Mast — a CSS framework for Webflow

Privacy Policy

Effective Date: April 1, 2026

Last Updated: February 2, 2026

This privacy policy describes how Dragon Fruit Gaming, Inc. (“DFG”, “us”, or “our”) collects, uses, discloses, and processes Personal Information in connection with:

  • Customer's use of the Casino Management System, Hardware, and Application licensed under our End User License Agreement (the “EULA”) (“Privacy Policy”) executed between Customer and DFG (collectively, the “Services”); and
  • Visits to and interactions with our websites, marketing pages, and online properties (the “Website”).

For purposes of this Policy, (i) “Customer” refers to our business customers who have executed the EULA with DFG, (ii) Website Visitor” means any individual who visits or interacts with our Website, including individuals who contact us, request information, or otherwise engage with DFG outside of an executed EULA, and (iii) Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual.

This Privacy Policy applies to website visitors, prospective customers, business contacts, Customers, authorized users, and end-users whose Personal Information is processed in connection with the Website or Services.

  1. Information We Collect

We collect various types of personal information through the Website and Services to operate our business, provide and improve our offerings, and comply with legal obligations: 

  • Direct interactions (e.g., when you execute the EULA, provide configuration data, or contact us for support) 
  • Automated technologies (e.g., through the Services) 
  • Third-party integrations (e.g., from service providers such as hosting, payment processors, analytics, and support vendors) 
  • Website interactions (e.g., when you browse our Website, submit inquiries, request demos, or sign up for communications)

We may collect limited Sensitive Personal Information (e.g., tax ID, licensing information, government-issued IDs) only for legally permitted business purposes, and we do not use or disclose Sensitive Personal Information except as allowed by law.

Below are examples of the types of information we collect and how we use it:

Category

Examples

Purpose

Business Customer Information

Contact details, billing and payment data, business role, regulatory licensing information, tax identification numbers

To create and manage your account, provide customer support, verify eligibility and compliance requirements

Authorized User Information

Usernames, account credentials, device and activity logs, access timestamps

To provide secure access to Services, monitor system usage, and ensure account security

Technical and Usage Data

Device identifiers, IP addresses, browser type, log data, cookies, system performance and error logs, network connection information

To analyze usage patterns, improve service performance, ensure security, and troubleshoot issues

White Label End-User Data

Loyalty/points account activity, queue/waitlist participation, in-app activity and usage metrics (processed on behalf of Customers)

To provide loyalty and queue management services to Customers as directed

Business Communications

Preferences for service-related communications, support ticket history, training records

To send you updates, support responses, and other information related to our Services

Aggregated and De-Identified Data

Statistics, benchmarks, and performance metrics derived from use of the Services

To improve Services, conduct analytics, and provide industry insights

Website Visitor Information

Name, email address, company name, IP address, device and browser information, pages viewed, referral source, and communications submitted through the Website

To respond to inquiries, provide information about our products, operate and improve the Website, conduct analytics, and support sales and marketing activities

  1. Analytics, Cookies, and Other Technologies

DFG uses cookies, analytics tools, and similar technologies on both the Website and the Services to understand how visitors and users interact with our offerings, improve performance and functionality, support security, and enhance user experience.

Technical Data Collection: We collect diagnostic data from your devices, including browser and OS version, domain names, and information on your interactions with our Website and Services. 

Third-Party Analytics: We use third-party service providers for hosting, payment processing, analytics, and support services. These providers are contractually required to handle your information securely and only for the purposes we specify. 

Cookies and Tracking Technologies: DFG and our third-party partners use cookies, web beacons, tags, and scripts to:

  • Track system usage and performance
  • Hold login or registration data 
  • Improve user experience and service performance
  • Support business analytics and reporting

Examples of Technologies We Use:

Technology Type

Purpose

Description

Session Cookies

Operate the Services

Necessary for core functionality like login and navigation

Preference Cookies

Remember user settings

Save preferences such as language or display format

Analytics Cookies

Monitor performance

Track usage patterns and diagnose system issues

Security Cookies

Protect accounts

Authenticate users and prevent unauthorized access

  1. Information Sharing

We are committed to safeguarding your privacy and protecting your personal information. We only share your data as permitted by law and in accordance with this Privacy Policy. 

Service Providers

We engage trusted third parties to help deliver, maintain, and improve our Services. These partners support us in areas such as:

  • Hosting and infrastructure
  • Payment processing 
  • Customer support and communication tools
  • Security monitoring and system maintenance
  • Data storage and analytics

These providers are contractually required to handle your information securely and only for the purposes we specify. 

Service providers may also support operation of our Website, including website hosting, analytics, customer relationship management (CRM), and marketing communications.

End User Application Data

End-user data collected in the Application is disclosed back to the Customer for loyalty and queue management purposes as directed under our EULA.

Legal and Compliance Requirements

We may disclose your information when required to: 

  • Comply with applicable laws, regulations, or legal processes
  • Enforce our EULA or protect our rights and property 
  • Respond to law enforcement or regulatory authorities
  • Prevent fraud, security threats, or technical issues

We do not sell Personal Information. Where we engage in limited sharing (such as analytics), you may opt out as provided under applicable law.

Business Transfers

In case of a merger, acquisition, or similar event, your information may be transferred as part of that transaction. In such cases, we will take steps to ensure your rights continue to be protected.

We may also disclose Personal Information to our parent company, affiliates, subsidiaries, and business partners where consistent with this Privacy Policy. Below are the circumstances under which we may share information:

Aggregate/De-Identified Data

We reserve the right to use and share aggregate statistics and benchmarks that do not identify individuals or specific customers. 

  1.  Customer Responsibilities

Business Customer Obligations: Customers are responsible for providing their own privacy notices to their end users and ensuring compliance with applicable data privacy and gambling regulations. 

End User Consent: Customers must ensure that end users consent to data collection and processing through the White Label Application, including use of third-party providers. 

Security Responsibilities: Customers are responsible for maintaining appropriate security controls within their own environments, including the security of Customer Hardware as described in Exhibit A to the EULA. 

  1.  Data Retention

We retain personal information as long as necessary to: 

  • Deliver and support the Services under the EULA
  • Satisfy the purposes for which the information was collected
  • Comply with contractual obligations, including those in the EULA and Exhibits 
  • Meet legal, regulatory, tax, accounting, and audit requirements
  • Resolve disputes, enforce our agreements, and protect our legal rights

Retention Periods: Retention periods are determined based on the nature and sensitivity of the data, potential risk of harm, business necessity, and applicable legal, regulatory, or contractual requirements. For example, technical logs may be retained for shorter periods (e.g., 90 days) unless required for security or investigation, while account and billing records may be retained for longer periods in accordance with applicable law. 

Where information is no longer needed, we will securely delete, de-identify, or aggregate it so that it can no longer reasonably be associated with an individual or customer. 

  1.  Data Security

We follow industry-standard recognized practices to protect the Personal Information submitted to us—both during transmission and once we receive it. This includes technical, organizational, and safeguards designed to maintain confidentiality, integrity, and availability of your data.

Security Safeguards Include:

  • Access controls, authentication measures, and credential management
  • Encryption of data in transit and at rest where appropriate 
  • Firewalls, intrusion detection, and monitoring systems
  • Physical security for systems and facilities where data is stored
  • Vendor due diligence and contractual requirements for third-party service providers

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. 

  1.  Accessing and Managing Your Data

You have control over your personal information. You may review, update, or modify your account details at any time through your account settings or by contacting us directly.

Individual Rights: Depending on applicable law, individuals may have rights with respect to their Personal Information, which can include: 

  • Access – the right to request a copy of the information we hold about them
  • Correction – the right to request corrections of inaccurate or incomplete information 
  • Deletion – the right to request that certain information be deleted, subject to exceptions
  • Restriction or Objection – the right to restrict or object to processing in certain circumstances
  • Portability – the right to request transfer of information to another service provider where technically feasible

Website Visitors: DFG acts as the data controller with respect to Personal Information collected through the Website. Requests from Website Visitors regarding their Personal Information may be submitted directly to DFG using the contact details below.

B2B Service Provider Note: Because DFG provides Services primarily as a B2B provider, in most cases DFG processes end-user information on behalf of the Customers. Accordingly, requests from individuals relating to end-user data must be directed to the Customer, who acts as the data controller. DFG will support Customers in responding to such requests to the extend required under applicable law and contract. 

  1.  International Data Transfers. 

At this time, DFG does not transfer your data or Personal Information outside of your jurisdiction. If this changes, we will update this Privacy Policy and, where legally required, implement appropriate safeguards (such as Standard Contractual Clauses, approved or transfer frameworks, and other lawful mechanisms required by applicable law).

  1. California Consumer Privacy Act

If you are a resident of California, you may have additional rights under the U.S. State Privacy Rights of 2018 (as amended by the California Privacy Rights Act of 2020, together "CCPA"). These rights may apply to you as a Website Visitor, business contact, Customer representative, or as an end user of the Application, depending on how DFG collects and processes your Personal Information. Because the Services between DFG and Customer under the EULA operates in a B2B context, the Personal Information we collect typically relates to business contacts (such as customer representatives, vendor contacts, and authorized users). Nonetheless, if you are a resident of California or another state with a comprehensive privacy law, you may still exercise the rights described below with respect to your business-related Personal Information. This section also applies to residents of Virginia, Colorado, Connecticut, Utah, Texas, and other states with privacy laws. Rights include: access & portability, correction & deletion, opt-out of sale/sharing/targeted advertising, limiting the use of sensitive personal information, and the right to appeal. 

Rights Under CCPA/CPRA:

  • Right to Know – to request disclosure of the categories and specific pieces of Personal Information collected, the purposes for which it is used, and the categories of third parties with whom it is shared 
  • Right to Delete – to request deletion of Personal Information we collected from you, subject to legal and contractual exceptions 
  • Right to Correct – to request correction of inaccurate Personal Information 
  • Right to Opt-Out of Sale/Sharing – DFG does not sell Personal Information. Where we engage in activities that constitute "sharing" under California law (such as through analytics providers), you have the right to opt-out 
  • Right to Non-Discrimination – you will not be treated differently for exercising your rights

Exercising Your Rights: To exercise any of these rights, you may contact us at privacy@dragonfruitgaming.com or submit a request through our online form at [insert link]. 

  1. Third-Party Websites

Our Website may contain links to third-party websites. This Privacy Policy does not apply to those third-party sites, and DFG is not responsible for their privacy practices.

  1. Children's Privacy

Our Services are not directed at and we do not knowingly collect Personal Information of individuals under the age of 21. If we become aware of such data, we will delete it.

  1. Communications and Marketing

We may contact you in various ways to support your use of our Services, ensure account security, and keep you informed about products and features. These communications may be delivered via email or other electronic means.

Service and Security Notices: We may send important updates regarding your account, service changes, outages, security alerts, or legal notices. These communications are essential to the operation of our Services, and you may not opt out of receiving them.

Business Communications: With your consent or where permitted by law, we may send communications about service updates, new features, or other business-related information.

  1. Updates to This Policy

We may update this Privacy Policy from time to time We encourage you to revisit this page regularly to stay informed. Material changes will be communicated via email or within the Service.

  1. Contact Us

If you have any questions or want to exercise your rights, contact us at: 

Dragon Fruit Gaming, Inc.
7727 Herschel Avenue
La Jolla, CA 92037
Email: privacy@dragonfruitgaming.com
Phone: 1-855-456-4337

© 2025. Dragon Fruit Gaming, Inc. All rights reserved.