Privacy Policy
This Privacy Policy outlines how we collect, use, process, and protect your personal information when you access and use our online gambling platform. We are committed to maintaining the highest standards of data protection in accordance with UK legislation, including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. By using our services, you acknowledge that you have read, understood, and agree to the practices described in this policy.
1. Data Controller Information
We act as the data controller for all personal information collected through our platform. Our legal basis for processing personal data varies depending on the specific information and context in which we collect it. We process personal data where we have a legitimate interest, where it is necessary for contract performance, where you have given consent, or where we have a legal obligation to do so.
As a licensed gambling operator in the United Kingdom, we are required to comply with stringent regulatory requirements set forth by the UK Gambling Commission. This includes maintaining comprehensive records of player activity, conducting identity verification procedures, and implementing robust anti-money laundering measures to ensure the integrity of our services.
2. Types of Personal Data Collected
We collect various categories of personal information necessary to provide our gambling services safely and in compliance with UK gambling regulations. The scope of data collection is proportionate to the services we provide and the legal requirements we must meet.
| Data Category | Examples | Collection Method |
| Identity Information | Full name, date of birth, nationality, gender | Registration form, verification documents |
| Contact Details | Email address, phone number, postal address | Account creation, profile updates |
| Financial Information | Payment card details, transaction history, deposit/withdrawal records | Payment processing, account funding |
| Technical Data | IP address, browser type, device information, cookies | Automated collection during site usage |
| Gaming Activity | Game preferences, betting patterns, session duration | Platform interaction monitoring |
3. Purposes of Data Processing
We process your personal data for several legitimate purposes that are essential for providing secure and compliant gambling services. Our primary objective is to ensure a safe gaming environment while meeting our regulatory obligations as a UK-licensed operator.
- Account creation, management, and authentication services
- Processing deposits, withdrawals, and other financial transactions
- Identity verification and age verification procedures
- Compliance with anti-money laundering regulations and suspicious activity reporting
- Responsible gambling monitoring and player protection measures
- Customer support and dispute resolution services
- Marketing communications and promotional offers (with consent)
- Platform security, fraud prevention, and risk assessment
- Regulatory reporting and compliance with UK Gambling Commission requirements
- Technical maintenance and service improvement initiatives
4. Legal Basis for Processing
We rely on several legal bases under GDPR for processing your personal data, depending on the specific purpose and context. Understanding these legal foundations helps explain why certain data processing activities are necessary for our operations.
Contract performance serves as our primary legal basis for most processing activities, as we need your personal information to provide gambling services, process payments, and maintain your account. Legitimate interests justify processing for fraud prevention, security measures, and business analytics. Legal compliance requires us to process data for regulatory reporting, anti-money laundering checks, and responsible gambling obligations.
Where we process data based on your consent, such as for marketing communications, you retain the right to withdraw that consent at any time. Vital interests may occasionally justify processing to protect your safety or the safety of others in emergency situations.
5. Data Sharing and Third-Party Disclosures
We maintain strict controls over data sharing and only disclose personal information to trusted third parties when necessary for legitimate business purposes or legal compliance. All data sharing arrangements are governed by comprehensive data processing agreements that ensure appropriate protection of your information.
Payment processors receive necessary financial information to facilitate deposits and withdrawals, while identity verification services may access documentation required for compliance checks. Technical service providers, including hosting companies and software developers, may process data to maintain platform functionality under strict confidentiality agreements.
Regulatory authorities, including the UK Gambling Commission, may receive personal data as required by gambling regulations. Law enforcement agencies may access information pursuant to valid legal requests or court orders. We never sell personal data to third parties for marketing purposes.
6. International Data Transfers
While we primarily process data within the United Kingdom and European Economic Area, certain processing activities may involve transfers to countries outside these regions. All international transfers are conducted in accordance with GDPR requirements and UK data protection laws.
Where data is transferred to countries without an adequacy decision from the European Commission, we implement appropriate safeguards such as Standard Contractual Clauses or rely on specific derogations permitted under data protection law. We regularly review and update our transfer mechanisms to ensure ongoing compliance with evolving regulatory requirements.
7. Data Retention Periods
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable legal obligations. Our retention periods are carefully calibrated to balance operational needs with privacy considerations and regulatory requirements.
Account information and transaction records are typically retained for seven years following account closure to meet anti-money laundering and tax reporting obligations. Marketing preferences and communication records are maintained until you withdraw consent or request deletion. Technical logs and security data are usually retained for shorter periods unless required for ongoing investigations.
Upon expiration of applicable retention periods, we securely delete or anonymize personal data using industry-standard methods to prevent unauthorized recovery or reconstruction of the original information.
8. Data Subject Rights
Under UK data protection law, you possess several important rights regarding your personal data. We are committed to facilitating the exercise of these rights and will respond to requests within the timeframes specified by law.
- Right of access: Request copies of your personal data and information about processing activities
- Right to rectification: Correct inaccurate or incomplete personal information
- Right to erasure: Request deletion of personal data in certain circumstances
- Right to restrict processing: Limit how we use your personal data in specific situations
- Right to data portability: Receive your data in a structured, machine-readable format
- Right to object: Oppose processing based on legitimate interests or for marketing purposes
- Rights related to automated decision-making: Request human intervention in automated processes
To exercise these rights, contact our data protection team using the details provided in this policy. We may request additional information to verify your identity before processing requests involving sensitive personal data.
9. Security Measures and Data Protection
We implement comprehensive technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. Our security framework is regularly updated to address emerging threats and maintain industry-leading protection standards.
Technical safeguards include advanced encryption protocols for data transmission and storage, multi-factor authentication systems, regular security assessments, and intrusion detection mechanisms. Access to personal data is restricted on a need-to-know basis, with comprehensive logging and monitoring of all access activities.
Organizational measures encompass staff training programs, incident response procedures, regular security audits, and vendor management protocols. We maintain appropriate insurance coverage and have established relationships with cybersecurity specialists to ensure rapid response to potential security incidents.
10. Policy Updates and Contact Information
This Privacy Policy is regularly reviewed and updated to reflect changes in our processing activities, legal requirements, or industry best practices. We will notify you of material changes through appropriate channels, including email notifications or prominent website notices.
For questions about this Privacy Policy, data protection practices, or to exercise your rights, please contact our dedicated data protection team. We are committed to addressing your concerns promptly and transparently, working with you to resolve any issues related to personal data processing.
If you are not satisfied with our response to your data protection concerns, you have the right to lodge a complaint with the Information Commissioner's Office, the UK's data protection supervisory authority. However, we encourage you to contact us first so we can attempt to resolve any issues directly.