Cookie Policy

Cookie Technology Explanation

Definition and Functionality

Cookies are small text files stored on user devices (computer, mobile phone, tablet) by websites visited. Files contain data identifying user device, session information, preferences, and browsing behavior. Cookies enable websites to recognize returning visitors and maintain functionality across page visits.

Cookie Components

Name: Unique identifier for cookie purpose
Value: Data stored (session ID, preferences, identifiers)
Domain: Website that created cookie
Path: Website section where cookie applies
Expiration: Duration cookie remains active (session or persistent)
Security Attributes: HTTPS-only transmission, JavaScript access restrictions

Cookie Types by Duration

Session Cookies: Temporary storage deleted when browser closes. Used for: login session maintenance, shopping cart functionality, navigation tracking during single visit.
Lifespan: Browser session duration (typically few hours to 24 hours)

Persistent Cookies: Remain on device after browser closure until expiration date or manual deletion. Used for: remembering login credentials, storing preferences, tracking returning visitors.
Lifespan: Varies by purpose (7 days to 12 months typical range)

Cookie Types by Origin

First-Party Cookies: Set directly by SpinsUp Casino domain. Controlled and managed by platform.
Purpose: Platform functionality, user preferences, session management

Third-Party Cookies: Set by external domains (analytics providers, payment processors, advertising networks).
Purpose: Analytics tracking, payment processing, advertising measurement
Control: Subject to third-party privacy policies in addition to SpinsUp policies

Cookie Categories and Purposes

Strictly Necessary Cookies (Essential)

Purpose: Enable core platform functionality. Platform cannot operate without these cookies.
Legal Basis: Legitimate interest (essential for contracted service delivery)
Consent Required: No (essential for platform operation)
User Control: Cannot be disabled without preventing platform use

Cookie Name	Purpose	Duration	Type
session_id	Maintains user login session, prevents re-authentication on each page	Session (24 hours max)	First-party
auth_token	Secure authentication verification, session security	Session	First-party
csrf_token	Cross-site request forgery protection, security measure	Session	First-party
load_balancer	Routes user to appropriate server, ensures consistent experience	Session	First-party
security_check	Bot detection, fraud prevention, security verification	24 hours	First-party
cookie_consent	Stores user cookie preference selections	12 months	First-party

Functional Cookies (Preferences)

Purpose: Remember user preferences and settings, enhance user experience.
Legal Basis: Legitimate interest or consent (jurisdiction-dependent)
Consent Required: Yes in some jurisdictions (EU), optional in others
User Control: Can be disabled via cookie settings, results in default settings application

Cookie Name	Purpose	Duration	Type
language_pref	Stores selected interface language (English default)	12 months	First-party
currency_display	Remembers currency display preference (AUD for Australian users)	12 months	First-party
game_filters	Saves game library filter and sort preferences	30 days	First-party
layout_mode	Remembers grid/list view preference for game display	30 days	First-party
favorites	Stores favorite games list for quick access	12 months	First-party
notification_pref	Remembers notification display preferences	6 months	First-party

Analytics and Performance Cookies

Purpose: Collect data about platform usage, visitor behavior, performance metrics. Used for platform optimization and improvement.
Legal Basis: Consent required in most jurisdictions
Consent Required: Yes
User Control: Can be disabled via cookie settings without affecting core functionality
Data Processing: Often aggregated and anonymized for analytics purposes

Cookie Name	Purpose	Duration	Type
_ga	Google Analytics: Unique visitor identification, traffic analysis	2 years	Third-party (Google)
_gid	Google Analytics: Session differentiation, user behavior tracking	24 hours	Third-party (Google)
_gat	Google Analytics: Request rate throttling, load management	1 minute	Third-party (Google)
analytics_session	Internal analytics: Session tracking, page view counting	Session	First-party
performance_metrics	Page load time, error tracking, technical performance monitoring	7 days	First-party
user_journey	Navigation path tracking, conversion funnel analysis	30 days	First-party

Marketing and Advertising Cookies

Purpose: Track user interests for personalized marketing, measure campaign effectiveness, retargeting.
Legal Basis: Explicit consent required
Consent Required: Yes (mandatory)
User Control: Can be disabled completely, prevents personalized advertising
Note: Currently minimal advertising cookies as platform primarily uses email marketing to registered users

Cookie Name	Purpose	Duration	Type
campaign_source	Tracks marketing campaign origin (affiliate, direct, search)	30 days	First-party
promo_code_auto	Stores affiliate promo code for automatic bonus application	30 days	First-party
referral_id	Affiliate tracking, commission attribution	90 days	First-party

Security and Fraud Prevention Cookies

Purpose: Detect fraudulent activity, prevent unauthorized access, identify security threats.
Legal Basis: Legitimate interest (platform security, user protection)
Consent Required: No (essential for security)
User Control: Cannot be disabled without compromising account security

Cookie Name	Purpose	Duration	Type
device_fingerprint	Device identification for fraud detection, multiple account prevention	12 months	First-party
trusted_device	Marks trusted devices for 2FA bypass (when enabled by user)	30 days	First-party
login_attempts	Tracks failed login attempts, triggers account lockout if threshold exceeded	1 hour	First-party
ip_verification	Geographic location verification, jurisdiction compliance	Session	First-party

Similar Tracking Technologies

Local Storage

Technology: HTML5 local storage (localStorage)
Purpose: Store larger data amounts than cookies allow (up to 5-10MB vs 4KB cookies)
Usage: Game state preservation, temporary data caching, offline functionality
Duration: Persistent until manually cleared (no automatic expiration)
Data Stored: Game preferences, interface settings, temporary session data

Session Storage

Technology: HTML5 session storage (sessionStorage)
Purpose: Temporary data storage for single browser session
Usage: Form data preservation, navigation state
Duration: Browser session only (deleted on tab/window close)
Data Stored: Temporary navigation data, incomplete form inputs

Web Beacons (Pixel Tags)

Technology: Small transparent images embedded in web pages or emails
Purpose: Track page views, email opens, user interactions
Usage: Email marketing effectiveness measurement, page view counting
Data Collected: IP address, browser type, page view time, email client information
Control: Blocking images in email client prevents email tracking

Server Logs

Technology: Automatic server-side recording of requests
Purpose: Security monitoring, error tracking, performance analysis
Data Recorded: IP addresses, timestamps, URLs accessed, browser types, referrers
Retention: 90 days for performance logs, 7 years for security logs
Control: Cannot be disabled (essential for platform operation and security)

Third-Party Cookies and Services

Analytics Services

Google Analytics:
Provider: Google LLC
Purpose: Website traffic analysis, user behavior tracking, conversion measurement
Cookies: _ga, _gid, _gat (details in analytics cookie table above)
Data Collected: Anonymous usage patterns, page views, session duration, geographic location (country/city level)
Privacy Policy: https://policies.google.com/privacy
Opt-Out: Google Analytics Opt-out Browser Add-on available at https://tools.google.com/dlpage/gaoptout

Payment Processors

Payment gateways may set cookies for fraud prevention and transaction processing:

Card Payment Processors: Cookies for 3D Secure authentication, fraud detection
E-Wallet Services: Cookies for login session management, transaction verification
Cryptocurrency Processors: Minimal cookies, primarily for wallet connection

Payment processor cookies subject to their respective privacy policies. SpinsUp does not control or access data from payment processor cookies.

Game Providers

Software providers may set cookies when games launched:

Session Management: Maintain game state across interruptions
Preferences: Remember sound settings, game speed, display options
Anti-Fraud: Detect unusual betting patterns, bot usage

Game provider cookies managed by respective providers (NetEnt, Pragmatic Play, Evolution Gaming, etc.). Each provider has independent privacy policy governing their cookie usage.

Security Services

Cloudflare:
Provider: Cloudflare Inc.
Purpose: DDoS protection, content delivery network (CDN), bot detection
Cookies: __cfduid, cf_clearance
Duration: 30 days
Privacy Policy: https://www.cloudflare.com/privacy/

Data Collected Through Cookies

Technical Information

IP address (geographic location, not precise GPS)
Browser type and version
Operating system
Device type (desktop, mobile, tablet)
Screen resolution
Language settings
Time zone
Referring website URL

Behavioral Information

Pages visited and viewing duration
Navigation path through website
Buttons clicked and links followed
Games played and time spent
Search queries entered
Deposit and withdrawal patterns
Marketing email engagement (opens, clicks)

Performance Information

Page load times
Error messages encountered
Feature usage frequency
Game loading success/failure rates
Browser crash reports

Data Linkage

Cookie data may be linked to account information for logged-in users:

Username association with browsing behavior
Personalized content recommendations based on play history
Targeted bonus offers based on game preferences
Account security monitoring using device and behavioral patterns

Anonymous users: Cookie data collected but not linked to identifiable personal information unless/until account created.

Managing Cookie Preferences

Platform Cookie Settings

Access cookie management interface:

Click "Cookie Settings" link in website footer
Review cookie categories and purposes
Toggle switches to enable/disable non-essential categories
Click "Save Preferences" to apply selections

Granular Control Available:
- Strictly Necessary: Cannot disable (platform won't function)
- Functional: Can disable (default settings applied instead)
- Analytics: Can disable (anonymous usage tracking stopped)
- Marketing: Can disable (no personalized advertising tracking)

Preferences stored in cookie_consent cookie (12-month duration). Re-accessing cookie settings allows preference modification anytime.

Browser-Based Cookie Control

Google Chrome:

Settings → Privacy and security → Cookies and other site data
Select "Block third-party cookies" or "Block all cookies"
Add site exceptions for SpinsUp if blocking all cookies
Use "See all cookies and site data" to remove specific cookies

Mozilla Firefox:

Options → Privacy & Security → Cookies and Site Data
Select "Delete cookies and site data when Firefox is closed"
Or click "Manage Data" to remove specific cookies
Use "Custom" tracking protection for granular control

Safari (macOS):

Preferences → Privacy
Check "Block all cookies" or "Prevent cross-site tracking"
Click "Manage Website Data" to remove specific cookies

Safari (iOS):

Settings → Safari → Privacy & Security
Enable "Prevent Cross-Site Tracking"
Enable "Block All Cookies" for complete blocking

Microsoft Edge:

Settings → Privacy, search, and services
Select tracking prevention level (Balanced, Strict)
Use "Cookies and site permissions" for detailed control
Click "View all cookies and site data" to manage individual cookies

Mobile Device Cookie Control

Android Devices: Browser-specific settings (Chrome, Firefox mobile) similar to desktop versions

iOS Devices: Settings → Safari → Block All Cookies or Prevent Cross-Site Tracking

Impact of Disabling Cookies

Cookie Category Disabled	Functional Impact
Strictly Necessary	Platform unusable - cannot login, process payments, maintain session
Functional	Settings and preferences not saved, must reconfigure each visit
Analytics	No functional impact, platform operates normally
Marketing	No functional impact, generic rather than personalized offers shown

Cookie Policy Updates

Policy reviewed and updated as necessary for: new cookie deployment, technology changes, legal requirement modifications, third-party service changes.

Update Notification

Material changes announced via platform notice and email
"Last Updated" date at policy top indicates revision
Version number incremented for tracking (current 1.8)
Users encouraged to review periodically

Continued Use After Updates

Continued platform use after policy updates constitutes acceptance of cookie usage changes. Users disagreeing with updated terms should:

Disable cookies via browser settings
Stop using platform
Request account closure if registered

Legal and Regulatory Compliance

GDPR Compliance (European Users)

Consent obtained before non-essential cookie deployment
Clear information provided about cookie purposes
Easy consent withdrawal mechanism available
Granular control over cookie categories
Cookie data processing documented in privacy policy

ePrivacy Directive Compliance

Cookie consent banner displayed on first visit
Continued browsing constitutes consent where legally permitted
Non-essential cookies deployed only after consent
Clear cookie information and management options provided

Australian Privacy Principles

Transparent cookie usage disclosure
User control mechanisms provided
Cookie data handling aligned with APP requirements
Third-party cookie usage disclosed

Cookie Policy Inquiries

Email: [email protected]
Subject Line: "Cookie Policy Question"
Response Time: 7 days for general inquiries
Information to Include: Specific cookie concerns, browser type, device type if technical issue

For broader privacy concerns including cookie data usage, see Privacy Policy or contact using "Privacy Policy Question" subject line.