GbetCASINO

Legal

Privacy Policy

Last updated: May 2026

We respect your privacy. This Policy explains what personal data we collect, why, and how we protect it — in line with the GDPR.

1. Who we are

Gbet Casino is operated by Gbet Casino Holdings Ltd (registered in Curaçao). For privacy questions write to dpo@gbet.casino.

2. What we collect

  • Account data — name, email, password (hashed), date of birth, country, phone
  • Identity verification — ID document, proof of address (KYC)
  • Financial data — payment method details, transaction history, balance
  • Activity data — games played, bets, time spent, device and browser data
  • Communications — support tickets, chat messages, marketing preferences

3. Why we use your data

  • To operate your account and process bets, deposits and withdrawals
  • To verify your identity and comply with anti-money-laundering laws
  • To detect and prevent fraud, problem gambling and account takeover
  • To send service emails (transactional) and, with your consent, marketing
  • To improve the Service through aggregated analytics

4. Legal bases (GDPR Art. 6)

We rely on the following lawful bases: contract performance (running your account), legal obligation (AML / responsible gambling), legitimate interest (fraud prevention, product analytics) and consent (marketing communications, optional cookies).

5. Sharing your data

We never sell your data. We share only with carefully selected processors:

  • Payment providers (Visa, Mastercard, Skrill, Neteller, crypto processors)
  • KYC / identity providers
  • Cloud hosting and customer-support tooling
  • Regulators when legally required

6. Retention

We retain your data for as long as your account is active plus the period required by gambling regulation (typically 5 years after account closure for AML records).

7. Your rights

Under the GDPR you can request access, correction, erasure, restriction, portability and to object to processing. Email dpo@gbet.casino. You can also lodge a complaint with your local data protection authority.

8. Security

We use TLS 1.3 in transit, AES-256 at rest, strict access controls, regular penetration testing and 24/7 monitoring. Passwords are stored as bcrypt hashes — never in plain text.

9. International transfers

Some processors are located outside the EEA. Where this is the case, we rely on Standard Contractual Clauses approved by the European Commission to protect your data.

10. Updates

Material changes will be communicated by email at least 14 days before they take effect.