Scope and basis of this privacy document

• Information collected
  • Identification and verification: name, date of birth, address, nationality, and government ID data for KYC.
  • Contact details: email, phone number, and communication records.
  • Account and usage: username, preferences, gameplay logs, responsible gambling settings, and support tickets.
  • Payments: partial card data, bank details, transaction history, and chargeback records.
  • Device and technical: IP address, browser type, operating system, mobile identifiers, cookies, and geolocation where permitted.
  • Compliance and risk: sanctions screening results, fraud flags, and AML records.
• Why this information is collected
  • To create and manage accounts, provide services, verify identity, and process payments.
  • To ensure responsible gambling, prevent fraud, and protect platform security.
  • To meet legal and regulatory requirements under Canadian law, including AML obligations.
• Security measures
  • Encryption in transit and at rest, strict access controls, and multi-factor authentication for staff.
  • Network segmentation, secure development practices, logging, and regular security testing.
  • Vendor due diligence, confidentiality agreements, and ongoing monitoring.
  • Incident response and breach notification processes aligned to PIPEDA and provincial laws.
• Retention and destruction
  • Personal information is kept only as long as needed for services and legal requirements.
  • Typical retention for transactional and AML records is up to seven years, then secure deletion or de-identification.
• User rights
  • Access a copy of personal information, request corrections, or ask for deletion where permitted by law.
  • Withdraw consent and object to certain processing, subject to legal or contractual limits.
  • File a complaint with the Office of the Privacy Commissioner of Canada, or applicable provincial regulators.
• Legal basis and compliance
  • Processing relies on consent, contract performance, legal obligations, and legitimate interests such as fraud prevention.
  • The platform follows PIPEDA and applicable provincial privacy laws, including Quebec’s Law 25, Alberta PIPA, and BC PIPA.

• Service delivery and account management
  • Set up and maintain accounts, verify identity, process deposits and withdrawals, and provide customer support.
• Responsible gambling and security
  • Apply limits, conduct affordability and risk checks, detect suspicious activity, and maintain platform integrity.
• Service improvement and analytics
  • Analyse usage to fix issues, enhance performance, and improve user experience on websites and apps.
• Marketing and preferences
  • Send service updates and, where consented, marketing communications tailored to user preferences. Users can opt out at any time.
• Compliance and dispute handling
  • Meet AML/CTF requirements, respond to law enforcement requests, manage chargebacks, and resolve disputes.

Processing is lawful, proportionate, and transparent. Only the minimum necessary personal information is used for each purpose.

• Submit a request
  • Contact the Privacy Office at [email protected] and describe the request: access, correction, deletion, or consent withdrawal.
  • Identity verification may be required to protect accounts and prevent unauthorised disclosure.
• Timelines and outcomes
  • Responses are generally provided within 30 days under PIPEDA. Complex requests may need more time as permitted by law.
  • Corrections are made where information is inaccurate or incomplete. If deletion is requested, data may be retained where required by law.
• Security checks and payments
  • By using Almabet, users consent to identity, age, fraud, and sanctions checks, and to payment data processing by approved providers.
• Portability and restriction
  • Where feasible, a copy of information can be provided in a common format, and processing can be limited upon request, subject to legal duties.

• The platform is intended for users aged 18 or older, or the higher legal age in the user’s province or territory.
• Age cannot be verified without supporting documents; verification may be requested during registration, withdrawals, or reviews.
• If a parent or guardian believes a minor has provided personal data, contact [email protected] to request deletion.
• Any identified minor account will be closed, and related information will be deleted or anonymised as required by law.

• Personal information may be stored or processed in other countries where service partners operate, including cloud hosting, payments, and KYC providers.
• Using the site signifies consent to international transfers that support the services.
• Safeguards include contractual protections, confidentiality agreements, and technical controls that align to recognised standards and GDPR-style safeguards where applicable.
• Partners are required to protect information and to use it only for the agreed purposes.

• This section clarifies that disclaimers may adjust how rules apply in certain cases, without limiting non-waivable rights under Canadian privacy law.
• The policy takes effect when the user accepts it through account creation, website use, or other forms of accession.
• If any part conflicts with mandatory law, the law prevails and the remaining terms continue in force.
• The service may update this policy; material changes will be signposted, and archived versions can be provided upon request.

• Definition
  • Cookies are small text files placed on devices to store settings and recognise browsers across visits.
• Purposes
  • Essential operation, security, and fraud prevention.
  • Statistics, behaviour analysis, and site improvement.
  • Personalisation of content and, where consented, marketing preferences.
• Retention and control
  • Cookie retention is up to 1 year unless a shorter period is needed.
  • Users can manage cookies through browser settings and consent tools. Disabling essential cookies may affect some functions.
• Third-party cookies
  • Analytics and advertising partners may set cookies subject to their own policies. Only authorised partners are used.

Using the services indicates full acceptance of this privacy policy and any referenced terms. The current version of the policy prevails over earlier versions. Continued use after changes means acceptance of the updated terms. Users who do not agree should discontinue use of the websites and request account closure.

• When sharing occurs
  • To comply with law, respond to regulators, prevent fraud, or enforce agreements.
  • To process payments, conduct KYC/AML checks, provide hosting, analytics, support, and communication services.
• Who may receive data
  • Payment processors, banks, identity verification providers, fraud prevention services, cloud platforms, professional advisers, and regulatory bodies.
  • A list of key service providers may be published on the site. If not listed, users will be informed of purpose and scope where required.
• Basis and responsibilities
  • Providing personal information constitutes consent to share it for stated purposes and as required by law.
  • Some recipients act as processors under contract; others may be independent controllers subject to their own privacy practices.

The website may contain links to external websites that follow their own privacy practices. The platform is not responsible for how those parties collect, use, or disclose information. Users should review the privacy policies of any external site visited and exercise caution when sharing personal details.