Privacy Policy

This Privacy Policy governs the collection, use, processing, and protection of personal information provided by users of our online gaming platform. We are committed to maintaining the highest standards of data protection in accordance with UK legislation, including the Data Protection Act 2018 and the UK General Data Protection Regulation. By accessing our services, you acknowledge that you have read, understood, and agree to be bound by the terms outlined in this comprehensive privacy framework. Last updated: January 29, 2026.

Information We Collect

Our platform collects various categories of personal information necessary for providing secure and compliant gaming services. The scope of data collection is strictly limited to information essential for account management, regulatory compliance, and service enhancement. We distinguish between information provided voluntarily by users and data collected automatically through technical processes.

Data CategoryInformation TypeCollection MethodPurpose
Personal DetailsName, address, date of birth, contact informationRegistration formIdentity verification, compliance
Financial InformationPayment methods, transaction history, deposit recordsPayment processingSecure transactions, anti-fraud measures
Technical DataIP address, browser type, device information, cookiesAutomated collectionSecurity, platform optimisation
Gaming ActivityGame preferences, betting patterns, session durationPlatform interactionResponsible gambling, personalisation

We implement robust verification procedures that require submission of government-issued identification documents, proof of address, and financial verification materials. This information is collected solely for compliance with UK Gambling Commission regulations and anti-money laundering requirements. Technical data is gathered through cookies, web beacons, and similar technologies to enhance user experience and maintain platform security.

Lawful Basis for Processing

Our data processing activities are founded upon multiple lawful bases as defined by UK data protection legislation. We process personal information only when we have established a clear legal justification that aligns with both regulatory requirements and legitimate business interests. The primary legal foundations for our data processing encompass contractual necessity, legal compliance obligations, and legitimate interests in providing secure gaming services.

  1. Contractual necessity for account creation, transaction processing, and service delivery to registered users
  2. Legal compliance with UK Gambling Commission licensing conditions, anti-money laundering regulations, and taxation requirements
  3. Legitimate interests in fraud prevention, security maintenance, platform improvement, and responsible gambling measures
  4. Vital interests in situations involving potential harm prevention or emergency response situations
  5. Explicit consent for marketing communications, personalised offers, and non-essential service enhancements

Where processing relies on legitimate interests, we conduct comprehensive balancing assessments to ensure that our commercial interests do not override individual privacy rights. For marketing activities and optional services, we obtain clear, informed consent that can be withdrawn at any time through accessible preference management tools.

Data Usage and Processing Purposes

Personal information collected through our platform serves specific, clearly defined purposes that directly relate to service provision and regulatory compliance. We maintain strict limitations on data usage, ensuring that processing activities remain proportionate to stated objectives and user expectations. Our data utilisation framework encompasses operational requirements, security measures, and enhancement initiatives.

Account management processes require personal details for user authentication, identity verification, and profile maintenance. Financial data enables secure payment processing, transaction monitoring, and compliance with anti-money laundering obligations. Technical information supports platform security, performance optimisation, and fraud detection systems that protect both individual users and the broader gaming community.

Gaming activity data facilitates responsible gambling measures, including deposit limits, session controls, and behavioural pattern analysis designed to identify potential problem gambling indicators. This information also supports platform personalisation features that enhance user experience whilst maintaining strict privacy boundaries. Marketing communications utilise preference data to deliver relevant promotional content to users who have explicitly consented to receive such materials.

Data Sharing and Third-Party Disclosure

We maintain a restrictive approach to data sharing, limiting third-party disclosure to circumstances that are essential for service operation, regulatory compliance, or user protection. All data sharing arrangements are governed by comprehensive agreements that mandate equivalent privacy protection standards and restrict secondary usage of shared information.

Regulatory authorities, including the UK Gambling Commission and HM Revenue & Customs, may receive personal information as required by licensing conditions and tax obligations. Payment processors and financial institutions receive transaction data necessary for secure money transfers and fraud prevention. Technical service providers, including hosting companies and security specialists, may access limited data required for platform maintenance and protection services.

  1. Regulatory bodies for licensing compliance, investigation support, and statutory reporting requirements
  2. Payment service providers for transaction processing, security verification, and anti-fraud measures
  3. Technical partners for platform hosting, maintenance, security monitoring, and performance optimisation
  4. Legal advisors and professional services for compliance guidance, dispute resolution, and regulatory matters
  5. Law enforcement agencies when legally compelled through appropriate judicial processes or statutory powers

We do not engage in commercial data sales or provide personal information to marketing companies, data brokers, or other third parties for their independent commercial purposes. All sharing arrangements include contractual provisions that mandate data protection compliance and restrict onward transfer without explicit authorisation.

Data Security and Protection Measures

Our comprehensive security framework incorporates multiple layers of technical and organisational measures designed to protect personal information against unauthorised access, alteration, disclosure, or destruction. These protections align with industry best practices and regulatory expectations for sensitive financial and personal data handling within the gaming sector.

Technical security measures include advanced encryption protocols for data transmission and storage, multi-factor authentication systems, intrusion detection technologies, and regular security vulnerability assessments. Access controls ensure that personal information is available only to authorised personnel who require such access for legitimate business purposes, with all access activities subject to comprehensive logging and monitoring.

  1. Advanced Encryption Standard (AES-256) encryption for sensitive data storage and transmission protocols
  2. Transport Layer Security (TLS) implementation for secure communication channels between users and platform systems
  3. Multi-factor authentication requirements for administrative access and sensitive account operations
  4. Comprehensive access logging, monitoring systems, and automated anomaly detection capabilities
  5. Regular security audits, penetration testing, and vulnerability assessments conducted by independent security specialists
  6. Secure data backup procedures with encrypted storage and tested recovery protocols
  7. Employee security training programmes and strict confidentiality obligations for all staff members
  8. Physical security measures for data centres and office environments containing sensitive information systems

Organisational measures include staff training programmes, confidentiality agreements, regular security awareness updates, and incident response procedures designed to minimise potential privacy breaches. We maintain detailed security policies that are regularly reviewed and updated to address evolving threats and technological developments.

User Rights and Data Control

Under UK data protection legislation, users possess comprehensive rights regarding their personal information, including access, rectification, erasure, portability, and objection rights. We provide accessible mechanisms for exercising these rights and respond to legitimate requests within statutory timeframes, typically within one month of receipt.

Users can access complete records of personal information held on our systems through secure account portals or by submitting formal data subject access requests. Rectification rights enable correction of inaccurate or incomplete information, whilst erasure rights allow for account closure and data deletion in circumstances where continued processing is not legally required.

  1. Right of access to personal information, processing purposes, and data sharing arrangements
  2. Right to rectification of inaccurate, incomplete, or outdated personal information
  3. Right to erasure of personal data when processing is no longer necessary for original purposes
  4. Right to data portability for transferring information to alternative service providers
  5. Right to object to processing based on legitimate interests or for marketing purposes
  6. Right to restrict processing in specific circumstances, including during accuracy disputes
  7. Right to withdraw consent for processing activities that depend on voluntary agreement
  8. Right to lodge complaints with the Information Commissioner’s Office regarding privacy concerns

Marketing preferences can be modified at any time through account settings or unsubscribe mechanisms included in promotional communications. Users maintain control over optional data processing activities whilst understanding that certain processing remains necessary for core service provision and regulatory compliance.

Data Retention and Deletion

Our data retention policies balance user privacy expectations with regulatory obligations and legitimate business requirements. We retain personal information only for periods that are necessary and proportionate to processing purposes, with automatic deletion procedures for data that exceeds retention thresholds.

Active account information is retained whilst users maintain platform access and for reasonable periods following account closure to address potential disputes, regulatory inquiries, or security investigations. Financial transaction records are preserved in accordance with anti-money laundering legislation and taxation requirements, typically for periods of five to seven years following transaction completion.

Technical logs and security data are retained for shorter periods, generally not exceeding twelve months unless specific security incidents or investigations require extended preservation. Marketing consent records and communication preferences are maintained until withdrawal or account closure, with immediate effect given to opt-out requests.

Upon account closure, we initiate systematic data deletion procedures that remove personal information not subject to regulatory retention requirements. Users receive confirmation of deletion completion and retain rights to request information about any data that remains stored for compliance purposes.

Contact Information and Privacy Inquiries

We maintain dedicated privacy support channels for addressing user inquiries, exercising data protection rights, and resolving privacy-related concerns. Our privacy team provides comprehensive assistance with data subject requests, consent management, and general privacy questions through multiple communication channels.

Privacy inquiries can be submitted through secure messaging systems within user accounts, dedicated privacy email addresses, or formal written correspondence to our registered business address. We prioritise privacy communications and typically provide initial responses within 48 hours of receipt, with complete resolution within statutory timeframes.

For urgent privacy concerns, including suspected unauthorised access or data breaches affecting individual accounts, we offer expedited response procedures through dedicated support channels. Our privacy team maintains expertise in UK data protection law and can provide guidance on user rights, processing activities, and complaint procedures.

Users who remain unsatisfied with our privacy practices or responses to data protection inquiries retain the right to lodge complaints with the Information Commissioner’s Office, the UK’s independent data protection regulator. We cooperate fully with regulatory investigations and implement recommended improvements to enhance privacy protection standards.