burger icon
Fortune Coins United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how Social Gaming LLC, trading as Fortune Coins, collects, uses, discloses and protects personal data in connection with the Fortune Coins pages and related content made available via the website https://fortunesco.com (the "Website"). It applies to visitors to the Website, including users in the United Kingdom who may view information about the Fortune Coins sweepstakes-style social casino, even though registration and play are not permitted for UK residents. This Policy should be read together with our Terms and Conditions available at https://fortunesco.com/terms-and-conditions. It is effective from 6 November 2025 and is intended to remain in force through 2026 unless replaced or updated.

Who We Are

The Website is operated for the Fortune Coins brand by Social Gaming LLC ("we", "us", "our"), a limited liability company registered in the State of Delaware, United States of America, under File No. 6358387. The Fortune Coins platform operates as a sweepstakes-style social casino primarily targeting eligible users in North America and does not hold a UK Gambling Commission licence. UK residents are strictly prohibited from registering or playing, but may still access informational content and may therefore have their data processed as Website visitors.

Legal Entity and Address

  • Operator: Social Gaming LLC, a Delaware limited liability company.
  • Registration details: Delaware corporate registry File No. 6358387.
  • Registered/Legal address: Social Gaming LLC, registered in Delaware, USA (File No. 6358387). The full street address and postal code are not specified in this Policy and can be obtained from the Delaware corporate registry or from us on request.
  • Website: https://fortunesco.com, including the Fortune Coins review and related informational pages.

Data Protection Contact

We have a designated contact point responsible for data protection matters (the "Data Protection Contact"). You can reach us regarding this Privacy Policy and your data protection rights by using the contact details provided in the "Contact Us" or similar sections of the Website and in our Terms and Conditions, or by writing to us at our registered corporate details with a clear reference to "Privacy" or "Data Protection". Your correspondence will be routed to our Data Protection Contact or relevant data protection team.

What Personal Data We Collect

We collect and process different categories of personal data depending on how you interact with fortunesco.com, including the Fortune Coins content. This may include data you provide directly, data generated through your use of the Website and data collected through cookies and similar technologies.

Identity and Contact Data

  • Identification details: full name, username or similar identifier, date of birth or age information (to confirm eligibility where applicable), and country or region of residence.
  • Contact details: email address, postal or billing address (where provided), and any telephone number you choose to provide in your communications with us.

Account, Gameplay and Behavioural Data

  • Account information: account ID, profile details, registration date, account status and internal notes relating to your account management (for eligible non-UK users who can create an account via links from fortunesco.com).
  • Gameplay and behavioural data: in-game activity, use of virtual coins, sweepstakes entries, win/loss history, session duration, clickstream data, interactions with specific games or offers, and responses to promotions. For UK visitors, this may be limited to browsing behaviour on informational pages.

Payment and Transaction Data

  • Payment-related data: purchase history of virtual items or packages, transaction dates, amounts, chosen payment method and limited payment instrument details (for example the last digits of a card) as provided by payment processors.
  • Sensitive payment data: full card numbers and security codes are generally processed directly by our payment service providers and not stored in full by us, except as necessary in tokenised or truncated form for fraud prevention, chargeback handling and regulatory purposes.

Technical and Usage Data

  • Technical data: IP address, device identifiers, browser type and version, operating system, language settings, time zone, referring URLs, approximate location derived from IP or device settings, and information about how your device interacts with our servers.
  • Usage logs: access times and dates, pages viewed, links clicked (including "free coin" or promotional links from social media), error logs and diagnostic data used to maintain and improve the Website.

Marketing and Communication Data

  • Marketing preferences: your choices about receiving marketing communications (for example email newsletters, promotional messages and in-account notifications for eligible users).
  • Communication data: copies of emails, chat logs, support tickets, feedback submissions and other communications you send to us.

Cookies and Similar Technologies

  • Cookie data: unique identifiers stored in cookies, pixels, tags and similar technologies that help us recognise your browser or device, remember your preferences and understand how you use the Website.
  • Online identifiers: advertising identifiers, analytics identifiers and other pseudonymous identifiers provided by third-party services (for example, analytics and advertising networks) where enabled and, where required, consented to.

We do not intentionally collect special categories of personal data (such as health information, political opinions or religious beliefs) or data relating to children. The Website and the Fortune Coins platform are intended only for adults who meet the minimum legal age in their jurisdiction; UK residents are not permitted to register or play.

Legal Basis for Processing

For individuals in the United Kingdom and the European Economic Area, we process personal data in accordance with the UK General Data Protection Regulation ("UK GDPR"), the EU General Data Protection Regulation ("EU GDPR") where applicable, and the UK Data Protection Act 2018. For users in other jurisdictions, including Mexico where relevant, we align our practices with applicable local privacy laws to the extent required.

Performance of a Contract and Steps at Your Request

  • Account creation and operation: for eligible non-UK users, we process your data to create and maintain your Fortune Coins account, provide access to games, credit and redeem virtual and sweepstakes coins and manage your participation in promotions. This processing is necessary to perform the contract between you and us or to take steps at your request before entering into a contract.
  • Customer support: we use your identity, contact, technical and communication data to handle enquiries, troubleshoot issues, manage complaints and provide other customer services you request.

Compliance with Legal Obligations

  • Regulatory and statutory duties: we may be required to collect and retain certain information to comply with laws applicable to sweepstakes, anti-fraud, anti-money laundering, tax, accounting and record-keeping obligations in the United States, Canada and other relevant jurisdictions.
  • Law enforcement and regulatory requests: we process data when necessary to respond to lawful requests from courts, regulators, tax authorities or law enforcement agencies.

Legitimate Interests

  • Service security and integrity: we process technical, usage and behavioural data to protect the Website and the Fortune Coins platform against fraud, abuse, unauthorised access, cheating, money laundering, cyberattacks and other misconduct. These activities are carried out on the basis of our legitimate interest in protecting our business and our users.
  • Improvement and analytics: we analyse aggregated and pseudonymised data to understand usage patterns, optimise gameplay, improve website performance and develop new features and promotions. We balance these interests against your privacy rights and use privacy-enhancing measures where appropriate.
  • Business management: we may process data for internal reporting, auditing, corporate governance, mergers, acquisitions or restructuring based on our legitimate interests in managing and developing our business.

Consent

  • Marketing and cookies: where required under UK GDPR, EU GDPR, the UK Privacy and Electronic Communications Regulations ("PECR") or comparable laws, we rely on your consent to send direct electronic marketing or to place and access certain non-essential cookies and similar technologies on your device.
  • Optional data sharing: in limited cases, we may ask for your explicit consent before sharing your data with certain partners or before using your data for purposes not compatible with those described in this Policy. You may withdraw your consent at any time using the mechanisms provided (for example, unsubscribe links or cookie preference tools).

For users in Mexico, where applicable, we align these legal bases with the principles under the Federal Law on Protection of Personal Data Held by Private Parties, including consent, necessity, proportionality and loyalty, while noting that Fortune Coins does not target Mexican residents as a primary market.

Purpose of Processing

We process personal data only for specific, explicit and legitimate purposes and do not use it in ways incompatible with those purposes, unless required or permitted by law.

Provision and Management of Services

  • Operating the platform: for eligible non-UK users, we use identity, account, behavioural and technical data to provide access to the Fortune Coins games, manage gameplay sessions, administer sweepstakes entries and allocate virtual and redeemable coins.
  • Account administration: we manage registrations, logins, security settings, account verification, eligibility checks and account closure processes.
  • Customer support: we use your data to respond to queries, process requests, handle complaints and generally provide user care.

Service Improvement and Personalisation

  • Analytics and performance: we analyse usage patterns, technical metrics and behavioural data to improve stability, speed, usability, game selection and overall user experience on fortunesco.com and the linked Fortune Coins platform.
  • Personalised content: where permitted, we tailor recommendations, promotions and content based on your past interactions and preferences to make your experience more relevant.

Marketing and Promotions

  • Direct marketing: with your consent where required, we send marketing communications (for example by email or in-account messages) about new games, features, promotions and offers relating to Fortune Coins.
  • Campaign measurement: we measure the effectiveness of our marketing campaigns, including "free coin" links and social media promotions, by analysing response rates and user engagement in a pseudonymised or aggregated form.

Fraud Prevention, Security and Compliance

  • Security monitoring: we monitor for suspicious activities, detect and prevent fraudulent transactions, abuse, cheating and violations of our Terms and Conditions.
  • Legal and regulatory compliance: we retain and analyse data to comply with applicable laws, respond to lawful requests, enforce our rights, resolve disputes and maintain appropriate records.

Business Management

  • Internal operations: we use data for internal audits, financial reporting, quality control and training of staff.
  • Corporate transactions: in the event of a merger, acquisition, restructuring or sale of assets, we may process and, where necessary, share data with potential or actual transaction partners, subject to appropriate safeguards.

Disclosure & Sharing

We do not sell your personal data. We may, however, share data with carefully selected third parties for the purposes described in this Policy and only where appropriate safeguards are in place.

Service Providers and Technical Partners

  • Payment and billing partners: third-party payment service providers, banks and financial institutions that process payments, manage chargebacks and support anti-fraud checks. These providers receive payment-related data necessary to perform their services.
  • IT, hosting and infrastructure providers: cloud hosting providers, content delivery networks and other technical service providers that host the Website, store data and ensure performance and security.
  • Analytics and performance partners: third-party analytics providers that help us understand usage patterns, where permitted by applicable cookie and privacy laws.

Group Entities and Affiliates

  • Affiliates and related entities: we may share data with our affiliates and entities under common control, where any exist, for internal administrative purposes, consistent service delivery and consistent application of this Privacy Policy.
  • Affiliate marketing partners: carefully selected affiliate partners that promote Fortune Coins may receive limited information (for example, aggregated conversion statistics or pseudonymised identifiers) necessary to measure referral performance, subject to contractual safeguards. Direct identifiable data is not shared with such partners for their own independent marketing without your consent.

Advertising and Social Media Partners

  • Advertising networks: with your consent where required, we may share pseudonymised online identifiers and limited usage data with advertising networks and social media platforms to deliver and measure targeted advertising relating to Fortune Coins. UK visitors who should not access the platform may still be exposed to informational advertising; we take reasonable steps to respect regional restrictions.

Regulators, Authorities and Professional Advisors

  • Regulatory and public authorities: we may disclose data to courts, law enforcement agencies, regulators, tax authorities and other public bodies where required by law or where necessary to protect our rights, users or third parties. This may include authorities in the United States, Canada, the United Kingdom or other relevant jurisdictions.
  • Professional advisers: lawyers, auditors, consultants and insurers may receive data where necessary to provide us with professional services, subject to duties of confidentiality.

Business Transfers

  • Corporate transactions: in connection with any merger, acquisition, joint venture, sale of company assets, reorganisation, financing or similar transaction, personal data may be disclosed to prospective or actual purchasers or their advisers, subject to confidentiality and data protection obligations. If a transaction is completed, the successor entity will continue to process your personal data in accordance with this Policy or a substantially similar policy.

International Transfers

Because Social Gaming LLC is established in the United States and uses service providers located in various countries, your personal data may be transferred to, stored in and processed in jurisdictions outside your country of residence, including the United States and Canada.

Transfers from the UK and EEA

  • Destination countries: data originating from the United Kingdom or the European Economic Area may be transferred to the United States, Canada and other countries where our service providers operate, some of which may not provide the same level of data protection as your home jurisdiction.
  • Safeguards: where required, we implement appropriate safeguards such as standard contractual clauses approved under UK and EU data protection laws, together with technical and organisational measures (for example encryption and access controls) to protect your data.
  • Derogations: in limited situations and where permitted by law, we may rely on derogations such as your explicit consent, the necessity of the transfer for the performance of a contract with you or the establishment, exercise or defence of legal claims.

Other Jurisdictions

  • Cross-border consistency: for users in other jurisdictions, including Mexico where applicable, we seek to apply consistent protections and safeguards to international data transfers, aligned with local legal requirements.

You may contact us for more information about the specific safeguards used for international transfers and, where applicable, for a copy of the relevant standard contractual clauses.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting and reporting requirements, and then either delete or irreversibly anonymise it.

General Retention Principles

  • Purpose limitation: we keep data only for as long as it is necessary for the purposes described in this Policy or for compatible purposes permitted by law.
  • Legal obligations: where laws require us to retain certain records (for example for tax, anti-fraud or anti-money laundering reasons), we will comply with those periods even after an account or interaction has ended.

Specific Retention Periods

  • Account and identity data: for eligible non-UK users, we generally retain identity, account and verification data for the duration of the account and for up to five (5) years after account closure, unless a longer period is required by law or to resolve ongoing disputes.
  • Transaction and payment data: transaction records, payment-related information and associated documentation are typically retained for up to seven (7) years from the relevant transaction to comply with tax, accounting and anti-fraud obligations.
  • Technical and log data: technical logs and security-related data are usually retained for between twelve (12) and twenty-four (24) months, unless required longer for security investigations, legal proceedings or regulatory inquiries.
  • Marketing data: data relating to your marketing preferences and interactions with marketing communications is kept for as long as you remain subscribed and for up to three (3) years after you last engage with our communications or until you withdraw your consent or object, whichever occurs first.
  • Customer support and complaint data: correspondence and records of support or complaints are retained for up to five (5) years after resolution, or longer where necessary in connection with actual or potential disputes.
  • Cookies: cookies are stored for the periods indicated in our cookie-related interfaces or browser settings, typically from a single session up to two (2) years, depending on the cookie type and purpose.

When retention periods expire, we will either securely delete personal data or anonymise it so that it no longer identifies you. In some cases we may keep limited information (for example, a suppression list) to ensure we honour your choices, such as opting out of marketing.

Your Rights

Depending on your place of residence and applicable law, you may have a range of rights in relation to your personal data. For visitors in the United Kingdom and the European Economic Area, these rights derive from UK GDPR and EU GDPR. For individuals in Mexico, where applicable, similar rights arise under the Federal Law on Protection of Personal Data Held by Private Parties and related regulations. We respect these rights and will facilitate their exercise in a consistent and transparent manner.

Rights under UK/EU Data Protection Law

  • Right of access: you can request confirmation as to whether we process your personal data and obtain a copy of your data, together with information about how we process it.
  • Right to rectification: you can ask us to correct inaccurate or incomplete personal data concerning you.
  • Right to erasure: in certain circumstances (for example where data is no longer necessary, you withdraw consent and there is no other legal basis, or processing is unlawful), you can request that we delete your personal data. This right may be limited where retention is required by law or necessary for legal claims.
  • Right to restriction of processing: you can request that we restrict processing of your data in specific situations, such as while we verify its accuracy or assess an objection.
  • Right to object: you can object at any time to processing based on our legitimate interests, and we will stop processing unless we demonstrate compelling legitimate grounds. You always have an absolute right to object to direct marketing.
  • Right to data portability: in certain circumstances, you can request that we provide your data in a structured, commonly used and machine-readable format, and that we transmit it to another controller where technically feasible.
  • Right to withdraw consent: where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

Rights under Mexican Privacy Law (ARCO Rights)

  • Access: you may request information about whether we hold your personal data and obtain access to such data.
  • Rectification: you may request corrections to your data when it is inaccurate or incomplete.
  • Cancellation: in certain circumstances, you may request that we cancel or delete your data when you consider it is not required for the purposes described or when you withdraw consent.
  • Opposition: you may oppose the processing of your data for specific purposes, subject to legal limitations. These rights apply to the extent the Mexican Federal Law on Protection of Personal Data Held by Private Parties is applicable to our processing relationship.

How to Exercise Your Rights

  • Submission of requests: you can exercise your rights by contacting us using the channels described in the "Who We Are" and "Complaints & Contacts" sections, clearly stating that you are making a data protection or privacy request and specifying the right you wish to exercise.
  • Verification: we may ask you to provide information necessary to verify your identity before acting on your request, to protect your data from unauthorised access.
  • Response times: we aim to respond to all valid requests within one (1) month (30 days) of receipt. This period may be extended by up to two (2) further months for complex or numerous requests, in which case we will inform you of the extension and reasons.
  • Cost: exercising your rights is generally free of charge. However, we may charge a reasonable fee, or refuse to act, where requests are manifestly unfounded or excessive, in accordance with applicable law.

Please note that your rights may be subject to limitations and exceptions under applicable law, for example where processing is necessary for our legal obligations or for the establishment, exercise or defence of legal claims.

Cookies & Tracking Technologies

We use cookies and similar tracking technologies on fortunesco.com to improve the functioning of the Website, enhance your experience, provide analytics and, where permitted, deliver relevant advertising. In the United Kingdom, the use of cookies is regulated by UK GDPR and the Privacy and Electronic Communications Regulations ("PECR").

Types of Cookies We Use

  • Strictly necessary (functional) cookies: these cookies are essential for the operation of the Website and enable core functionality such as page navigation, secure access and correct display. They cannot be switched off in our systems and do not require consent under PECR.
  • Performance and analytics cookies: these cookies collect information about how visitors use the Website (for example pages visited, time spent, error messages). We use this information in aggregated form to improve performance and usability.
  • Advertising and targeting cookies: these cookies may be set by us or by our advertising partners to build a profile of your interests and show relevant ads on other sites. They work by uniquely identifying your browser and internet device and are used only where permitted and, where required, consented to.
  • Social media cookies: when you interact with our content on social media platforms (for example via "free coin" links on Facebook or Instagram), those platforms may set their own cookies or tracking technologies in accordance with their privacy policies.

Managing Cookies

  • Browser settings: most browsers allow you to block or delete cookies through your browser settings. Doing so may affect the functionality of the Website and the Fortune Coins platform.
  • Consent tools: where available, we provide cookie banners or preference centres that allow you to manage your consent to non-essential cookies. You can change your preferences at any time using these tools.
  • Third-party opt-outs: some third-party providers offer their own opt-out mechanisms for analytics or advertising cookies. Details can be found in their respective privacy policies.

For more information about cookies and how to manage them, you can also consult independent online resources or the guidance provided by the UK Information Commissioner's Office (ICO).

Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures designed to protect it against unauthorised access, accidental loss, destruction or damage.

Technical Measures

  • Encryption in transit: data transmitted between your browser and our systems is protected using industry-standard Transport Layer Security (TLS) protocols (TLS 1.2 or higher) where supported, helping to secure communications against interception.
  • Encryption and protection at rest: where appropriate, we use encryption, pseudonymisation and other safeguards to protect stored data, especially sensitive information such as credentials and payment-related tokens held by us or our service providers.
  • Access controls: personal data is accessible only to authorised personnel and service providers who need access for legitimate business purposes, subject to role-based access controls and authentication mechanisms.
  • Network and system security: we use firewalls, intrusion detection and prevention systems, logging and monitoring tools to help detect and mitigate suspicious activity.

Organisational Measures

  • Policies and training: we maintain internal policies and conduct staff training on data protection, information security and acceptable use to ensure that employees understand and respect privacy obligations.
  • Vendor management: we select service providers that commit to appropriate security measures and data protection obligations and we monitor their performance where appropriate.
  • Incident response: we maintain procedures for responding to actual or suspected data breaches, including containment, investigation, remediation and, where required, notification to affected individuals and relevant authorities in accordance with legal obligations.

We endeavour to align our security practices with recognised industry standards and frameworks, such as those reflected in ISO 27001 and SOC 2, through appropriate technical and organisational measures. However, unless specifically stated on the Website, this does not imply that we hold formal certifications. While we strive to protect your data, no system can be completely secure, and you should also take steps to protect your account and devices.

Complaints & Contacts

We are committed to resolving privacy concerns and complaints in a fair and timely manner. If you have questions about this Policy or how we handle your personal data, or if you wish to make a complaint, please follow the steps below.

Contacting Us

  • Initial contact: please contact us using the methods indicated on the Website (for example, "Contact Us" pages or support channels) or the contact information provided in our Terms and Conditions at https://fortunesco.com/terms-and-conditions. Clearly state that your query relates to "Privacy" or "Data Protection".
  • Data Protection Contact: your request will be directed to our Data Protection Contact or relevant data protection team, who are responsible for handling privacy-related enquiries.

Complaint Handling Procedure

  • Acknowledgement: we aim to acknowledge receipt of your complaint or query without undue delay, typically within a few working days.
  • Investigation: we will investigate your concern, which may involve requesting additional information from you and consulting relevant internal teams or service providers.
  • Response timeframe: we aim to provide a substantive response within one (1) month (30 days) of receiving a complete complaint or request. For complex matters, this period may be extended in accordance with applicable law, and we will inform you if an extension is needed.
  • Escalation: if you are not satisfied with our response, you may request that your complaint be escalated internally for further review.

Escalation to Supervisory Authorities

  • United Kingdom: if you are located in the UK and believe that we have not handled your data protection concerns appropriately, you have the right to lodge a complaint with the Information Commissioner's Office (ICO). Further information on how to do so is available at https://www.ico.org.uk.
  • European Union/EEA: if EU GDPR applies to you, you may lodge a complaint with your local data protection authority in the EU/EEA. Details of supervisory authorities are available from the European Data Protection Board.
  • Mexico: where the Mexican Federal Law on Protection of Personal Data Held by Private Parties applies, you may lodge a complaint with the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI) if you believe your data protection rights have been infringed.

We encourage you to contact us first so that we can attempt to resolve your concerns directly, but you are not obliged to do so before contacting a supervisory authority.

Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements or other factors. When we make material changes, we will take appropriate steps to inform you.

How We Will Inform You

  • Website notices: we will post the updated Privacy Policy on the Website with a new "Last updated" date and may display a prominent notice (such as a banner) on relevant pages, including the Fortune Coins content.
  • Email or in-account notifications: where we have your contact details and the changes are significant, we may also notify you by email or via in-account messages (for eligible non-UK account holders).

Effective Date and Versioning

  • Last updated: this Privacy Policy was last updated in November 2025 and is intended to apply through 2026 unless replaced.
  • Advance notice: where a change materially affects your rights or how we use your data, we will, where practicable, provide at least thirty (30) days' advance notice before the new policy takes effect, for example by updating notices on the Website or sending direct communications.
  • Historic versions: you may request previous versions of this Privacy Policy by contacting us using the methods described in the "Complaints & Contacts" section.

Your continued use of the Website, including the Fortune Coins pages and any related Fortune Coins services accessible via fortunesco.com, after changes to this Privacy Policy have become effective will be taken as your acknowledgment of the updated Policy, where such continued use is lawful in your jurisdiction. If you do not agree with the changes, you should discontinue using the Website and, where applicable, request closure of your account.