How we handle your personal data
What we collect
We collect what we need to run a licensed casino and nothing we cannot justify. That means the details you give us at registration — name, date of birth, email, mobile number, country and currency — and the identity documents required before a first withdrawal: a government photo ID, a proof of address, and a partially obscured card image where a card was used.
We also record what any website records: your IP address, the device and browser you use, and the pages you open. Alongside that sits your play and payment history, which we are obliged to keep. Cookies handle the session, remember your preferences, and measure traffic in aggregate.
Why we hold it
Four reasons, and no others. To operate your account and process deposits and withdrawals. To meet the anti-money-laundering and age-verification duties our licence imposes — this is why identity documents are not optional and cannot be deleted on request while the account is active. To protect the site and its players from fraud, including duplicate accounts and bonus abuse. And to send you service messages, plus marketing where you have agreed to it.
Marketing consent is separate from the account and can be withdrawn at any time in your settings without affecting your ability to play. Service messages — a withdrawal confirmation, a security alert — are not marketing and continue regardless.
Who sees your data
Our own staff, on a need-to-know basis. Our payment processors, who need the minimum required to move money. The game studios, in the limited technical sense required to run a session. Our regulator and, where the law compels it, law enforcement. Nobody else. We do not sell personal data, and we do not trade it with advertisers.
Anyone processing data on our behalf is bound by contract to the same standards we hold ourselves to, and is permitted to use the data only for the task we engaged them for.
How long we keep it
For as long as the account is open, and afterwards for the period our licence and anti-money-laundering rules require — several years, not indefinitely. When that period expires, records are deleted or irreversibly anonymised. This is also why closing an account does not immediately erase everything: we are legally required to retain a transaction record even after you have left.
Security
The site runs over SSL end to end. Passwords are stored hashed, never in plain text, which is why support cannot read yours back to you and will never ask for it. Access to identity documents is restricted to staff who need it for verification. No system is perfect; if a breach ever affected your data, we would tell you and our regulator rather than quietly hope.
Your rights
- Ask what we hold about you, and receive a copy.
- Correct anything inaccurate — particularly an address that no longer matches your documents.
- Withdraw marketing consent at any time, with no effect on your play.
- Request deletion, subject to the retention obligations described above.
- Complain to our regulator if you believe we have handled your data improperly.
Requests go through live chat or the support email, and we answer them in a reasonable time. Cookies can be cleared or blocked in your browser at any point; the site will still work, though you will be asked to sign in more often. The rest of what we do is described on the home page.