uea8 Privacy Policy

1.1 This Privacy Policy applies to the uea8 Platform operated at uea8.vu and all associated subdomains and services. In this Policy, "uea8", "we", "us", and "our" refer to the operator of the uea8 Platform acting as data controller in respect of personal data processed under this Policy.

1.2 For data protection enquiries, Members may contact the uea8 data protection team via the support email address displayed in Section 14 of this Policy. All data subject requests will be acknowledged within five (5) business days of receipt.

2.1 uea8 collects the following categories of personal data from Members and Platform visitors:

2.2 uea8 does not collect special categories of personal data (e.g., biometric data, health data, racial or ethnic origin) unless specifically required for regulatory compliance and with your explicit consent.

3.1 Directly from you: uea8 collects personal data directly when you register an account, complete KYC verification, make a deposit or withdrawal, contact customer support, or submit any form on the Platform.

3.2 Automatically: When you access the uea8 Platform, technical data including your IP address, device information, and session data is collected automatically via server logs and standard web technologies. This collection is necessary for Platform security and performance monitoring.

3.3 From third parties: uea8 may receive identity and fraud-screening data from KYC and AML verification providers when you undergo account verification. Payment providers supply transaction confirmation data to uea8 for deposit and withdrawal processing. uea8 does not purchase marketing lists or obtain personal data from data brokers.

4.1 uea8 processes your personal data for the following purposes and on the following legal bases:

• Account management and service delivery — Processing is necessary for performance of the contract between you and uea8 (i.e., the Terms & Conditions you accepted at registration).
• Payment processing and financial record-keeping — Processing is necessary for contract performance and compliance with applicable financial record-keeping obligations.
• KYC, AML, and age verification — Processing is necessary to comply with uea8's legal and regulatory obligations as a licensed gaming operator.
• Fraud detection and platform security — Processing is in uea8's legitimate interests to protect the integrity of the Platform and the interests of all Members.
• Responsible gaming compliance — Processing is necessary to comply with regulatory obligations in respect of player protection, including minimum age enforcement and self-exclusion management.
• Customer support — Processing is necessary for contract performance and in uea8's legitimate interests to maintain service quality.
• Direct marketing (where consented) — Processing is based on your consent, which may be withdrawn at any time as described in Section 12.
• Platform analytics and improvement — Processing is in uea8's legitimate interests to maintain and improve the Platform experience for Malaysian players.

5.1 uea8 does not sell, rent, or trade your personal data to any third party for their own commercial purposes.

5.2 uea8 may disclose your personal data to the following categories of third-party recipients, strictly for the purposes described:

• Payment service providers (e.g., Touch n Go eWallet, DuitNow, Boost, FPX-connected banks) — to process deposits and withdrawals on your behalf. These providers act as independent data controllers in respect of payment data processed under their own privacy policies.
• KYC and AML verification providers — to confirm your identity and screen against sanctions and watchlists as required by regulatory obligations applicable to online gaming operators.
• Fraud detection and cybersecurity providers — to identify and prevent fraudulent account activity, unusual login patterns, and security threats to the uea8 Platform.
• Game content providers (e.g., Pragmatic Play, PG Soft, Habanero, Microgaming) — who may receive anonymised session data for the purpose of game technical support and performance monitoring. These providers do not receive personally identifiable data beyond what is technically necessary for game delivery.
• IT infrastructure and cloud service providers — engaged to host and operate the uea8 Platform, bound by data processing agreements prohibiting use of your data for any purpose other than Platform operation.
• Regulatory authorities and law enforcement — where disclosure is required by applicable law, court order, or regulatory direction. uea8 will take reasonable steps to notify affected Members of any such disclosure to the extent permitted by law.

5.3 All third-party processors engaged by uea8 are bound by data processing agreements or equivalent contractual safeguards requiring them to process personal data only on uea8's documented instructions and to maintain appropriate technical and organisational security measures.

6.1 uea8 operates with a globally distributed technical infrastructure. Personal data collected from Malaysian Members may be transferred to and stored on servers located outside Malaysia. Where such transfers occur, uea8 implements appropriate safeguards to ensure that your personal data receives protection equivalent to that which would apply under applicable Malaysian data protection law.

6.2 Safeguards used for international transfers include standard contractual clauses, binding corporate rules where applicable, and transfers only to jurisdictions that maintain adequate data protection frameworks as assessed by uea8's legal and compliance team.

7.1 uea8 uses cookies and similar tracking technologies on the Platform. The following types of cookies are used:

• Strictly necessary cookies: Required for the Platform to function — including session authentication, security tokens, and login state persistence. These cannot be disabled without impairing your ability to use the Platform.
• Performance and analytics cookies: Used to collect aggregate, anonymised data about how Members navigate and use the Platform — for example, which game categories are most visited and which pages generate the most support queries. This data is used solely to improve the uea8 experience.
• Functionality cookies: Used to remember your preferences — for example, preferred language settings, last-visited game category, or responsible gaming limit display preferences.

7.2 uea8 does not use third-party advertising cookies or cross-site tracking cookies that build profiles for the purpose of targeting advertisements on other websites.

7.3 You may configure your browser settings to refuse or delete cookies, but please note that disabling strictly necessary cookies will prevent you from logging into your uea8 account.

8.1 uea8 retains personal data only for as long as necessary for the purposes for which it was collected, or as required by applicable law. The following retention periods apply as a general guide:

• Account and identity data: Retained for the duration of the Member's active account plus a minimum of five (5) years following account closure, to comply with financial record-keeping and AML regulatory obligations.
• Transaction and financial records: Retained for a minimum of seven (7) years from the date of each transaction, in line with standard financial record-keeping requirements.
• Support communications: Retained for three (3) years from the date of the communication, unless the communication is relevant to an ongoing dispute or regulatory matter, in which case it is retained for the duration of that matter plus three (3) years.
• Technical / log data: Retained for a maximum of twelve (12) months from collection, unless specific log data is required in connection with a security investigation or legal proceeding.

8.2 Upon expiry of the applicable retention period, personal data will be securely deleted or anonymised in a manner that prevents re-identification.

9.1 uea8 implements technical and organisational measures designed to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include:

• 256-bit SSL / TLS encryption on all data transmitted between your device and the uea8 Platform;
• Encrypted storage of sensitive data fields including passwords (hashed and salted) and payment identifiers;
• Role-based access controls limiting access to personal data to authorised personnel only;
• Automated suspicious-activity detection on login events, including multi-device login anomalies and geographic location discrepancies;
• Regular internal security reviews and penetration testing of the Platform infrastructure;
• Two-factor authentication available for Member accounts and mandatory for all administrative access to Member data.

9.2 No data transmission over the internet or electronic storage system is guaranteed to be 100% secure. While uea8 employs industry-standard security measures, we cannot provide an absolute guarantee of data security. In the event of a data breach that poses a high risk to your rights, uea8 will notify affected Members without undue delay in accordance with applicable notification obligations.

10.1 Subject to applicable law, you hold the following rights in respect of your personal data processed by uea8:

• Right of access: You may request a copy of the personal data uea8 holds about you;
• Right to rectification: You may request correction of inaccurate or incomplete personal data;
• Right to erasure: You may request deletion of your personal data where uea8 no longer has a legal basis for retaining it (subject to regulatory minimum retention periods);
• Right to restriction: You may request that uea8 restrict processing of your data in certain circumstances — for example, while an accuracy dispute is being resolved;
• Right to data portability: You may request a machine-readable copy of personal data you have provided to uea8, to the extent technically feasible;
• Right to object: You may object to processing based on legitimate interests, including direct marketing, at any time;
• Right to withdraw consent: Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.

10.2 To exercise any of the above rights, contact the uea8 support team as described in Section 14. uea8 will respond to all valid data subject requests within thirty (30) days, and will request reasonable identity verification before processing any request relating to account personal data.

11.1 The uea8 Platform is strictly intended for individuals aged 21 years and above. uea8 does not knowingly collect personal data from persons under the age of 21.

11.2 If uea8 becomes aware that personal data has been collected from a person under the age of 21, the relevant account will be immediately suspended, all personal data collected will be deleted as soon as practicable, and any funds held in the account will be handled in accordance with applicable regulatory requirements.

11.3 If you have reason to believe that a minor has registered an account on the uea8 Platform, please contact us immediately at the address in Section 14 so that the account can be investigated and appropriate action taken without delay.

12.1 uea8 may send promotional communications — including bonus offers, new game announcements, and platform updates — to Members who have consented to receive such communications at the time of registration or via account preferences.

12.2 You may withdraw consent to receive marketing communications at any time by updating your communication preferences in Account Settings or by contacting uea8 support. Withdrawal of consent will not affect the lawfulness of any marketing communications sent prior to the withdrawal.

12.3 uea8 does not share your contact data with third parties for the purpose of third-party direct marketing.

13.1 uea8 reserves the right to update this Privacy Policy at any time. Where amendments are material — for example, changes to the categories of data collected, the purposes of processing, or the third parties to whom data is disclosed — uea8 will use reasonable endeavours to notify affected Members prior to the changes taking effect, including by displaying a notification within the Platform interface.

13.2 The "Last Updated" date displayed at the top of this Policy indicates when the most recent revision was made. We encourage you to review this Policy periodically. Continued use of the uea8 Platform following any amendment constitutes acceptance of the revised Policy.

14.1 For any data protection enquiries, requests to exercise your data subject rights, or concerns about uea8's handling of your personal data, please contact the uea8 data protection team at: [email protected]

(Email address displayed as plain text only — not a clickable link. Please do not send sensitive identity documents via unencrypted email.)

14.2 You may also raise a concern with the uea8 team via the 24/7 live chat facility available within the Platform, which is the recommended channel for time-sensitive data protection matters.

14.3 If you are not satisfied with uea8's response to a data protection concern, you may have the right to lodge a complaint with the relevant data protection supervisory authority in your jurisdiction.