Star111 India Privacy Policy. Secure Data & DPDP Compliance
Data Fiduciary Responsibility & Legal Framework
At Star111 India, we acknowledge that in the modern digital economy, personal data is the most sensitive asset a player possesses. Our Privacy Policy is not a mere formality; it is our “Data Constitution.” As a premier gaming platform operating within the Indian subcontinent, we act as a Data Fiduciary under the Digital Personal Data Protection (DPDP) Act, 2023.
We strictly adhere to the principle of “Purpose Limitation.” This means we only collect the data necessary to provide a world-class gaming experience, verify your identity for tax compliance (TDS), and prevent fraudulent activities. Our infrastructure is aligned with the guidelines set by MeitY (Ministry of Electronics and Information Technology) to ensure that Indian players’ data remains within secure, localized boundaries.
1.1 Categories of Data Collected
To maintain a safe ecosystem, we collect several categories of information:
- Identity Data: Full legal name, date of birth, and gender.
- KYC Credentials: Masked Aadhaar details and PAN card information for Income Tax and PMLA compliance.
- Financial Data: UPI Virtual Private Addresses (VPA), bank account logs for IMPS, and transaction history.
- Technical Metadata: IP addresses, device IDs, and geolocation data (essential to block access from restricted states like Telangana or Andhra Pradesh).
Data Usage & Statutory Compliance
Every byte of data collected by Star111 India serves a statutory or functional purpose. We do not sell player data to third-party marketers. Disclosure only occurs with vetted partners who facilitate your gaming journey.
Data Processing & Regulatory Links
| Data Type | Primary Use Case | Statutory Framework |
|---|---|---|
| KYC Identifiers | Age verification & prevention of money laundering. | FIU-India (PMLA) |
| Transaction Records | 30% TDS deduction & payout transparency. | Income Tax Dept. |
| Behavioral Logs | Responsible Gaming (Anti-addiction monitoring). | EGF Standards |
Interactive Data Security Visualizer: The Shield-111 Protocol
At Star111 India, we do not merely store data; we fortify it. Our security architecture is built upon a “Zero Trust” framework, ensuring that every piece of information is treated as a critical asset from the moment it is entered into our system.
We utilize Advanced Encryption Standard (AES) with 256-bit keys — a military-grade symmetric encryption algorithm recognized globally as the gold standard for securing sensitive data. While your data is “at rest” in our decentralized Indian servers, it is shielded by these 256-bit keys, making unauthorized access mathematically impossible.
Furthermore, for data “in transit” (the movement of information between your smartphone and our infrastructure), we deploy the SSL/TLS 1.3 protocol. This represents the most modern and secure version of the Transport Layer Security protocol, eliminating outdated cryptographic algorithms and significantly reducing the risk of “man-in-the-middle” attacks. Below is an interactive demonstration of our proprietary Shield-111 encryption flow, showing how your raw data is instantly obfuscated into “Ciphertext” before being transmitted across the network.
| Category | Purpose | Statutory Authority |
|---|---|---|
| Identity (KYC) | Fraud & AML Prevention | FIU-India |
| Financial Logs | TDS & Tax Compliance | Income Tax Dept |
Your Rights and Data Protection Officer
Under the DPDP Act 2023, Indian players have the right to access, rectify, and erase their data. We ensure that these “Data Principal” rights are honored within 72 hours of a request.
User Rights & Resolution Timeframes
| Player Right | Description | Action Time |
|---|---|---|
| Right to Erasure | Request to delete all personal data. | Instant Request |
| Data Portability | Receive a copy of your stored data. | 48 Hours |
Types of Personal Data We Collect
Our collection protocols are divided into three essential tiers:
- Identity & Age Sovereignty: We collect your full legal name, gender, and date of birth. This is not merely for profile customization, but a critical gatekeeping measure to prevent underage gambling and ensure that only legal “Digital Nagriks” (Digital Citizens) access our lobby.
- Financial Integrity Data: To facilitate seamless and rapid INR payouts, we collect Virtual Private Addresses (VPA) for UPI, and masked bank account details. These logs allow us to verify that funds are being sent to the legitimate account holder, preventing third-party money laundering.
- Statutory KYC Identifiers: In compliance with Section 194BA of the Income Tax Act, we are required to collect and verify your PAN Card and Aadhaar Card. Following the latest UIDAI guidelines, Star111 utilizes an “Aadhaar Masking” process. This means your full Aadhaar number is never stored in plain text; instead, we only keep an encrypted “hash” sufficient for verification purposes, ensuring your primary government identifier is never exposed.
Data Categories and Statutory Retention
As per the Information Technology Rules, 2011, and the DPDP Act 2023, we maintain a strict retention schedule. Financial records and KYC documents are retained for a minimum of seven (7) years following the closure of an account to satisfy potential audits by the Income Tax Department and other law enforcement agencies.