Privacy Policy

1. What Data We Collect

When you register and use 247bet Casino, we collect personal information necessary to operate our services legally and securely. This includes: your full name, email address, date of birth, home address, phone number, and government-issued identification documents for KYC purposes. We also collect transaction data (deposits, withdrawals, game history) as required by UKGC regulations for anti-money laundering compliance. Technical data including IP addresses, device information, browser type, and session data is collected for security and fraud prevention. We collect only what is necessary for the specific purposes described in this policy.

2. How We Use Your Data

We use your personal data to: operate your account and provide our services; verify your identity and age as required by law; process your deposits and withdrawals; comply with UKGC licence obligations including AML and responsible gambling requirements; detect and prevent fraud, money laundering, and account abuse; send you service communications (account activity, security alerts, withdrawal confirmations); send you marketing communications if you've opted in; and improve our services through anonymised analytics. We do not use your data for automated decision-making that produces significant legal effects without human review.

3. Legal Basis for Processing

We process your data under several legal bases. Contract performance — processing necessary to operate your account and provide our services. Legal obligation — KYC, AML, and age verification as required by UK gambling law and UKGC licence conditions. Legitimate interests — fraud prevention, security monitoring, and service improvement. Consent — marketing communications, which you can withdraw at any time. Where we rely on consent, you can withdraw it without affecting the lawfulness of prior processing.

4. Data Sharing

We do not sell your personal data to third parties. We share data only where necessary: with payment processors to handle your transactions; with identity verification providers to complete KYC; with UKGC as required by our licence; with GAMSTOP for self-exclusion verification; with fraud prevention agencies; and with law enforcement when legally required. All third parties we work with are contractually obligated to protect your data to the same standard we apply. We do not share your data with gambling industry partners for marketing purposes.

5. Data Retention

Under UKGC regulations, we're required to retain player account and transaction data for a minimum of 5 years after account closure. This is a legal requirement, not a preference. After the mandatory retention period, we securely delete data we no longer have a legal obligation to keep. KYC documents are retained for the period required by AML regulations. Marketing preferences and opted-out status are retained to ensure we respect your communication preferences even after you've opted out.

6. Your Data Rights Under GDPR

As a UK resident, you have the following rights under UK GDPR: the right to access your personal data; the right to rectification of inaccurate data; the right to erasure (subject to legal retention requirements); the right to restrict processing; the right to data portability; the right to object to processing; and the right to lodge a complaint with the Information Commissioner's Office (ICO). To exercise any of these rights, contact our data protection team through the support section of your account. We'll respond within 30 days as required by law.

7. Security

We protect your data with 256-bit SSL encryption on all connections, at-rest encryption for stored personal data, access controls limiting which staff can view player data, regular security audits and penetration testing, and incident response procedures for potential breaches. We're required to notify the ICO of data breaches within 72 hours of discovery where there's a risk to individuals. We take data security as seriously as we take gambling security — both are fundamental to being a trustworthy operator.

8. Cookies

We use cookies for session management (necessary — cannot be declined), fraud detection (necessary), analytics (optional — can be declined via cookie settings), and marketing (optional — can be declined). You can manage non-essential cookies through our cookie settings panel accessible from the footer of any page. Declining analytics and marketing cookies doesn't affect your ability to use our services.

9. Contact

For data protection enquiries, contact our support team through the live chat or email listed in your account settings. For formal complaints about data handling, you can contact the Information Commissioner's Office at ico.org.uk or by post to ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.