🔒 Privacy Policy
Last updated: January 2026
🛡️ PROTECTION COMMITMENT
Protecting your personal data is a priority for Easy Roulette. This privacy policy informs you about how we collect, use, store and protect your personal information, in accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws.
1. Data Controller
The data controller is:
Company name: Auto-Entreprise Web Online Concept
Representative: Florent R.
Address: Rue Paul Estival, 31200 Toulouse, France
SIRET: 510 583 800 00048
Email (DPO): web.online.concept@gmail.com
2. Personal Data Collected
We collect only data strictly necessary for the Service to function. We apply the principle of data minimization.
2.1 Data provided voluntarily
- During registration: Email address, username, password (hashed)
- During use: Session parameters (bets, goals, limits), simulated session history
2.2 Data collected automatically
- Technical data: IP address (anonymized), browser type, operating system, screen resolution
- Navigation data: Pages visited, date and time of connection, session duration
- Technical cookies: Session identifiers, interface preferences
✅ Data NOT collected
Easy Roulette does NOT collect:
- Banking or payment data (no transactions on the site)
- Phone number
- Full postal address
- Biometric data
- Health data
- Political, religious or union opinions
- Data relating to ethnic origin
3. Processing Purposes
Your personal data is processed for the following purposes:
| Purpose | Legal basis |
|---|---|
| Creating and managing your account | Contract execution |
| Authentication and security | Contract execution / Legitimate interest |
| Recording and displaying your sessions | Contract execution |
| Calculating your personal statistics | Contract execution |
| Service improvement | Legitimate interest |
| Fraud and abuse prevention | Legitimate interest |
| Responding to your support requests | Contract execution |
| Compliance with legal obligations | Legal obligation |
⚠️ No advertising profiling
We do NOT use your data for direct marketing, targeted advertising, commercial profiling or resale to third parties.
4. Data Recipients
Your personal data may be transmitted to the following recipients, strictly within the scope of the stated purposes:
4.1 Technical subcontractors
Vercel Inc. (Hosting)
340 S Lemon Ave #4133, Walnut, CA 91789, USA
Neon Inc. (Database)
PostgreSQL serverless
GitHub Inc. (Source code)
88 Colin P Kelly Jr Street, San Francisco, CA 94107, USA
GoDaddy LLC (Domain name)
14455 N. Hayden Road, Scottsdale, AZ 85260, USA
🚫 No data sale
We NEVER sell, rent or share your personal data with third parties for commercial or advertising purposes.
5. International Data Transfers
Some of our subcontractors are located in the United States. These data transfers outside the European Economic Area (EEA) are governed by:
- EU-US Data Privacy Framework: Our American partners (Vercel, GitHub, Neon) adhere to the EU-US data protection framework certified by the US Department of Commerce.
- Standard Contractual Clauses (SCC): In addition, standard contractual clauses approved by the European Commission govern these transfers.
- Technical measures: Data encryption in transit (TLS/SSL) and at rest, pseudonymization when possible.
6. Data Retention Period
Your personal data is retained for a limited period, in accordance with the principle of storage limitation:
| Data type | Retention period |
|---|---|
| Account data | Duration of registration + 3 years after deletion |
| Game sessions | Duration of registration (deleted with account) |
| Statistics | Duration of registration (deleted with account) |
| Connection logs | 12 months (legal obligation) |
| Session cookies | Session duration or 30 days maximum |
| Support requests | 3 years after resolution |
7. Your Rights
In accordance with the GDPR and data protection laws, you have the following rights regarding your personal data:
📋 Right of access
Obtain confirmation that your data is being processed and access this data.
✏️ Right to rectification
Have your inaccurate data corrected or completed.
🗑️ Right to erasure
Request the deletion of your data ("right to be forgotten").
⏸️ Right to restriction
Request temporary suspension of processing of your data.
📦 Right to portability
Receive your data in a structured, machine-readable format.
🚫 Right to object
Object to the processing of your data for legitimate reasons.
📬 How to exercise your rights?
To exercise your rights, send your request by email to: web.online.concept@gmail.com
⚖️ Complaint to CNIL
If you believe that the processing of your data constitutes a violation of your rights, you can file a complaint with the National Commission for Information Technology and Civil Liberties (CNIL):
Website: www.cnil.fr
8. Cookies and Similar Technologies
Our site uses cookies and similar technologies. A cookie is a small text file placed on your device when you visit.
8.1 Cookies we use
| Name | Type | Purpose | Duration |
|---|---|---|---|
| auth-token | Essential | Authentication | 7 days |
| session | Essential | Session management | Session |
| preferences | Functional | Display preferences | 1 year |
✅ No advertising cookies
We do NOT use tracking, advertising, profiling or social network cookies. We do NOT use Google Analytics or any other third-party analytics tool that collects personal data.
9. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction or alteration:
🔐 Technical measures
- HTTPS/TLS encryption for all communications
- Secure password hashing (bcrypt)
- Data encryption at rest
- Firewall and DDoS protection
- Regular security updates
- Regular encrypted backups
📋 Organizational measures
- Data access limited to strict necessity
- Data protection training
- Incident management procedures
- Strong password policy
- Access logging
- Regular access review
⚠️ Breach notification
In case of a data breach likely to pose a risk to your rights and freedoms, we will inform you as soon as possible, in accordance with Article 34 of the GDPR, and notify the CNIL within 72 hours.
10. Protection of Minors
The Easy Roulette website is not intended for minors.
We do not knowingly collect personal data about persons under 18 years of age (or the age of majority in their jurisdiction).
If we discover that data from a minor has been collected, we will delete it immediately. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.
11. Links to Third-Party Sites
Our Site may contain links to third-party websites. We have no control over these sites and disclaim all responsibility for their privacy practices. We encourage you to read the privacy policies of each site you visit.
12. Policy Modifications
We reserve the right to modify this privacy policy at any time. Changes take effect upon publication on this page.
In case of substantial modification affecting your rights, we will inform you by email (if you have an account) or by a visible notification on the Site.
The last update date is indicated at the top of this page. We invite you to regularly consult this policy.
13. Applicable Law
This privacy policy is governed by French law and Regulation (EU) 2016/679 (GDPR).
For users located outside the European Union, the provisions of the GDPR apply to the extent that they grant them additional rights compared to their local legislation.
14. Contact
For any questions regarding this privacy policy or the exercise of your rights, you can contact us:
Email (DPO): web.online.concept@gmail.com
Address: Rue Paul Estival, 31200 Toulouse, France
Recommended subject: [RGPD] Your request
We strive to respond to any request within 30 days.