New Day, New Prizes.
Spin Easy. Win Quick.
Our commitment to secure online gaming begins with transparent practices regarding data acquisition, handling, and retention. We collect account details strictly for purposes such as account verification, responsible gaming controls, financial transactions, and regulatory compliance. Identification documents are encrypted end-to-end during transmission and at rest, monitored continuously for unauthorized access attempts. Account credentials are protected using multi-factor authentication and regular password hashing algorithms, meeting the requirements of gaming authorities in the EU and UK. All payment records are managed in compliance with PCI DSS protocols, ensuring banking data remains isolated and inaccessible to third parties. If you want to change or delete your account information, just log in and go to the profile section. As required by GDPR and similar laws, our support desk can help you manage your cookie preferences, withdraw your consent, or ask for data reports. We never share customer information with partners or affiliates without their permission, and we protect every transaction with advanced firewalls and intrusion prevention systems. Independent security experts do regular audits to make sure that the company follows all national and international data laws. Check out our separate sections on protecting minors, fighting fraud, and how long we keep data for more information on how we follow the highest standards of honesty. If you think your data may have been hacked or you are worried about security, you can reach our dedicated data officer through the secure form in the "Contact Us" section.
To register, you must give information like your email address, date of birth, country of residence, and payment information. This data is sent directly through secure forms that use SSL encryption, which makes it less likely to be intercepted by someone who shouldn't have it. Every time you make a transaction, whether it's creating an account, making a deposit, or withdrawing money, technical identifiers like device type, IP address, browser version, and session timestamps are recorded. Third-party verification providers may contribute additional data, for example, national identity confirmation through government databases or credit reference agencies. For quality control and record-keeping purposes, user correspondence with support teams is kept on file. All records are processed on dedicated servers in data centres that have ISO 27001 or an equivalent certification. Every three months, access rights are checked to make sure that only authorised technical staff can interact with personally identifiable information. End-to-end encryption is used for data transfers and backups both within national borders and for any cross-jurisdictional transfers that are allowed.
| Type | Retention Period | Storage Method | Identity Details |
|---|---|---|---|
| Signing up and doing KYC checks | Up to seven years after closing | Encrypted Database | Payment for data |
| Deposit and withdrawal of data | Minimum required by law | PCI-DSS Compliant Vault | Interactions with data |
| Correspondence Support | 3 years | Secured Archive | Login/Session Events for Device Information |
| Login/Session Events for Device Information | 12 months | Log Files (Access Limited) | Manual and automated auditing ensures timely removal of expired records. |
For maximum transparency, individuals may request summaries of stored records or removal in accordance with local data protection regulations, except where legal retention is mandated. Multi-factor authentication protects administrative interfaces to further minimize risks of unauthorized modifications or viewing.
Individuals engaging with the platform retain specific entitlements under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. These include:
If you need to make one of these requests, please get in touch with the data administrator using the information in the operator's contact section. Verification of identity keeps accounts safe. Most questions will be answered within 30 days, but if the question is too complicated, the answer may take longer. In that case, you will be notified in a timely manner.
Information may be provided to carefully vetted partners strictly for purposes aligned with regulatory compliance, payment processing, fraud prevention, or fulfilment of contractual services. Collaboration with external entities is governed by stringent agreements ensuring adherence to applicable legal frameworks, specifically the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Disclosure to payment facilitators, identity verification providers, and financial institutions is permitted strictly on a need-to-know basis for transaction validation, anti-money laundering protocols, and customer authentication. Such parties are required to maintain equivalent standards of confidentiality, and may not utilise, store, or transmit information for promotional activities or unrelated objectives. Occasionally, data may be transmitted to legal, regulatory, or licensing bodies when instructed by law or to satisfy auditing requirements. The scope of such transfers is always limited to what is authorized by statutory obligations or explicit consent. Collaborators providing marketing or analytical solutions receive only anonymised or aggregated data, so individuals cannot be identified. Direct identifiers are removed, and contractual controls prohibit reidentification or further dissemination. Supervision of all third-party access is ongoing, featuring regular audits and updated impact assessments. Clients interested in updated lists of partner organisations or requiring clarification about specific data sharing scenarios may contact customer support using official communication channels. Requests for data access logs are handled within stipulated timeframes under UK GDPR guidance. To minimise exposure, disclosure to organisations outside the United Kingdom or European Economic Area is only allowed when these destinations guarantee an adequate standard of security, either through adequacy decisions or robust contractual safeguards such as Standard Contractual Clauses.
All transmitted and stored personal material is protected through advanced cryptographic standards meeting international compliance requirements. Information in transit between browsers and the online platform’s servers is encoded using Transport Layer Security (TLS) protocol–version 1.2 or higher–to prevent unauthorized interception or data manipulation. Every session establishes a 256-bit encryption channel, recognized in the industry as a robust shield against eavesdropping. Data at rest, such as account credentials, identification documents, payment details, and contact information, is stored using AES-256 bit encryption. This standard, recommended by security specialists and regulatory authorities, ensures that even in the event of direct server access, stored information remains undecipherable without decryption keys. Keys are managed through Hardware Security Modules (HSMs), separating digital assets from application infrastructure and reducing exposure to internal and external threats. Strict procedures are in place to rotate encryption keys regularly, leveraging automated key management solutions. This method stops possible attackers from using compromised keys and is in line with best practices for keeping infrastructure safe. Backup archives and transaction logs go through the same cryptographic processes, which keeps old data safe as well. Never are plaintext passwords or sensitive information stored or sent. Multi-factor authentication protects administrative access and lowers the risk of unauthorised decryption. Continuous security auditing finds problems or weaknesses in the cryptographic setup and starts fixing them right away if necessary.
If you see something strange or are unsure about how your personal information is being handled, act right away to lower any risks to your accounts. Start by looking over your recent account activity, changing your login information, and turning on two-factor authentication in the way that works best for you. If you see someone accessing your information without permission or think they are using it inappropriately, write down specific information like timestamps, device types, and any related emails. This evidence is necessary for the responsible team to carry out a thorough investigation and respond quickly. Please send all questions about how data is collected, requests to fix mistakes, or requests to withdraw consent to the support channel. The contact email is [email protected]. Include comprehensive details: your registered username, email address, a detailed description of your issue, and any relevant screenshots or documentation. This streamlines the assessment process and allows for accurate resolution. Alternative communication options include the secure web form available in your account dashboard. For time-sensitive matters, the live chat function operates 24/7 and connects you to trained professionals. Never share payment credentials or sensitive identification documents outside these authorized channels. Escalating unresolved matters to the appointed Data Protection Officer is possible by clearly stating “Attention: DPO” in your communication subject line. The officer is mandated to provide a formal response within 30 days, adhering to applicable regulatory frameworks. For legal correspondence, use the platform's legal page to find the registered business address and send it by regular mail. Keep copies of all your conversations for your records.
The platform uses different types of cookies, such as strictly necessary, performance, functionality, and advertising tags. Essential cookies help keep logins safe and transactions honest. Performance tools collect anonymous data about how people use a site, such as how long they stay on it and how they move around. Functionality trackers let you do things like save your language preferences or remember your login information between visits. Advertising identifiers let you send targeted ads and track how well your campaigns are doing.
When users close their browsers, transient cookies expire, which means that session-specific content is no longer available. Persistent cookies may be retained for up to 24 months, subject to periodic review aligned with data minimization. All cookie lifespans remain visible in browser storage settings for transparency.
Analytic service providers, such as Google Analytics and Hotjar, may deploy independent trackers to analyze engagement, identify technical errors, and facilitate site enhancement. These collaborators never receive credentials or personally identifying records. All third-party relationships are contractually regulated, meeting international privacy frameworks such as GDPR and UK Data Protection Act standards.
Controls are offered via account dashboards, where participants may adjust tracking settings. Additionally, browser tools (e.g., Do Not Track, private browsing) can restrict or delete unwanted identifiers. Disabling some cookies may impact transaction processing, login performance, or promotional offer delivery. Guidance for cookie management in major browsers is accessible from support sections.
Linked tracking mechanisms support contextual advertising. No behavioral profiles are sold or transferred for marketing beyond the direct provider-to-user relationship. Frequency caps ensure that ad exposures remain reasonable and non-intrusive. Data aggregation is applied for improving platforms’ usability rather than individual profiling.
Bonus
for first deposit
1000£ + 250 FS
Switch Language
