Privacy Policy

This Privacy Policy outlines how we collect, use, process, and protect your personal information when you use our online gaming platform and services. As a responsible operator in the United Kingdom’s regulated gambling market, we are committed to maintaining the highest standards of data protection in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Gambling Commission’s requirements. We understand that privacy is paramount when engaging in online gaming activities, and we take every measure to ensure your personal and financial information remains secure throughout your gaming experience.

1. Information We Collect and Process

We collect various types of personal information necessary to provide our gaming services, ensure regulatory compliance, and maintain platform security. The collection of this information is essential for operating a licensed gambling platform in the United Kingdom and protecting both our players and our business from fraudulent activities.

Data Type	Examples	Collection Purpose
Personal Identity Information	Full name, date of birth, address, phone number, email address	Account registration, age verification, identity confirmation
Financial Data	Payment card details, transaction history, deposit amounts, withdrawal records	Processing payments, preventing money laundering, financial reporting
Gaming Activity Data	Game preferences, betting patterns, session duration, win/loss records	Responsible gambling monitoring, service improvement, bonus eligibility
Technical Information	IP address, device type, browser information, cookies, location data	Platform security, fraud prevention, technical support

We also collect information through cookies and similar tracking technologies that help us understand how you interact with our platform. This includes session cookies that maintain your login status, preference cookies that remember your gaming settings, and analytics cookies that help us improve our services. Additionally, we may collect information from third-party sources such as identity verification services, payment processors, and databases used for anti-fraud purposes.

During the account verification process, we may request additional documentation including government-issued identification, proof of address, and evidence of payment method ownership. This information is collected in accordance with Know Your Customer (KYC) requirements mandated by UK gambling regulations and anti-money laundering legislation.

2. Legal Basis and Purposes for Data Processing

We process your personal data based on several legal grounds established under UK GDPR. Our primary legal basis for processing is the performance of our contract with you, which includes providing gaming services, processing transactions, and maintaining your account. We also process data to comply with legal obligations imposed by the UK Gambling Commission, HM Revenue and Customs, and anti-money laundering regulations.

Legitimate interests in preventing fraud, ensuring platform security, and improving our services
Contractual necessity for account management, payment processing, and service delivery
Legal compliance with gambling regulations, tax obligations, and consumer protection laws
Consent for marketing communications and non-essential cookies
Vital interests in cases involving responsible gambling interventions and player protection

We use your information to verify your identity and age, ensuring compliance with the legal requirement that only individuals aged 18 and over can access our gaming services. Your financial data enables us to process deposits and withdrawals securely while monitoring for suspicious transactions that could indicate money laundering or fraud.

Gaming activity data helps us identify patterns that may suggest problem gambling behaviour, allowing us to implement appropriate responsible gambling measures. We analyze this information to trigger cooling-off periods, deposit limits, or account restrictions when necessary to protect vulnerable players.

Technical information is processed to maintain platform security, prevent unauthorized access, and ensure optimal performance across different devices and browsers. We use this data to detect and prevent cyber attacks, identify system vulnerabilities, and provide technical support when needed.

3. Data Sharing and Third-Party Disclosure

We share your personal information with carefully selected third parties who provide essential services that enable us to operate our gaming platform safely and legally. All third-party service providers are contractually bound to protect your data and use it only for the specific purposes we authorize.

Payment processors receive necessary financial information to execute deposits and withdrawals. These providers maintain PCI DSS compliance and employ advanced encryption to protect your financial data during transmission and storage. We work exclusively with reputable payment companies that demonstrate robust security measures and regulatory compliance.

Identity verification services receive personal information required to confirm your identity and prevent underage gambling. These specialized providers access government databases and credit reference agencies to verify the authenticity of your documentation and detect potential identity fraud.

Regulatory authorities including the UK Gambling Commission when required by law
Law enforcement agencies in response to valid legal requests or court orders
Anti-fraud databases and industry blacklists to protect against known fraudsters
Professional advisors including lawyers, accountants, and compliance consultants
Technology providers for hosting, security, and platform maintenance services

We may disclose information to regulatory bodies as part of routine compliance reporting or in response to specific investigations. The UK Gambling Commission may request player data to verify our adherence to operating licence conditions and responsible gambling requirements.

In exceptional circumstances, we may share information without your consent when required to prevent serious crime, protect vulnerable individuals, or comply with court orders. Such disclosures are made only when legally necessary and in accordance with data protection principles.

4. Data Retention and Storage Policies

We retain your personal information for specific periods determined by legal requirements, regulatory obligations, and legitimate business needs. Our retention schedule balances the need to maintain records for compliance purposes with your right to privacy and data minimization principles.

Account information and transaction records are retained for seven years following account closure, as required by UK anti-money laundering regulations and tax legislation. This extended retention period enables us to respond to regulatory inquiries, tax audits, and legal proceedings that may arise years after transactions occur.

Gaming activity data is retained for five years to support responsible gambling monitoring and enable pattern analysis that could identify problem gambling behaviour. This retention period allows us to detect concerning trends even when players take breaks from gaming or create new accounts.

Identity verification documents: Retained for seven years post-account closure
Financial transaction records: Maintained for seven years per regulatory requirements
Marketing consent records: Kept for three years after consent withdrawal
Technical logs and security data: Stored for two years unless required for investigations
Customer service communications: Preserved for three years for quality assurance

We conduct annual reviews of retained data to ensure we do not keep information longer than necessary. When retention periods expire, we securely delete or anonymize data using industry-standard methods that prevent recovery or reconstruction.

Data stored outside the UK is maintained in jurisdictions with adequate data protection standards or under appropriate safeguards such as Standard Contractual Clauses. We ensure that international transfers comply with UK GDPR requirements and provide equivalent protection to data processing within the UK.

5. Security Measures and Data Protection

We implement comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our multi-layered security approach incorporates industry best practices and exceeds minimum regulatory requirements for data protection.

All data transmission occurs over encrypted connections using Transport Layer Security (TLS) protocols with minimum 256-bit encryption. Our servers are protected by advanced firewalls, intrusion detection systems, and regular security monitoring that identifies and responds to potential threats in real-time.

End-to-end encryption for all data transmission and storage
Multi-factor authentication for staff access to sensitive systems
Regular penetration testing and vulnerability assessments
Automated backup systems with disaster recovery capabilities
Staff training programs on data protection and security awareness
Incident response procedures for potential data breaches

Access to personal data is restricted to authorized personnel who require such access to perform their duties. We implement role-based access controls that limit data exposure based on job responsibilities and regularly review access permissions to ensure they remain appropriate.

Our data centers feature physical security measures including biometric access controls, 24/7 monitoring, and environmental protections against fire, flooding, and power outages. We maintain redundant systems across geographically separated locations to ensure service continuity and data preservation.

We continuously monitor our systems for suspicious activity and maintain detailed audit logs that track all data access and modifications. These logs enable us to detect unauthorized activities quickly and investigate security incidents thoroughly when they occur.

6. Your Rights and Contact Information

Under UK data protection law, you possess several rights regarding your personal information that we are legally obligated to respect and facilitate. These rights empower you to control how your data is processed and ensure transparency in our data handling practices.

You have the right to access your personal data and receive a copy of the information we hold about you. We will provide this information within one month of receiving your request, along with details about how we use your data and who we share it with. Complex requests may require an additional two months, but we will inform you of any delays.

Right to rectification: Correct inaccurate or incomplete personal information
Right to erasure: Request deletion of your data in certain circumstances
Right to restrict processing: Limit how we use your information
Right to data portability: Receive your data in a machine-readable format
Right to object: Oppose processing based on legitimate interests or for direct marketing
Rights related to automated decision-making: Challenge decisions made without human intervention

Please note that some rights may be limited by legal obligations we must fulfill as a licensed gambling operator. For example, we cannot delete financial records that must be retained for regulatory compliance, and we may continue processing data necessary for responsible gambling protections even if you object.

To exercise any of these rights or raise concerns about our data processing activities, please contact our Data Protection Officer using the details provided below. We take all privacy inquiries seriously and will respond promptly to legitimate requests.

If you are dissatisfied with our response to your privacy concerns, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s independent data protection regulator. The ICO can be contacted at ico.org.uk or by telephone on 0303 123 1113.

Last updated: January 28, 2026