Privacy policy

This privacy policy describes how Bally Casino processes personal data when you interact with our websites, apps, or related services aimed at the United Kingdom market. It covers what we collect, why we use it, who may receive it, how long we keep it, and the rights you can exercise under applicable UK data-protection legislation.

Data controller

The legal entity responsible for your personal data is identified in our regulatory disclosures and site footer. For privacy-specific correspondence, use the contact details provided on our contact page and mark your enquiry “data protection” so it routes correctly.

Information we collect

Registration and profile

We collect identifiers including name, address, date of birth, email, and telephone number to verify age and identity, meet anti-money-laundering obligations, and communicate service messages.

Financial and gameplay

Deposits, withdrawals, wagers, session times, and bonus participation are recorded for account operation, fraud prevention, and regulatory reporting.

Communications

Chat transcripts, emails, and call logs may be stored to resolve disputes, train staff, and demonstrate compliance, subject to retention rules.

How and why we use data

Processing supports contract performance (running your account), legal obligations (licence conditions), legitimate interests (security, analytics, product improvement), and consent where required (certain marketing). You may withdraw marketing consent without affecting core service processing that does not rely on consent.

Cookies and tracking

We use cookies for essential functions such as login state, preferences, fraud signals, and audience measurement where permitted. Manage non-essential categories through our cookie tools where available; some choices may reset after a period for technical reasons.

Sharing

We disclose data to payment processors, identity vendors, cloud providers, professional advisers, and authorities when legally required. Contracts require recipients to protect information and use it only for specified purposes.

International transfers

If data leaves the UK/EEA, we implement appropriate safeguards such as adequacy regulations or standard contractual clauses, supplemented by assessments where needed.

Retention

Retention periods reflect legal requirements for gambling operators, limitation periods for claims, and legitimate business needs. After expiry, we delete or anonymise data where feasible.

Your rights

You may request access, correction, erasure, restriction, objection, or portability where applicable. Contact us to exercise rights; we may verify identity before responding. You may complain to the ICO. Automated decisions with significant effects receive human review where required by law.

Security

We implement administrative, technical, and physical measures proportionate to risk, including access controls and monitoring. No online service is perfectly secure; report suspected compromise immediately.

Staff access to production data is logged and reviewed. Contractors operate under confidentiality agreements and least-privilege roles. Penetration tests and vulnerability scans run on a schedule, with remediation tracked to completion.

Children

Our services are not directed at minors. We delete data relating to underage individuals if discovered.

Changes

We may update this policy to reflect legal or operational changes. Significant updates will be communicated as required, and the effective date at the top of this page will be revised accordingly.

Where we introduce a new processing purpose that requires consent, we will seek fresh permission before proceeding, except where another lawful basis clearly applies and is documented.