Privacy Policy

This Privacy Policy establishes the framework governing the collection, processing, use, and protection of personal information of users engaging with our online gaming platform. We are committed to maintaining the highest standards of data protection in accordance with applicable South African legislation, including the Protection of Personal Information Act (POPIA) and relevant gambling regulations. Our platform operates under strict compliance protocols designed to safeguard your personal and financial information while ensuring a transparent and secure gaming experience. This policy applies to all users, regardless of jurisdiction, who access our services through web browsers, mobile applications, or any other digital interface. We understand that privacy is paramount in the online gaming industry, and we have implemented comprehensive measures to protect your data from unauthorized access, disclosure, or misuse.

1. Information We Collect

Our platform collects various categories of information to facilitate account creation, regulatory compliance, fraud prevention, and service optimization. We gather this information through multiple channels including direct user input, automated systems, and third-party service providers. The scope of data collection extends across several dimensions to ensure comprehensive user identification and transaction tracking. All information collected is necessary for the provision of gaming services and compliance with South African gambling legislation and financial regulatory requirements.

Data Category	Collection Method	Purpose of Use
Personal Identification Data	Registration forms, account verification	Account creation, age verification, KYC compliance
Contact Information	User input, customer communications	Account management, notifications, customer support
Financial Data	Payment processing systems, banking information	Deposit processing, withdrawals, financial transactions
Device and Technical Data	Browser cookies, server logs, IP tracking	Security monitoring, fraud detection, service optimization
Behavioral Data	Gaming activity logs, session recordings	Responsible gaming monitoring, fraud prevention, platform improvement
Biometric Data	Optional mobile authentication	Account security, identity verification

2. How We Use Your Information

We utilize collected information for multiple interconnected purposes that support platform operations, regulatory compliance, and user protection. Your data enables us to deliver personalized gaming experiences while simultaneously implementing responsible gambling safeguards. The primary use cases include account maintenance, transaction processing, fraud mitigation, and regulatory reporting as mandated by South African National Gambling Board requirements. We also analyze behavioral patterns to identify problem gambling indicators and provide intervention resources to at-risk users. Customer support operations depend on your information to resolve disputes, process complaints, and maintain service quality. Marketing communications are sent exclusively to users who have opted in, with clear mechanisms for immediate unsubscription at any time.

Account creation and verification processes
Processing deposits, withdrawals, and gaming transactions
Age and identity verification for regulatory compliance
Fraud detection and prevention systems
Responsible gambling monitoring and intervention
Customer support and dispute resolution
Platform security and technical maintenance
Personalized gaming recommendations and user experience optimization
Statistical analysis and research for service improvement
Legal compliance and regulatory reporting

3. Data Sharing and Third-Party Disclosure

We maintain strict controls over third-party access to user information and share data only when necessary for service provision or legally required. Our payment processors, anti-fraud specialists, and cybersecurity providers receive limited data strictly necessary for their functions. These third parties operate under contractual obligations matching our privacy standards and are prohibited from using your information for unrelated purposes. Financial institutions involved in transaction processing receive account holder information required for banking operations and money laundering prevention. Regulatory authorities, including the National Gambling Board and financial intelligence units, may receive user data in compliance with South African legislation and international agreements. Legal disclosure occurs when courts issue valid orders or when we detect illegal activities requiring law enforcement notification. We never sell user information to marketing agencies or data brokers. Aggregated, anonymized data may be shared for statistical and research purposes that cannot identify individual users.

4. Cookies, Tracking Technologies, and Automated Processing

Our platform employs cookies and similar tracking technologies to enhance functionality, maintain security, and analyze user behavior patterns. Essential cookies are required for account login, transaction security, and platform operation. Performance cookies measure site usage and identify technical issues requiring resolution. Marketing cookies track user preferences for promotional purposes, and users may disable these through browser settings without affecting core services. We utilize pixel tracking, web beacons, and device fingerprinting to detect fraudulent activities and unauthorized access attempts. Session replay technology records user interactions with explicit consent to improve user experience and identify technical problems. IP address logging tracks geographic location and detects suspicious access patterns. Browser fingerprinting creates unique device identifiers to prevent multi-accounting fraud. Users retain full control over cookie preferences through browser settings, though disabling certain cookies may impact platform functionality. Our cookie policy complies with South African Electronic Communications and Transactions Act requirements regarding consent and transparency.

5. Data Protection Measures and Security Protocols

We implement enterprise-grade security infrastructure designed to protect user information from unauthorized access, disclosure, alteration, and destruction. All data transmissions utilize AES-256 encryption for sensitive information and TLS 1.3 protocols for data in transit. Our servers maintain SSL certificates, regular security audits, and penetration testing conducted by independent cybersecurity firms. Access controls restrict employee access to personal information on a need-to-know basis, with activity logged and monitored. Two-factor authentication is required for administrative access. We conduct annual security assessments and maintain incident response protocols. Payment card information is never stored on our servers; instead, we utilize PCI-DSS compliant payment processors. Database encryption protects stored information using industry-standard algorithms. Automated monitoring systems detect unusual access patterns and potential breaches in real-time. All staff members undergo mandatory privacy and security training. We maintain cyber insurance coverage for breach response and user notification. Regular backup systems ensure data recovery capability in disaster scenarios.

AES-256 encryption for data at rest and TLS 1.3 for data in transit
Regular penetration testing and vulnerability assessments by third-party security specialists
Role-based access controls with granular permission settings
Two-factor authentication for administrative accounts
Mandatory security training for all staff members
PCI-DSS compliance for payment card processing
Real-time breach detection and incident response procedures
Annual independent security audits
Secure document destruction protocols for archived data
Disaster recovery and business continuity planning

6. User Rights and Data Subject Requests

South African users retain comprehensive rights regarding their personal information, including access, correction, deletion, and portability. You may submit formal requests to access all information we maintain about you, including details of collection, processing purposes, and disclosure recipients. We will provide this information in electronic format within thirty days of receipt, unless circumstances warrant reasonable extension. Correction requests allow you to update inaccurate information, which we will implement without delay and communicate to relevant third parties. Deletion requests are honored except where legal obligations require data retention, such as anti-money laundering regulations requiring seven-year transaction records. Data portability enables you to receive your information in structured, commonly used format for transfer to competing services. Object rights allow you to prevent marketing communications, certain automated processing, and specific data uses. You may withdraw consent to communications at any time through opt-out mechanisms, and such withdrawals do not affect previously processed data. Individuals may lodge complaints with the Information Regulator if they believe their rights have been violated. We will respond to legitimate requests without unreasonable delay and maintain confidential handling of sensitive requests.

7. Data Retention and Compliance with South African Legislation

We retain personal information for the minimum duration necessary to fulfill stated purposes while respecting legal and regulatory requirements applicable to South African licensed operators. Account information remains stored throughout your membership and for seven years following account closure to satisfy anti-money laundering obligations under the Financial Intelligence Centre Act. Transaction records are maintained for the same seven-year period to enable regulatory compliance and dispute resolution. Identity verification documents are retained for five years following final transaction completion. Marketing communication preferences are maintained indefinitely unless you request deletion. Technical logs and cookies are retained for ninety days unless involved in active security investigations. Biometric data from optional authentication is deleted immediately after verification unless explicitly retained by user consent. This policy complies with the Protection of Personal Information Act regarding data minimization and storage limitation principles. The National Gambling Board may require extended retention of specific records for investigative purposes. Upon account deletion request, we will remove all information except legally mandated retention categories, which we will anonymize and segregate from active systems. We conduct annual data audits to identify and securely destroy information exceeding retention requirements. Users may request confirmation of data destruction following retention periods. International data transfers comply with POPIA’s chapter on transborder information flows and only occur to jurisdictions offering equivalent protection.

Last updated: January 19, 2026