Privacy Policy

Last updated: March 2026 · GDPR Compliant · ICO Registered

We take your privacy seriously. This policy explains what personal data we collect at Pitbet Casino, why we collect it, how we use it, and your rights under UK GDPR and the Data Protection Act 2018. We are registered with the Information Commissioner's Office (ICO) and comply fully with applicable data protection legislation. For questions about your data, contact our Data Protection Officer (DPO) via the support channels in your account. For general data rights advice, ICO.org.uk is the UK's official regulatory authority.

1. Data We Collect

We collect personal data that you provide directly (name, date of birth, address, email, phone number, payment details) and data generated through your use of our platform (login times, game history, transaction records, device information, IP address). We use cookies and similar tracking technologies to maintain your session, personalise your experience, and analyse platform performance. Where we use non-essential cookies, we request your consent. You can manage cookie preferences at any time through your browser settings or our cookie consent manager.

2. Why We Collect Your Data

We process your personal data for the following purposes: (a) Account management and authentication, (b) Processing deposits and withdrawals, (c) Complying with UKGC licensing obligations including KYC and AML, (d) Responsible gambling monitoring and player protection, (e) Customer support, (f) Marketing communications (where you've consented), (g) Fraud prevention and security monitoring, (h) Legal compliance and regulatory reporting. Each processing activity has a lawful basis under UK GDPR — legitimate interests, contractual necessity, legal obligation, or consent as appropriate.

3. How We Share Your Data

We don't sell your personal data to third parties. We share data only where necessary: with payment processors to facilitate transactions, with game providers who operate software on our platform, with identity verification services for KYC compliance, with the UKGC and law enforcement where required by law, and with our ADR provider in the event of a formal dispute. All third parties we share data with are contractually bound to process it only for specified purposes and to maintain appropriate security standards. For responsible gambling monitoring, data may be shared with GAMSTOP as required by our licence. BeGambleAware provides guidance on how responsible gambling data sharing works.

4. Data Retention

We retain account data for 5 years after account closure, in line with UKGC licence conditions and anti-money laundering regulations. Transaction records are retained for 7 years for accounting compliance. After the applicable retention period, data is securely deleted or anonymised. You may request early deletion of marketing data at any time by unsubscribing or contacting us. Core account data cannot be deleted before the mandatory retention period expires due to regulatory obligations.

5. Your Rights Under GDPR

Under UK GDPR, you have the following rights regarding your personal data: Right to Access (request a copy of your data), Right to Rectification (correct inaccurate data), Right to Erasure (request deletion where no legal obligation to retain applies), Right to Restrict Processing (limit how we use your data), Right to Data Portability (receive your data in a machine-readable format), Right to Object (object to processing based on legitimate interests), Right to withdraw consent for marketing at any time. To exercise any of these rights, contact our DPO via the support channels in your account. We respond to all data requests within 30 days.

6. Security

We use 256-bit SSL encryption on all data transmissions. Stored data is encrypted at rest. Access to personal data within our organisation is limited to staff who require it for their specific role. We conduct regular security audits and penetration testing. In the event of a data breach that poses risk to your rights and freedoms, we will notify the ICO within 72 hours and notify affected individuals without undue delay. We have an incident response plan and regularly test our security protocols.

7. Contact & Complaints

For any data protection queries, contact our Data Protection Officer via live chat or email through your account dashboard. If you believe we've mishandled your data and we've been unable to resolve your concern, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.