Privacy Policy

This Privacy Policy governs the collection, use, and protection of personal information by our online gaming platform operating within Canada. We are committed to maintaining the highest standards of privacy protection in accordance with Canadian federal and provincial privacy legislation, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable gaming regulations. This policy outlines how we handle your personal data when you access our services, create accounts, make transactions, and engage with our gaming offerings. Last updated: January 22, 2026.

Information Collection and Types of Data

We collect various categories of personal information necessary to provide our gaming services, ensure regulatory compliance, and maintain a secure gaming environment. The collection of this information is essential for account verification, fraud prevention, responsible gaming measures, and meeting our legal obligations under Canadian gaming and anti-money laundering legislation.

Data CategoryInformation TypeCollection MethodLegal Basis
Personal IdentificationFull name, date of birth, address, phone numberRegistration form, verification documentsRegulatory compliance
Financial InformationPayment methods, transaction history, banking detailsDeposit/withdrawal processesService provision
Technical DataIP address, device information, browser dataAutomatic collectionSecurity and functionality
Gaming ActivityBetting patterns, game preferences, session durationPlatform interactionResponsible gaming monitoring

Identity verification requires submission of government-issued identification documents, proof of address, and financial verification materials. This information is collected to comply with Know Your Customer (KYC) requirements mandated by Canadian gaming regulators and financial intelligence units. We may also collect biometric data for enhanced security verification where legally permitted and with explicit consent.

Purposes of Data Processing

Your personal information is processed for specific, legitimate purposes related to the provision of online gaming services and compliance with Canadian legal requirements. We ensure that data processing activities align with the principles of necessity, proportionality, and purpose limitation as established in Canadian privacy law.

  1. Account creation, management, and authentication services to enable platform access and user identification
  2. Transaction processing for deposits, withdrawals, and gaming activities including payment verification and fraud prevention
  3. Regulatory compliance including anti-money laundering monitoring, suspicious transaction reporting, and gaming authority obligations
  4. Responsible gaming implementation through pattern analysis, limit setting, and intervention measures
  5. Customer support services including query resolution, technical assistance, and account maintenance
  6. Marketing communications for promotional offers, bonuses, and platform updates where consent has been provided
  7. Security monitoring to detect fraudulent activities, unauthorized access attempts, and system vulnerabilities
  8. Platform improvement through analytics, user experience optimization, and service enhancement initiatives

Data processing activities are conducted with appropriate technical and organizational measures to ensure accuracy, completeness, and currency of personal information. We implement automated and manual review processes to maintain data quality and remove outdated or irrelevant information in accordance with our retention policies.

Legal Basis and Consent Management

Our processing of personal information is grounded in various legal bases recognized under Canadian privacy legislation, ensuring that all data handling activities are lawful, fair, and transparent. We rely on contractual necessity for core gaming services, legal obligations for regulatory compliance, and legitimate interests for security and platform improvement activities.

Explicit consent is obtained for marketing communications, optional data processing activities, and any collection or use of sensitive personal information beyond what is strictly necessary for service provision. Consent mechanisms include opt-in checkboxes, electronic signatures, and clear acknowledgment statements during the registration process.

Where we rely on legitimate interests as a legal basis, we conduct balancing tests to ensure that our interests do not override your fundamental privacy rights and freedoms. These assessments consider the nature of the data, the purposes of processing, the potential impact on individuals, and available safeguards to mitigate privacy risks.

You maintain the right to withdraw consent at any time for processing activities based on consent, though this may affect our ability to provide certain services or features. Withdrawal of consent does not affect the lawfulness of processing conducted prior to withdrawal or processing based on other legal grounds.

Data Sharing and Third-Party Disclosure

We maintain strict controls over the sharing and disclosure of personal information, ensuring that third-party access is limited to legitimate business purposes and regulatory requirements. All data sharing arrangements include appropriate contractual safeguards, data protection clauses, and security requirements to protect your privacy interests.

Regulatory authorities may receive personal information as required by gaming licenses, anti-money laundering obligations, and law enforcement requests. This includes provincial gaming regulators, the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), and other authorized government agencies conducting legitimate investigations.

  1. Payment processors and financial institutions for transaction processing, verification, and fraud prevention services
  2. Identity verification providers for KYC compliance and document authentication processes
  3. Technology service providers including hosting, security, and platform maintenance companies
  4. Responsible gaming organizations for intervention services and support program referrals
  5. Legal and professional advisors for compliance, audit, and advisory services
  6. Affiliated companies within our corporate structure where necessary for service provision

International data transfers are conducted with appropriate safeguards including adequacy decisions, standard contractual clauses, or other mechanisms recognized under Canadian privacy law. We ensure that international recipients provide equivalent protection to Canadian privacy standards through contractual commitments and compliance monitoring.

Data Security and Protection Measures

We implement comprehensive technical, administrative, and physical safeguards to protect personal information against unauthorized access, disclosure, alteration, and destruction. Our security framework follows industry best practices and regulatory standards applicable to online gaming operations in Canada.

Technical security measures include advanced encryption protocols, secure socket layer (SSL) technology, multi-factor authentication systems, and regular security monitoring. All sensitive data is encrypted both in transit and at rest using industry-standard cryptographic algorithms and key management practices.

  1. Network security controls including firewalls, intrusion detection systems, and vulnerability management programs
  2. Access controls with role-based permissions, regular access reviews, and principle of least privilege implementation
  3. Data backup and recovery procedures ensuring business continuity and data availability
  4. Employee training programs covering privacy obligations, security protocols, and incident response procedures
  5. Regular security assessments including penetration testing, vulnerability scans, and compliance audits
  6. Incident response capabilities for rapid detection, containment, and remediation of security events
  7. Vendor security assessments ensuring third-party service providers meet our security standards

Physical security measures protect our facilities, equipment, and data storage systems through access controls, surveillance systems, and environmental protections. We maintain secure data centres with redundant systems, climate controls, and 24/7 monitoring capabilities.

User Rights and Data Subject Requests

Canadian privacy legislation grants you specific rights regarding your personal information, which we are committed to respecting and facilitating through accessible request processes and timely responses. These rights enable you to maintain control over your personal data and ensure its accurate and appropriate use.

You have the right to access your personal information held by our organization, including the right to know what information we collect, how it is used, and with whom it is shared. Access requests will be processed within thirty days of receipt, and we will provide information in an understandable format.

  1. Right to access personal information and receive copies of data held about you
  2. Right to rectification of inaccurate, incomplete, or outdated personal information
  3. Right to request deletion of personal information where legally permissible
  4. Right to restrict processing for specific purposes or data categories
  5. Right to data portability for information provided to us with your consent
  6. Right to object to processing based on legitimate interests or direct marketing
  7. Right to withdraw consent for processing activities based on your agreement
  8. Right to file complaints with privacy commissioners regarding our data handling practices

Data subject requests can be submitted through our privacy contact mechanisms, and we will verify your identity before processing requests to prevent unauthorized access to personal information. Some requests may be subject to legal limitations, such as regulatory retention requirements or ongoing legal proceedings.

Data Retention and Deletion Policies

We maintain personal information only for as long as necessary to fulfill the purposes for which it was collected, meet our legal obligations, and resolve disputes. Our retention schedules balance privacy principles with regulatory requirements, business needs, and user expectations regarding data availability.

Gaming transaction records and account information are retained for minimum periods specified by Canadian gaming regulations and anti-money laundering legislation, typically ranging from seven to ten years after account closure. This extended retention supports regulatory compliance, audit requirements, and potential legal proceedings.

Marketing and communication data is retained for shorter periods, typically until consent is withdrawn or three years after the last interaction, whichever is earlier. Technical logs and security data are retained for one year unless required for ongoing investigations or security incident response.

  1. Active account data retained throughout the duration of the customer relationship and applicable legal hold periods
  2. Financial transaction records maintained for seven years after the last transaction date
  3. Identity verification documents stored for regulatory compliance periods following account closure
  4. Marketing communications data deleted within ninety days of consent withdrawal
  5. System logs and technical data purged after twelve months unless legally required
  6. Closed account information archived according to regulatory retention schedules

Automated deletion processes ensure that personal information is securely destroyed when retention periods expire, using methods that prevent recovery or reconstruction of deleted data. Manual review processes verify that deletion activities comply with legal requirements and do not conflict with ongoing obligations.

Contact Information and Privacy Governance

We have appointed a dedicated privacy officer responsible for overseeing privacy compliance, handling data subject requests, and serving as the primary contact for privacy-related inquiries. Our privacy governance framework ensures accountability, transparency, and continuous improvement in privacy practices.

Privacy concerns, data subject requests, or questions about this policy can be directed to our privacy officer through multiple communication channels. We are committed to providing prompt, helpful responses to all privacy inquiries and working collaboratively to resolve any concerns about our data handling practices.

This Privacy Policy is reviewed regularly and updated as necessary to reflect changes in our services, legal requirements, or industry standards. Material changes will be communicated to users through platform notifications, email communications, or prominent website postings, providing adequate notice before implementation.

If you believe that we have not complied with Canadian privacy laws or this Privacy Policy, you have the right to file a complaint with the Office of the Privacy Commissioner of Canada or the relevant provincial privacy commissioner. We encourage you to contact us first to provide an opportunity to address your concerns directly and work toward a satisfactory resolution.