Fun That Never Ends!
The Next Spin Wins!
eCOGRA has checked the published data collection principles to make sure they are fully in line with GDPR. This means that every transaction and log-in is protected by 256-bit SSL encryption. Security protocols stop people from getting in who shouldn't be able to and check who they are at every step of access. Only licensed staff can access account data, and sensitive actions or changes must be done with two-factor authentication. Personal information is kept separate from gaming history, which reduces exposure. Every year, we check to make sure that all of our third-party partners are following the rules and sign agreements that say they won't share any of our data. You can manage permissions with self-service preferences. You can choose not to receive non-essential communications, ask for a copy of your information, or delete it permanently according to legal retention periods. Transparent logs show how data flows and give people a way to get in touch with you if they have privacy concerns or requests. Following the rules set by the UK Gambling Commission and the MGA makes sure that information handling practices are always up to date. Monthly vulnerability scans and yearly penetration tests keep things running smoothly. Full documentation of practices is available upon demand for user review.
During registration, users are prompted to provide data such as full name, residential address, date of birth, email, and contact number. Identity verification documents, including government-issued IDs and utility bills, may be requested to comply with legal requirements and verify user legitimacy. Information about deposits, payouts, transactions, and gaming activity is kept track of. Technical systems automatically gather information about the type of device, the IP address, the browser version, and the times of access. The goal of this technical data is to improve the user experience and find people who are trying to get in without permission. Data that is collected is used to create accounts, approve payments, give bonuses, and provide targeted support. To keep minors from using the platform, stop fraud attempts, handle requests for self-exclusion, and report suspicious actions to the authorities if the law requires it, some personal information is necessary. Information given is kept only as long as required. All steps use advanced encryption protocols. Users can ask the support team to make changes or updates to their stored data, but only after their identity has been confirmed.
TLS (Transport Layer Security) with at least 256-bit encryption is used to send all sensitive information, such as payment transactions and personal identifiers. Advanced cryptographic standards, like AES-256, protect information stored on servers even more, lowering the risks that come with unauthorized interception.
Personal records are compartmentalized within protected databases. Only authorized personnel operating with multi-factor authentication (MFA) are permitted to access specific datasets. Each access event is fully logged and regularly audited, ensuring traceability and accountability.
Independent security experts do penetration tests every three months and code audits every month. Any vulnerabilities that are found are fixed according to industry-standard timelines, with the most serious ones getting the most attention.
Internationally accepted principles of information security management are followed in internal processes. Ongoing training programs for employees teach them the best ways to handle data and warn them about the newest social engineering and phishing schemes that target gaming platforms.
All financial transactions go through PCI-DSS-compliant systems, which don't allow full credit card numbers to be stored on operational infrastructure. When you send in your payment information, it is tokenized, which means that the real card data never goes to places that aren't secure.
Only the necessary information is collected, and there are strict rules about how long it can be kept. Records that aren't needed are either deleted or anonymized using secure wipe methods, which makes exposure even less likely.
A group that responds quickly keeps an eye on systems all the time. If something suspicious happens, access to the user may be temporarily blocked while a full investigation is done. Local laws require that stakeholders get notifications on time.
Cookies facilitate the smooth operation of our platform by storing user-specific data, authenticating activities, and personalizing content. We implement various types of cookies, each designed for specific objectives and authorized by applicable international and local standards.
| Type | Purpose | Lifespan | Control Options |
|---|---|---|---|
| Session | Maintains authentication, tracks actions while logged in | Erased after closing browser | Disabling may cause logout issues |
| Functional | Remembers preferences such as language, region, and interface settings | Up to 12 months | Edit through account settings or browser tools |
| Analytical | Collects anonymous statistics for improvement of site structure and usability | 1–24 months | Opt out via privacy options or browser add-ons |
| Marketing | Supports tailored offers, retargeting, and ad frequency management | 1–12 months | Manage via consent form or browser privacy controls |
Users can adjust cookie settings at any time using their browser interface, or by utilizing the account dashboard to limit non-essential tracking. Disabling certain categories may restrict access to personalized features, but core functionality remains unaffected. To permanently remove saved cookies, use the clear browsing data function in your browser. For third-party tracking (e.g., analytics providers), please refer to their opt-out methods as specified in their own documentation. Consent is always requested prior to deploying any optional cookies. Regular audits ensure compliance with applicable regulations, such as the General Data Protection Regulation (GDPR) and national data protection acts. Detailed information about each category, including their providers and expiration, is available on request via our support channel. To enhance transparency, all changes to this section will be reflected with a timestamp. Review this area regularly to stay informed about changes relating to online activity tracking and management.
Players retain the ability to review personal account data stored on the platform at any time. Upon a verified request, individuals may obtain a copy of profile, transaction history, and communication logs. All requests are processed within thirty days, in compliance with regulatory timelines. Users wishing to remove personal details may initiate an account deletion process via dedicated contact channels provided in the account dashboard. Identification will be required to confirm the authenticity of the request. Deletion covers registration information, deposit records, and correspondence, unless retention is mandated by supervisory authorities or legal frameworks such as anti-money laundering protocols. If partial erasure is preferred, like leaving out financial transactions needed for tax purposes, clear explanations will be given about what information can and cannot be removed. If it doesn't conflict with legal obligations, persistent identifiers used only for analytical purposes can also be reviewed and deleted upon request. People can change their contact information or privacy settings right in their account settings. This gives them control over how they want to be marketed to and how they want to communicate. Any changes to wrong information are made right away. If someone thinks their request for access or removal hasn't been handled correctly, they can get help on how to take the issue to the data supervision authorities. If you have any questions about managing your personal data, you can get in touch with a helpful support team by email or secure message. They will give you clear instructions that are specific to your situation.
Personal information may be transferred to external parties only under strictly defined circumstances. Data transfers only happen for processing transactions, following the law, finding fraud, doing analytics, and helping customers. Each recipient has to follow the rules of the contract, which say that they must keep the data private and only use what they need.
Payment processors, software suppliers, and marketing agencies only get data that they need to process payments, deliver gaming content, or run advertising campaigns. Before any data can be shared, each partner must show proof of their security measures in writing.
Personal information is only shared with authorized authorities when the law requires it, like with anti-money laundering laws or court orders. We keep track of all these disclosures and let the people who are affected know when the law allows it.
Third parties keep shared information only as long as they need it for the original purpose. Contracts require that data be securely deleted or anonymized after processing.
International transfers are only allowed if the country receiving the data has the right level of data protection, as determined by the relevant data protection authorities. Standard contractual clauses are implemented where necessary.
User information is not monetized or traded to external entities under any circumstances. Data monetization through sale or barter is strictly prohibited. For additional transparency, a full list of categories of third-party recipients is available upon written request, specifying the nature, justification, and legal basis for each instance of data sharing. Users are encouraged to monitor communications for notifications regarding any material updates in data handling or third-party partnerships.
Personal data is maintained no longer than required by applicable gaming, anti-fraud, and financial regulations. Anti-money laundering rules and tax laws say that account-related information must be kept for up to five years after the end of the business relationship. This required time frame also includes transactional records, verification documents, and communications.
Once the legal retention period is over, data is either deleted or made anonymous in a systematic way. We use secure deletion methods to make sure that records can't be put back together or found. Backup archives are updated on a regular basis so that old user data is completely removed from both primary and secondary storage systems.
When users ask to have their accounts closed and their information deleted, all non-essential data is deleted unless the law says it has to be kept. Automated tools keep track of requests to delete things and make sure that things are really gone. They also let users know when the process is done.
If you want your account to be deleted quickly, you need to deactivate it and fill out a special deletion request form. To avoid lawful retention overrides, any identification or outstanding balances that need to be taken care of must be done ahead of time. All rules for keeping and deleting data follow the privacy laws and oversight rules that apply in the areas where they are allowed.
You can control what information you share and how it is used by changing the settings on your account. You can make your experience more personal by following these steps to manage your preferences:
If you need help or can't get to the site, you can reach the customer care team through secure channels on the platform.
Bonus
for first deposit
1000CAD + 250 FS
Switch Language
