EN
RU EN
Log in Sign up
HomePrivacy policy

Privacy policy

Privacy Policy for Lucky.Online

Effective Date: 12 July 2025

This Privacy Policy (“Policy”) describes how the operator of the website https://lucky.online (“Platform,” “we,” “us”) collects, uses, discloses and protects personal data of users in accordance with Regulation (EU) 2016/679 (GDPR) and other applicable EU data protection laws. By accessing or using the Platform, you agree to the practices described in this Policy.

1.Data Controller

The Platform is operated by its legal entity (the “Controller”). Any reference to “we,” “us” or “our” in this Policy refers to the Controller.

2.Personal Data We Collect

We process personal data that you provide directly or that is collected automatically:

1. Identity Data: name, surname, username.
2. Contact Data: email address, telephone number.
3. Account Data: login credentials (username and password hashes).
4. Technical Data: IP address, browser type and version, device identifiers, cookie identifiers, operating system.
5. Usage Data: information about your interactions with the Platform (pages viewed, services used).
6. Partner Data: when you participate as an affiliate or publisher, data relating to leads you generate (e.g. end‐user contact details).

3. Legal Bases for Processing

We rely on the following legal grounds to process your personal data:

Consent (Art. 6(1)(a) GDPR): where you have given clear consent for us to process your data for specific purposes (e.g., marketing communications).
• Performance of Contract (Art. 6(1)(b) GDPR): to register you, authenticate your account, perform services under our Terms & Conditions, and process payments.
• Legal Obligation (Art. 6(1)(c) GDPR): to comply with EU or Member State laws (e.g., tax, anti‐money laundering).
• Legitimate Interests (Art. 6(1)(f) GDPR): to secure the Platform, prevent fraud, improve our services and perform analytics, provided such interests do not override your rights

4. Purposes of Processing

We process your personal data for the following purposes:

Account Management: registration, authentication, profile maintenance.
2. Service Delivery: execution of CPA offers, lead transmission, payment settlement.
3. Support and Communication: responding to inquiries, providing notifications and updates.
4. Analytics and Improvement: monitoring usage, optimizing Platform performance.
5. Security and Fraud Prevention: detecting and preventing unauthorized or fraudulent activities.
6. Legal Compliance: fulfilling statutory obligations and cooperating with authorities.
7. Marketing: sending newsletters or promotional offers, subject to your prior consent.

5. Cookies and Tracking Technologies 

We use cookies and similar technologies to:

Enable core functionality (e.g. session cookies).
• Analyze traffic and usage patterns (e.g. Google Analytics).
• Remember preferences and improve user experience.

You may manage or disable cookies through your browser settings, but this may affect Platform functionality.

6. Data Sharing and Transfers

We may share your personal data with:

Third‐party service providers (hosting, analytics, marketing).
• Authorities or third parties where required by law, regulation, or court order.
• Affiliates and business partners to perform CPA services, under confidentiality obligations.

Transfers of personal data outside the EEA are conducted under appropriate safeguards (e.g. Standard Contractual Clauses).

7. Data Retention

We retain personal data only as long as needed for the purposes listed above or to meet legal obligations:

Technical and log data: up to 1 year.
• Marketing consents: until withdrawal or up to 3 years.
• Analytical data: aggregated or anonymized indefinitely.

After expiration of these periods, data is securely deleted or anonymized

8. Your Rights

Under the GDPR, you have the right to:

Access – obtain confirmation of processing and a copy of your personal data (Art. 15 GDPR).
2. Rectification – correct inaccurate or incomplete data (Art. 16 GDPR).
3. Erasure (“right to be forgotten”) – request deletion where no longer necessary (Art. 17 GDPR).
4. Restriction – suspend processing under certain conditions (Art. 18 GDPR).
5. Data Portability – receive your data in a structured, machine-readable format (Art. 20 GDPR).
6. Objection – object to processing based on legitimate interests or marketing (Art. 21 GDPR).
7. Withdraw Consent – at any time, without affecting prior processing lawfulness (Art. 7(3) GDPR).

To exercise your rights, contact us as detailed below. We will respond without undue delay and in any event within one month.

9. Security Measures

We implement appropriate technical and organizational measures to protect personal data, including

Encryption of data in transit and at rest.
• Access controls and authentication mechanisms.
• Regular security assessments and audits.
• Incident response procedures.

10. Changes to This Policy

We may update this Policy to reflect changes in practice or law. We will post the revised version on the Platform and update the “Effective Date.” Significant changes will be communicated to you by email or prominent notice.

11. Contact Information

For questions or to exercise your data protection rights, please contact us at [email protected]

If you reside in the EU, you also have the right to lodge a complaint with your local supervisory authority