Effective date: 15 July 2026. Last updated: 15 July 2026.
Scope of This Privacy Policy
This Privacy Policy applies to towerrushgame.co and to the information handled when you visit its pages, use its contact features or interact with its content. It does not apply to any third-party website, casino or payment provider that may be linked from the Site. Once you follow an external link, the privacy practices of that other site apply instead of this policy.
Who Is Responsible for Your Data
The Site is operated by [INSERT FULL LEGAL ENTITY OR PROPRIETOR NAME], which acts as the Data Fiduciary under the Indian Digital Personal Data Protection Act, 2023 and as the Data Controller under the UK and EU General Data Protection Regulation where that law applies. You can reach the operator through our contact page at towerrushgame.co/contact-us/. Requests about your personal data can be sent through that channel.
Current Indian Data-Protection Framework
India's Digital Personal Data Protection Act, 2023 provides the core data-protection framework, with staged commencement notified on 13 November 2025. The Digital Personal Data Protection Rules, 2025 were published in November 2025, with a corrigendum in December 2025. The framework is built on principles of transparency, purpose limitation, data minimisation, accuracy, security and deletion, and the Information Technology Act, 2000 also remains relevant. This summary is general information and not legal advice.
Personal Data We Collect
We keep data collection to a minimum. The information involved falls into four broad categories: data you provide to us directly, technical data collected automatically, consent and preference data, and limited referral data. Each category is explained in the sections that follow.
Information You Provide Voluntarily
If you use the contact form or email us, we receive what you choose to send, typically your name, email address and message. Please share only what is needed to answer your query. Do not send passwords, one-time passwords, UPI PINs, card PINs, CVV numbers, wallet keys, account credentials or full identity documents, because we neither need nor want them.
Information Collected Automatically
Like most websites, the Site automatically receives certain technical information when your browser requests a page. The table below lists the main items and the typical purpose for which each is involved.
| Information | Typical purpose |
|---|---|
| IP address | Delivering the Site, security and approximate location |
| Date and time | Logs and diagnosing |
| Requested URL | Delivery and errors |
| Referring page | Navigation and source |
| Browser type | Compatibility |
| Device category | Optimisation |
| Operating system | Support and security |
| Screen dimensions | Responsive layout |
| Language setting | Localisation |
| Cookie identifiers | Consent or measuring where permitted |
| Error data | Diagnosing failures |
| General interaction data | Understanding page use where analytics consent exists |
Cookies and Similar Technologies
The Site may use cookies and similar technologies for essential functions, to remember your consent, and, where you allow it, to measure how pages are used. You control non-essential cookies through the consent tools and your browser settings. Full details are set out in our Cookie Policy.
Analytics Services
Where analytics are used, the provider is identified in the following bracketed field: [INSERT ACTUAL ANALYTICS PROVIDER OR STATE NONE]. Analytics run only where the applicable consent requirements are met. We do not describe analytics data as anonymous unless that has been properly assessed for the specific tool in use.
Server Logs and Security Records
Our hosting and security systems keep server logs and security records, which may include IP addresses, timestamps, requested URLs and error data. These records help us deliver the Site, diagnose faults and protect against abuse and attacks. They are kept for limited periods and handled as described in the retention section below.
Contact and Support Communications
When you contact us, we use your message and contact details only to understand and respond to your query and to keep a reasonable record. We are not a casino support desk and cannot resolve account, deposit or withdrawal issues, which must be raised with the relevant platform. Please keep sensitive financial details out of your message.
Affiliate and Referral Information
For India-facing content, any affiliate or referral activity is limited to lawful, non-gambling arrangements. Where a referral is involved, we may process limited attribution data so that partner reporting is accurate. We do not use this data to push gambling or to target vulnerable users.
Information We Do Not Intentionally Collect
We do not ask for, and do not intentionally collect, sensitive financial or identity information. In particular, please never send any of the following:
- UPI PINs or payment passwords
- Card PINs, CVVs or full card numbers
- Bank login credentials
- Cryptocurrency keys or seed phrases
- Casino usernames or passwords
- Betting histories
- Aadhaar or PAN numbers
- Passport or driving-licence copies
- Biometric data
- Health records
- Precise real-time location
Sources of Information
The information we hold comes from three sources: what you give us directly, what your browser sends automatically during a normal request, and limited data from consent and referral tools. We do not buy personal data or build profiles from external data brokers.
Why We Process Information
We process information only for specific, limited purposes. The table below sets out those purposes and the information commonly involved in each.
| Purpose | Information commonly involved |
|---|---|
| Delivering pages | IP address, browser type, device category, requested URL |
| Responding to inquiries | Name, email, message content |
| Correcting content | Message content, requested URL, referring page |
| Securing the site | IP address, server logs, error data |
| Remembering consent | Cookie identifiers, consent preference records |
| Measuring use | Analytics event data where consent exists |
| Keeping legal records | Contact records, notices, consent logs |
| Preventing abuse | IP address, server logs, security records |
| Lawful commercial attribution | Limited referral and click data |
| Complying with legal requests | Whatever a valid legal request specifies |
Lawful Basis for Processing
Where the GDPR or comparable law applies, we rely on the lawful bases below, and under the DPDP Act we rely on consent or another legitimate use permitted by that Act.
Consent
We rely on consent for non-essential cookies and analytics and for any optional communications. You may withdraw consent at any time.
Legitimate interests
We rely on legitimate interests to keep the Site secure, to prevent abuse and to understand general usage, balanced against your rights and interests.
Legal obligation
We process information where it is necessary to comply with a legal obligation or a valid legal request.
Contractual steps
We process limited information to respond to your requests and to take steps you ask for before or during any dealings with us.
Vital or public interest
In rare cases we may process information to protect someone's vital interests or where a clear public-interest ground applies.
Data Minimisation
We aim to collect only what is necessary for the purpose in hand and to avoid holding more than we need. Where information is no longer required, we delete or anonymise it. This keeps the amount of personal data on the Site as low as reasonably possible.
Consent Records
Where you give or change consent, we keep a record of that choice so that we can honour it and demonstrate compliance. You can review or change your cookie choices using [INSERT COOKIE SETTINGS LINK OR BUTTON LABEL]. Consent records are retained for a limited period, as noted in the retention section.
How We Share Information
We do not sell personal data. We share limited information only with the categories of recipient listed below, and only for the stated purpose.
| Recipient category | Purpose |
|---|---|
| Hosting provider | Storing and delivering |
| Content-delivery or security provider | Performance and threat protection |
| Email provider | Messages |
| Analytics provider | Measuring where enabled |
| Consent-management provider | Recording preferences |
| Professional adviser | Legal, tax, security |
| Lawful commercial partner | Limited attribution |
| Government or court | Valid legal requirement |
Service Providers and Processors
The service providers we use, such as hosting, security, email and analytics providers, act as our processors and may handle information only on our instructions and for the purposes we set. We seek providers that offer appropriate security and confidentiality. They are not permitted to use your information for their own unrelated purposes.
Legal Disclosure
We may disclose information where we are legally required to do so, or where disclosure is necessary to comply with a valid legal request, to protect our rights, or to prevent harm or abuse. We will limit any such disclosure to what is necessary.
International Data Transfers
Some providers we use may be located outside India, which means limited information may be processed in other countries. Where the GDPR applies, we rely on adequacy decisions or standard contractual clauses for such transfers. The relevant processing locations are: [INSERT ACTUAL LOCATIONS].
Data Retention
We keep information only as long as necessary for the purpose for which it was collected or as required by law. The proposed retention periods below should be confirmed before publication.
| Record | Proposed retention period |
|---|---|
| Contact-form inquiry | Up to 12 months after resolution |
| Privacy-rights request | Up to 3 years |
| Legal or IP notice | Up to 6 years subject to advice |
| Newsletter record | Until unsubscribe plus suppression |
| Consent preference | Up to 12 months |
| Analytics event data | [INSERT, recommended 2 to 14 months] |
| Server access logs | [INSERT, recommended 30 to 90 days] |
| Security incident records | As necessary |
| Affiliate attribution record | [INSERT] |
| Backups | Typically 30 to 90 days |
Data Security
We use reasonable technical and organisational measures, such as HTTPS and access controls, to protect information. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. We will never ask you for a password, one-time password or PIN, and you should refuse any such request made in our name.
Personal Data Breaches
If a personal data breach occurs that meets the relevant threshold, we will notify the Data Protection Board of India and affected individuals as required by law. You can report a suspected security or privacy issue to [INSERT SECURITY OR PRIVACY EMAIL]. We will investigate reports promptly and take appropriate action.
Your Privacy Rights in India
Under the DPDP Act, you have rights to access your personal data, to seek its correction or completion, to seek its erasure, to withdraw consent, to grievance redressal, and to nominate another person to exercise your rights in the event of death or incapacity. You can exercise these rights through the contact details below. We will respond within the time and manner required by law.
Rights of EEA and UK Visitors
If you are in the EEA or the UK, you have rights under the GDPR to access, rectification, erasure, restriction, objection and data portability, and the right to lodge a complaint with your supervisory authority. You may exercise these rights free of charge in most cases. We will respond in line with the GDPR time limits.
Exercising Your Rights
To exercise any right, email [INSERT PRIVACY EMAIL ADDRESS] with the subject "Privacy Rights Request" and enough detail for us to identify your request. Where the GDPR applies, we aim to respond within one month, which may be extended for complex requests as the law allows. We may need to verify your identity before acting.
Correction and Accuracy
You can ask us to correct or complete inaccurate or incomplete personal data that we hold about you. We will make reasonable corrections promptly and, where appropriate, inform any recipient of the corrected data.
Deletion Requests
You can ask us to delete personal data that we no longer need to keep. We will honour valid deletion requests unless we are required or permitted by law to retain the information, for example to meet a legal obligation or to handle a dispute.
Withdrawal of Consent
Where we rely on your consent, you can withdraw it at any time, and withdrawal does not affect processing already carried out. You can change cookie and tracking choices using [INSERT COOKIE PREFERENCE LINK OR BUTTON]. Withdrawing consent may affect some non-essential features.
Automated Decision-Making
We do not carry out automated decision-making that produces legal or similarly significant effects on you. Any analytics we use are for general measurement and site improvement, not for decisions about individuals.
Profiling and Targeted Advertising
We do not build advertising profiles that target gambling-related vulnerability, and we do not use personal data to encourage gambling. Any measurement is aggregate and aimed at improving content and performance.
Do Not Track and Global Privacy Signals
Some browsers can send Do Not Track or Global Privacy Control signals. There is no single industry standard for how these are handled, but we aim to respect recognised privacy signals and to keep non-essential tracking to a minimum. You can also manage preferences through your browser and our cookie controls.
Children's Privacy
The Site is intended only for adults aged 18 and over, and the DPDP Act treats anyone under 18 as a child. We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact [INSERT PRIVACY EMAIL ADDRESS] so that we can remove it.
Sensitive and Financial Information
Please never send sensitive identifiers or financial secrets such as Aadhaar or PAN numbers, one-time passwords, PINs or wallet keys through the Site or by email. We do not require them to handle any request. There is no fee to make a privacy request.
External Websites
The Site may contain links to external websites that we do not control. This Privacy Policy does not apply to those sites, and we are not responsible for their content or privacy practices. Please review the privacy policy of any site you visit.
Embedded Content
Some pages may include embedded content, such as images or media, which can behave as if you had visited the source site. Embedded content providers may collect information according to their own policies. We keep embedded content to a minimum.
Social Media
If we maintain or link to any social-media presence, your interactions there are governed by the privacy practices of that platform. We do not control how social-media platforms process your data. Please review their policies before interacting.
Email Communications
If you email us or provide your email through the contact form, we use it only to respond to you. We do not send unsolicited marketing, and we do not sell email addresses. Please avoid sending sensitive financial information by email, which is not a fully secure channel.
Newsletter
If a newsletter is enabled, we will send it only to addresses that have opted in, and every message will include an unsubscribe option. If no newsletter is currently offered, this section does not apply. Newsletter records are kept until you unsubscribe, with limited suppression data to honour that choice.
Law-Enforcement and Regulatory Requests
We may receive requests from law-enforcement or regulatory bodies. We disclose information only where there is a valid legal basis and only to the extent required. We keep a record of such requests where appropriate.
Business Transfers
If the Site or its operator is involved in a reorganisation, merger or transfer, relevant information may be transferred as part of that process. Any recipient would be required to respect this Privacy Policy or provide equivalent protection. We would give notice where the law requires it.
Links Between Site Policies
This Privacy Policy should be read together with our Terms and Conditions, Cookie Policy and responsible gambling page. For any question, please use our contact page.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, tools or applicable law. The version on this page is the current version, and the effective date shows when it was last revised. Continued use of the Site after an update means you have read the updated policy.
Contact and Grievance Redressal
For privacy questions, requests or grievances, contact us through our contact page at towerrushgame.co/contact-us/. We will acknowledge and address privacy grievances within the time required by applicable law. Please include enough detail for us to understand and act on your request.
Required Configuration Before Publication
Before this page is published, every bracketed field must be completed with real details, including the operator name, analytics position, processing locations, retention periods and privacy contact addresses. A privacy professional should review the final text to confirm that it reflects the operator's actual practices and legal obligations.
18+ only. Tower Rush is a game of chance. Support in India: Tele-MANAS 14416 or 1-800-891-4416.