Privacy Policy
Effective date: May 6, 2025
Plain purpose: This Privacy Policy explains how Boo Casino (“Boo Casino”, “we”, “our”, “us”) collects, uses, shares, and protects your personal information when you visit our website, create an account, use our services, or interact with our support. It also describes your privacy rights and how to exercise them. Replace the bracketed placeholders with your actual company and postal details before publishing.
Eligibility and age
Our services are intended for adults only. You must meet the minimum legal gambling age in your jurisdiction (typically 18+, or higher where required). We do not knowingly collect data from minors. If you believe a minor has provided personal data to us, contact us immediately so we can delete it.
Personal data we collect
We collect information in three main ways: you provide it, we collect it automatically, and we receive it from third parties (for example, identity verification providers). The type of data depends on how you use the site.
Data you provide directly
- Account details: name, date of birth, country, address, email, phone, username, password.
- KYC/AML verification: identity documents (e.g., passport, ID card), proof of address, and information required by law to verify identity, prevent fraud, and comply with anti-money laundering (AML) obligations.
- Payments: transaction history, chosen payment method details (masked where possible); we do not store full card data if processing is handled by third-party providers.
- Support communications: messages, chat transcripts, attachments, feedback, and dispute information.
- Marketing choices: your preferences for email, SMS, push notifications, and in-app messages.
Data collected automatically
- Device and usage data: IP address, device identifiers, browser type, operating system, language, pages viewed, links clicked, session duration, time stamps, and performance metrics.
- Cookies and similar technologies: session cookies (required for login and security), preference cookies (remember choices), analytics cookies (site performance and usage). See “Cookies & analytics” below.
- Approximate location: derived from your IP address to comply with licensing and regional restrictions.
Data from third parties
- Verification and compliance partners: identity checks, sanctions and politically exposed person (PEP) screening, fraud prevention signals.
- Payment providers: confirmation of deposits/withdrawals, chargeback status, and limited details needed to reconcile transactions.
- Marketing/analytics platforms: aggregate audience and campaign performance data, where applicable and permitted.
Why we process your data (legal bases)
We use your information for the purposes below. Where required by law (e.g., GDPR/UK GDPR), we rely on one or more legal bases, such as contract, legal obligation, legitimate interests, consent, or vital/public interest as applicable.
- Provide the service: create/manage your account, enable gameplay, process payments and withdrawals, provide support (Contract).
- Compliance: verify identity (KYC), prevent fraud and money laundering, comply with licensing and regulatory requirements, respond to lawful requests (Legal obligation).
- Security: protect accounts, detect suspicious activity, maintain platform integrity (Legitimate interests / Legal obligation).
- Improve and personalize: analyze usage, fix bugs, optimize features, show relevant content (Legitimate interests; where required, Consent).
- Marketing: send offers and updates if you opt in; you can opt out at any time (Consent / Legitimate interests, depending on jurisdiction).
- Record-keeping: maintain accurate logs for audits, disputes, and regulatory reporting (Legal obligation / Legitimate interests).
Cookies & analytics
We use cookies and similar technologies to run our site, keep you logged in, remember preferences, and understand how features are used. Some cookies are essential and cannot be switched off; others are optional and can be managed through our cookie banner or your browser settings.
| Category | Purpose | Examples | Retention |
|---|---|---|---|
| Essential | Authentication, security, load balancing | Session ID, CSRF token | Session or short-term |
| Preferences | Language, region, UI choices | Locale setting, last lobby view | Until cleared or expiry |
| Analytics | Performance and usage insights | Page views, feature usage | 3–24 months (varies) |
| Marketing (optional) | Measure campaigns, personalize offers | Attribution, engagement | As configured / until opt-out |
Do Not Track: Some browsers send a “Do Not Track” signal. Our platform may not respond to DNT signals due to a lack of standardized guidance. You can manage cookies directly via our consent tools and your browser.
How we share information
We share personal data only as needed and with appropriate safeguards:
- Payment processors and banks to process deposits and withdrawals.
- KYC/AML and fraud-prevention providers to verify identity and meet regulatory obligations.
- Technology vendors (hosting, security, analytics, customer support tools) to operate the platform.
- Affiliates and group companies for internal administration, consistent service, and compliance.
- Authorities and regulators where required by law, licensing, court order, or to protect rights and safety.
- With your consent or at your direction, including for specific promotions or features.
We do not sell your personal information. Where local law defines “sell” or “share” to include certain advertising activities, you may have the right to opt out—see “Your rights”.
International data transfers
Your information may be transferred to and processed in countries other than your own. Where required, we use appropriate safeguards—such as Standard Contractual Clauses (SCCs) or equivalent mechanisms—to protect your data during cross-border transfers.
Data retention
We keep personal data for as long as necessary to provide the service and meet legal, tax, anti-fraud, and AML record-keeping requirements. Typical retention periods include:
- Account and transactional data: for the life of the account and for a statutory period after closure (e.g., 5–10 years, depending on law).
- KYC/AML records: as required by AML and licensing regulations.
- Support logs and security events: for reasonable periods to investigate issues and protect the platform.
When retention ends, we securely delete or anonymize the data.
Security
We implement administrative, technical, and physical safeguards to protect your information (encryption in transit, access controls, monitoring, least-privilege practices). No system is perfectly secure; report any suspected security issues to [email protected] so we can investigate promptly.
Your privacy rights
Depending on your location, you may have some or all of the rights below. We will not discriminate against you for exercising your rights.
- Access: request a copy of your personal data.
- Correction: ask us to fix inaccurate or incomplete data.
- Deletion: request deletion of your data, subject to legal exceptions (e.g., AML retention).
- Restriction/Objection: ask us to limit or stop certain processing.
- Portability: receive your data in a structured, commonly used format.
- Withdraw consent: where processing is based on consent (e.g., marketing), withdraw it at any time.
- Marketing choices: opt out of marketing emails/SMS/push using in-message links or account settings.
- Cookie choices: manage non-essential cookies via our consent tools.
EEA/UK
If you are in the EEA or UK, you also have the right to lodge a complaint with your local data protection authority. Where we rely on legitimate interests, you can object if you believe your interests outweigh ours.
Australia
If you are in Australia, we handle personal information in accordance with the Privacy Act 1988 and the Australian Privacy Principles (APPs). You may contact us with privacy questions or complaints; if you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC).
United States (state laws)
Depending on your state, you may have additional rights (e.g., access, deletion, correction, portability, and the right to opt out of “sale” / “share” of personal information or targeted advertising). Use the contact methods below to exercise these rights.
Marketing communications
We may send marketing communications if you have opted in or where permitted by law. You can opt out anytime via the unsubscribe link or in your account settings. Transactional and service messages (e.g., password resets, KYC, payout notices) are not marketing and you will continue to receive them.
Automated decision-making
We may use automated tools to detect fraud, manage risk, or meet AML obligations. If required by law, you can request human review of decisions that significantly affect you.
Links to third-party sites
Our site may link to third-party websites or services. Their privacy practices are governed by their own policies, not ours. Review them carefully before providing personal data.
Changes to this policy
We may update this Privacy Policy from time to time. We will post the new version with an updated “Effective date” and, where required, notify you via the website, email, or in-app message. Your continued use of the services after an update indicates acceptance of the revised policy.
Contact us
If you have questions about this Privacy Policy or wish to exercise your rights, contact us:
- Email (privacy): [email protected]
- Security: [email protected]