Donbet Casino Privacy Policy

Donbet Casino Privacy Policy explains what personal data we collect, how we store and protect it, and your rights under UK GDPR and the Data Protection Act 2018.

What data do we collect?

When you register we collect your name, email address, date of birth, home address, telephone number and chosen password. During KYC verification we additionally collect proof of identity, proof of address and proof of payment method. While you use the site we log your IP address, device information, browser type, language setting and session times so that we can detect fraud and improve the platform.

Gaming data includes placed bets, games played, transaction history and bonus activity. Communications with our customer support team are recorded for quality and compliance purposes. Cookies and similar technologies gather additional analytics data that cannot be traced back to personal identification beyond what is described above.

How do we use that data?

Account management is the primary purpose: without identification we cannot open an account, process deposits or approve withdrawals. Fraud prevention and anti-money laundering checks require device and IP analysis along with verification of payment methods. Marketing communications are only sent after you have explicitly opted in, and you may withdraw that consent at any time via your account settings.

We do not share your data with third parties for commercial purposes without your consent. We do share the minimum necessary information with our payment processors, KYC providers, gambling licence regulators and legally required authorities such as tax offices and anti-money laundering units in the jurisdictions where we operate. Game providers receive anonymised play data to improve their products.

What are your rights under UK GDPR?

The right of access entitles you to a full copy of everything we hold about you, provided free of charge within 30 days of your request. The right to rectification allows you to correct inaccurate data. The right to erasure, often called the right to be forgotten, applies to data we are no longer legally required to retain; under anti-money laundering rules that minimum retention period is five years after account closure.

The right to data portability lets you transfer your data in a standard format to another service. The right to object lets you contest specific processing purposes such as marketing. Requests should be sent to privacy@don-bet.net and we will respond within 30 days. If you are unhappy with our response you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

How long do we retain your data?

Account data and transaction history are retained for a minimum of five years after your last activity, in line with international anti-money laundering obligations. KYC documents are held in encrypted storage with access restricted to the compliance team. Support communication recordings are kept for 12 months unless a longer period is needed for an ongoing matter.

Cookies each have their own retention period, as described in our Cookie Policy. Marketing data is deleted immediately when you opt out. Anonymised analytics data is retained indefinitely because it can no longer be linked to individual players. On receipt of a formal erasure request, all data not subject to a legal retention requirement is deleted within 30 days.

How do we keep your personal data secure?

All data in transit between your device and our servers is encrypted with TLS 1.3 using strong cipher suites. Data at rest is encrypted using AES-256 in datacentre infrastructure that holds ISO 27001 and SOC 2 Type II certifications. Access to production systems is restricted to a small operations team using hardware security keys and time-bound, audited credentials.

Sensitive KYC documents are stored separately from gameplay and payment data, with retrieval limited to the compliance team and logged at the individual user level. We perform regular penetration testing through independent security firms and run a private bug bounty programme. In the unlikely event of a data breach affecting your personal data, we will notify you and the relevant supervisory authority within 72 hours in line with UK GDPR obligations.

How do international data transfers work?

Donbet Casino operates globally and certain processors are located outside the UK and the European Economic Area. Where personal data is transferred internationally, we rely on the UK International Data Transfer Agreement, the EU Standard Contractual Clauses or transfers to jurisdictions covered by a UK adequacy decision. A list of processors and their locations is available on request through privacy@don-bet.net.

Cookies and analytics services may transfer non-identifying technical data such as IP-derived region and device type. The full breakdown of which third parties receive what data sits on the <Link className="text-primary hover:underline" to="/cookie-policy">Donbet Casino Cookie Policy</Link> page, and you can opt out of any non-essential category through the cookie banner at any time.

How can you exercise your privacy rights?

To request a copy of your data, ask for correction or erasure, withdraw consent or object to a specific processing purpose, email privacy@don-bet.net from the address registered to your account. To prevent fraudulent requests we may ask you to confirm identity through a brief KYC step. Standard responses are issued within 30 calendar days; complex requests may take up to 90 days, in which case we will tell you why within the first 30.

If you would like to close your account first, follow the steps on the <Link className="text-primary hover:underline" to="/close-account">Donbet Casino Close Account</Link> page. If you are unsatisfied with our handling of a privacy matter you may complain to the UK Information Commissioner's Office at ico.org.uk. The full operating rules and dispute escalation path sit on the <Link className="text-primary hover:underline" to="/terms">Donbet Casino Terms</Link> page.

How are updates to this policy communicated?

Donbet Casino reviews this Privacy Policy at least once a year and whenever legal requirements, processors or processing purposes change. Material updates are announced by email to registered players and through an on-site banner that appears on next login. Minor clarifications are made silently with the revised effective date shown at the bottom of this page.

We encourage you to read each updated version. Continued use of Donbet Casino after the effective date of a revised policy indicates acceptance. If you disagree with a change you may close your account at any time and request erasure of any data not subject to a legal retention requirement, as described above.