Last updated: 12 June 2026 | Applicable to: all miniso44 users globally, with specific provisions for Malaysian users
This Privacy Policy ("Policy") describes how miniso44 ("miniso44", "we", "us", "our") collects, processes, stores, and protects personal data provided by or collected about users ("you", "your") of the miniso44 website at miniso44.org and all associated services (collectively, the "Platform"). By registering an Account or continuing to use the Platform, you acknowledge that you have read and understood this Policy. This Policy is incorporated by reference into the miniso44 Terms & Conditions.
1. Who We Are
miniso44 is an online gaming platform operated by its licensed entity and accessible at miniso44.org. For the purposes of data protection law, miniso44 acts as the data controller in respect of personal data collected from Platform users. Our designated point of contact for data protection enquiries is the miniso44 Data Protection team, reachable at [email protected] with the subject line "Data Protection Enquiry".
2. Categories of Personal Data We Collect
miniso44 collects the following categories of personal data from users of the Platform:
Identity Data
Full legal name, date of birth, nationality, and government-issued identification number (Malaysian IC number, passport number, or equivalent) collected during account registration and KYC verification.
Contact Data
Email address, Malaysian mobile phone number, and residential or mailing address. Used for account communications, verification codes, and support correspondence.
Financial Data
Payment method details including Touch n Go eWallet account identifiers, Boost account references, bank account numbers (for FPX transfers via Maybank, CIMB, Public Bank, or RHB), transaction history, deposit amounts, and withdrawal records. Card numbers are not stored by miniso44 — they are processed exclusively through our certified payment gateway partners.
Technical Data
IP address, browser type and version, device type, operating system, screen resolution, session timestamps, login history, and approximate geographic location derived from IP address.
Gaming Data
Game session history, bet records, win/loss data, bonus usage history, wagering activity, and responsible gaming tool settings (e.g. deposit limits, self-exclusion status).
Communications Data
Records of your interactions with miniso44 customer support, including live chat transcripts, support ticket content, and email correspondence.
KYC & Compliance Data
Copies of identity documents, proof of address documents, and any additional documentation submitted to satisfy KYC, AML, or responsible gaming compliance requirements.
3. How We Collect Your Data
miniso44 collects personal data through the following means:
- Direct submission: Data you provide when creating your Account, completing KYC, making deposits or withdrawals, contacting support, or updating your Account profile.
- Automated collection: Technical and usage data collected automatically through cookies, server logs, and similar tracking technologies when you access the Platform.
- Third-party sources: Identity verification and fraud prevention data received from KYC verification service providers; payment transaction data received from our payment gateway partners (Touch n Go eWallet, Boost, FPX banking partners).
- Publicly available sources: In limited circumstances, publicly accessible records may be referenced for identity verification or fraud detection purposes.
4. How miniso44 Uses Your Data
miniso44 uses personal data for the following specific purposes:
- Account administration: Creating, maintaining, and managing your miniso44 Account, including processing deposits, withdrawals, and bonus credits.
- Identity verification: Conducting KYC checks to verify your identity, age (21+), and eligibility to use the Platform, and to comply with anti-money laundering obligations.
- Service delivery: Providing access to Games, processing bets, calculating and paying out winnings, and delivering personalised game recommendations where applicable.
- Security and fraud prevention: Detecting, investigating, and preventing fraudulent transactions, unauthorised Account access, and other prohibited activities on the Platform.
- Customer support: Responding to your support queries, resolving disputes, and maintaining records of support interactions.
- Responsible gaming: Monitoring gaming activity for patterns consistent with problem gambling, enforcing deposit limits, session limits, and self-exclusion settings you have activated.
- Legal compliance: Meeting our obligations under applicable anti-money laundering, data protection, and gaming authority requirements.
- Marketing communications: Sending you promotional offers, bonus notifications, and platform updates by email or in-platform notification, subject to your communication preferences. You may opt out at any time.
- Platform improvement: Analysing aggregated usage data to improve Platform performance, user experience, and Game selection.
5. Legal Basis for Processing
miniso44 processes personal data on the following legal bases:
- Contractual necessity: Processing required to fulfil our obligations to you under the miniso44 Terms & Conditions, including Account management, payment processing, and game delivery.
- Legal obligation: Processing required to comply with applicable laws and regulations, including KYC, AML, and responsible gaming requirements.
- Legitimate interests: Processing for fraud prevention, Platform security, and service improvement, where such interests are not overridden by your data protection rights.
- Consent: Processing for marketing communications and non-essential cookies, where we have obtained your explicit consent. You may withdraw consent at any time without affecting the lawfulness of prior processing.
6. Data Sharing & Disclosure
miniso44 does not sell your personal data to third parties. We may share your data with the following categories of recipients for the purposes described in this Policy:
- Payment processors: Touch n Go eWallet, Boost, and FPX banking partners receive transaction data necessary to process your deposits and withdrawals.
- KYC & identity verification providers: Third-party identity verification services receive copies of your identity documents and personal details to conduct verification checks.
- Game software providers: Game providers receive session and bet data necessary to deliver their games and calculate outcomes. They do not receive your full identity or financial details.
- IT infrastructure providers: Cloud hosting and data storage providers who process data on our behalf under strict data processing agreements.
- Regulatory and law enforcement authorities: Where required by law, court order, or regulatory direction, miniso44 will disclose personal data to competent authorities.
- Professional advisers: Legal, accounting, and audit professionals who are bound by professional confidentiality obligations.
All third parties with whom miniso44 shares personal data are required to maintain appropriate technical and organisational security measures and to use the data only for the specified purpose.
7. International Data Transfers
Some of the third parties with whom miniso44 shares data may be located outside of Malaysia. Where personal data is transferred internationally, miniso44 takes appropriate measures to ensure that the transfer is subject to adequate safeguards, which may include standard contractual clauses, data processing agreements, or transfers to jurisdictions deemed to provide an adequate level of data protection. If you require further information about the specific safeguards in place for any international transfer, please contact us at the address in Section 14.
8. Data Retention
miniso44 retains personal data for as long as is necessary to fulfil the purposes for which it was collected, including for the duration of your Account's active status, and thereafter for the following minimum periods:
- Account and identity data: Retained for a minimum of 5 years following Account closure, in accordance with applicable AML and gaming authority record-keeping requirements.
- Financial transaction records: Retained for a minimum of 7 years in accordance with financial record-keeping obligations.
- KYC documentation: Retained for a minimum of 5 years following Account closure or the completion of any related regulatory review.
- Support communications: Retained for a minimum of 2 years following resolution of the relevant support case.
- Marketing consent records: Retained until consent is withdrawn and for a reasonable period thereafter as evidence of the prior consent.
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised. Anonymised, aggregated data that can no longer identify any individual may be retained indefinitely for analytical and reporting purposes.
9. Cookies & Tracking Technologies
miniso44 uses cookies and similar tracking technologies on the Platform. These fall into the following categories:
- Strictly necessary cookies: Required for the Platform to function, including maintaining your login session and remembering your language preference. These cannot be disabled.
- Performance cookies: Collect anonymised data on how users interact with the Platform to help us identify and improve areas of poor performance. These are enabled by default but may be disabled.
- Functional cookies: Remember your preferences such as game lobby filters and display settings. These are optional.
- Analytics cookies: Used to understand aggregate user behaviour and improve the Platform. We use analytics tools that process this data in compliance with applicable data protection law.
You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Platform. miniso44 does not use cookies to serve third-party advertising.
10. Your Data Rights
Subject to applicable law, you have the following rights in respect of your personal data held by miniso44:
- Right of access: You may request a copy of the personal data miniso44 holds about you.
- Right to rectification: You may request correction of any inaccurate or incomplete personal data.
- Right to erasure: You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to legal retention obligations.
- Right to restriction: You may request that processing of your personal data be restricted in certain circumstances.
- Right to data portability: Where processing is based on consent or contractual necessity and carried out by automated means, you may request a copy of your data in a structured, machine-readable format.
- Right to object: You may object to processing based on legitimate interests or for direct marketing purposes at any time.
- Right to withdraw consent: Where processing is based on consent, you may withdraw that consent at any time without affecting prior lawful processing.
To exercise any of these rights, please contact us at [email protected] with the subject line "Data Rights Request". miniso44 will respond within 30 days. We may need to verify your identity before processing a rights request.
11. Data Security
miniso44 implements a range of technical and organisational security measures to protect your personal data against unauthorised access, loss, destruction, or disclosure. These measures include:
- 256-bit SSL/TLS encryption for all data transmitted between your device and the Platform.
- Encryption of sensitive data fields (including passwords and identity document data) at rest in our databases.
- Strict internal access controls limiting employee access to personal data on a need-to-know basis.
- Regular security assessments and penetration testing of Platform infrastructure.
- Mandatory security training for all staff with access to personal data.
- Incident response procedures for detecting, containing, and notifying affected parties in the event of a data breach.
Despite these measures, no online system is entirely immune to security risk. miniso44 will notify affected users and relevant authorities of any data breach in accordance with applicable law.
12. Children & Minors
The miniso44 Platform is strictly for individuals aged 21 and above. miniso44 does not knowingly collect personal data from individuals under the age of 21. Registration is not permitted for persons under this age threshold, and age is verified through the KYC process. If miniso44 becomes aware that personal data has been collected from a minor, that data will be deleted promptly and the associated Account suspended. If you believe a minor has registered on the Platform, please notify us immediately at [email protected].
13. Updates to This Privacy Policy
miniso44 may update this Privacy Policy periodically to reflect changes in our data practices, legal obligations, or Platform features. Material changes will be communicated to registered users via the email address associated with their Account at least seven (7) days prior to taking effect. The "Last updated" date at the top of this Policy indicates when the most recent revision was made. Your continued use of the Platform following the effective date of any revision constitutes acceptance of the updated Policy.
14. Contact Us
For any questions, concerns, or requests relating to this Privacy Policy or miniso44's data practices, please contact us:
- Email: [email protected] (subject line: "Privacy Policy Enquiry" or "Data Rights Request")
- Live chat: Available 24/7 from your Account dashboard on the miniso44 Platform
If you are not satisfied with miniso44's response to a data protection concern, you may have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.