your fundamental rights and freedoms do not override them. This includes, for example, data processing for fraud prevention, defense against cyber attacks, improvement of network security, and business analysis of our platform performance. In certain cases, we are legally obliged to process and store data, for example, to comply with anti-money laundering policies or tax law requirements. If we use data for targeted marketing measures, this is generally based exclusively on your express, voluntarily given, and revocable consent.

The information we collect is systematically used for narrowly defined purposes. The main purpose is the management and administration of your user account, authentication upon login, and ensuring smooth transactions. Another essential area is security: We analyze data patterns to detect and prevent fraudulent activities, unauthorized account access, or manipulations of our platform early on.

Furthermore, we use pseudonymized or aggregated data to improve the architecture of our website, develop new features, and optimize the overall performance of our system. If you have agreed to receive notifications, we use your contact data to inform you about relevant system updates, security alerts, administrative changes, or occasional service offers. Our customer service team uses your history to help you efficiently and contextually with technical or administrative problems.

Fruit Million applies strict retention policies that follow the principle of data minimization. We store your personal data only exactly as long as is absolutely necessary for the purposes for which it was originally collected. As long as your account is active, we retain your master data to ensure ongoing operation. If you request the closure of your account or it is deactivated due to inactivity, your data will not be immediately completely deleted.

We are legally and administratively obliged to retain certain categories of data - especially financial transaction records and basic identity data - for a specified period after the termination of the contractual relationship. This serves to comply with legal documentation obligations and to resolve potential future disputes. Once these legal retention periods have expired, your data will be anonymized by irreversible cryptographic procedures or permanently and securely deleted from our productive systems and backups.

To ensure the operation of a modern, complex online platform, collaboration with specialized external service providers is essential. Fruit Million will under no circumstances sell your personal data to third parties. We only share data with carefully selected and contractually bound processors who perform services on our behalf.

These partners may include: payment processing companies for carrying out secure transactions, providers of cloud hosting and server infrastructures for website provision, IT security companies for protection against cyber threats, and external customer service platforms. All these third-party providers are subject to strict confidentiality agreements and may only process your data according to our explicit instructions and not for their own, independent purposes. In rare exceptional cases, we may be compelled to disclose data if this is legally required to fulfill a legal obligation, to enforce our terms of use, or to protect the rights and security of Fruit Million, our users, or the public.

As the digital infrastructure is globally interconnected, it may happen that some of our third-party providers or server locations are located outside the European Economic Area (EEA) or your country of residence. When personal data crosses international borders, we take extensive precautions to ensure that the level of protection is not compromised. We ensure that all international data transfers comply with applicable data protection laws. This is typically done by implementing Standard Contractual Clauses, which provide legally binding guarantees for the protection of data in the recipient country, or by ensuring that the destination country is recognized by the competent data protection authorities as a country with an adequate level of data protection.

Protecting your information from unauthorized access, loss, destruction, or manipulation is a central concern of our IT architecture. Fruit Million implements a variety of physical, electronic, and administrative security measures. We use industry-standard SSL/TLS encryption technologies to secure the transmission of data between your browser and our servers. Our internal systems are protected by advanced firewalls, intrusion detection systems, and strict access controls. Only authorized personnel, who are subject to a strict duty of confidentiality, have access to sensitive information, and this access is limited to what is absolutely necessary. Although we make enormous efforts to secure the integrity of our platform, it must be emphasized that no system on the internet can guarantee absolute, hundred percent security. The transmission of data over the internet always occurs at a certain inherent risk.

As a user of our platform, you have comprehensive rights regarding your personal data. You have the right to access, meaning that you can request confirmation at any time whether we process your data, and if so, request a copy of this data. You have the right to rectification of inaccurate or incomplete information in your profile.

Under certain conditions, you can assert the right to erasure (the "right to be forgotten"), provided that no compelling legal retention obligations oppose the deletion. You can also request a restriction of processing or object to the processing of your data, especially if it is based on legitimate interests or used for direct marketing purposes. Furthermore, you have the right to data portability, which allows you to receive the data you have provided to us in a structured, machine-readable format. If data processing is based on your consent, you can revoke this consent at any time with effect for the future.

The provisions of this privacy policy may occasionally be adapted to keep pace with the development of new platform features, changes in the underlying technology, or modifications to relevant legal requirements. In the event of significant changes in content, we will actively inform you, typically by a prominent notice on our website or by a direct notification to the email address stored in your account, before the changes take effect. Continued use of the platform after such an update constitutes acknowledgment of the revised terms.

We have established specialized communication channels to handle your questions regarding data protection, the exercise of your rights, or specific concerns about the processing of your information. Please do not hesitate to contact us via the contact options below. We strive to answer all legitimate inquiries accurately and helpfully within the legally prescribed deadlines.

Email address for data protection matters: [email protected] Phone support: +49 30 12345678 Administrative postal address: Friedrichstraße 123, 10117 Berlin, Germany