Your Turn for Luck!
Every Bet, More Excitement.
We only collect email addresses, contact information, and financial data to verify accounts, make transactions easier, and provide support. All records are stored on secure servers in the European Economic Area and are encrypted.
Information is only shared with trusted payment processors or legal authorities when the law requires it or to process withdrawal requests. We do regular security checks on all of our outside partners, and they all have signed agreements to keep things private.
We use cookies to improve site performance, make gameplay smoother, and customise content by accessing session identifiers and device information. You can change your cookie preferences at any time in your account settings.
People under 18 are not allowed to register at all. Strong verification steps keep kids from being able to use this site. We suspend any account that looks like it belongs to a minor right away while we look into it.
To change your communication preferences, fix your personal information, or permanently delete records, send a request to the Data Protection Officer through the contact page. Concerns or objections regarding information handling will be addressed within 30 days. For detailed information about record management practices, encryption protocols, and legal bases for processing, download the full document or contact support for tailored advice.
All account information provided during registration or while using website services is stored within European Economic Area (EEA) borders unless strictly required otherwise by law. Any transmission outside the EEA undergoes rigorous review and complies with current GDPR requirements. Before any transfer outside these jurisdictions, an assessment of the recipient’s safeguards is performed, guaranteeing a comparable protection standard. We don't share any personal information with outside parties for marketing purposes unless we get clear permission through opt-in forms. Detailed contracts govern partnerships with approved payment processors, customer verification services, and tools to stop fraud. These contracts require encryption, timely data deletion, limited staff access, and regular checks to make sure that all legal standards are being followed. By sending in a verified support ticket, users can ask for a list of all the people who got their account information within 30 days. This process makes things clear and helps people use their control rights as defined by the law.
Registration uses a strong set of security measures to keep client information private. All registration pages use TLS 1.3 encryption with strong cypher suites. Every three months, third-party audits and penetration tests check that this is still true. End-to-end cryptographic protocols are used to send sensitive information like full name, date of birth, address, and payment information, so no data is exposed while it is being sent. Access controls are strictly enforced at every point of contact. Only people who have been given permission and have passed a multi-factor authentication test can see client records. All actions are logged so that they can be traced. A policy of data minimisation is in place, which means that only the information needed to follow the rules is gathered. Personal information is stored on dedicated, hardened servers that are separate from all web-facing systems. All records are encrypted at the hardware level using AES-256. Backups are encrypted while they are being sent and while they are stored, and they are always being watched and looked for problems in real time. Anti-fraud systems automatically flag registration attempts that look suspicious. IP whitelisting, device fingerprinting, and CAPTCHA technologies work together to stop people from making accounts without permission or automatically. Any unusual activity that is found will cause the account to be suspended right away and reviewed by hand. Clients should choose strong, one-of-a-kind passwords. Rate limits that can be changed and automatic lockouts after too many failed logins protect the fields where passwords are created from brute-force attacks. Bcrypt hashes passwords with a unique salt for each user, and they are never stored in plain text or sent by email.
| Putting the protection method into action | Details |
|---|---|
| Transport Security | TLS 1.3, encrypted data paths, and regular audits |
| Storing Data | AES-256 encryption and separate secure servers |
| Controls for Access | MFA, activity logging, and role-based access |
| Preventing Fraud Checks | on devices, CAPTCHA, and IP risk scoring |
| How to Handle Passwords | Bcrypt hashing, limiting the number of requests, and lockout rules |
This multi-layered approach makes sure that the private information of participants is never in danger from outside threats or inside misuse during the account setup process. Regular security training and compliance checks maintain a culture of vigilance and accountability throughout the company.
All financial activities executed on the platform rely on robust cryptographic mechanisms to guard transactional integrity and prevent third-party interception. 256-bit TLS (Transport Layer Security) protects the information that browsers and servers send to each other. This stops eavesdropping and unauthorised changes to data. PCI DSS Level 1 certified processors work with payment gateways. This keeps the cardholder's information safe while they make deposits and withdrawals. For extra security, session keys are automatically renegotiated every time you log in and renewed after a set amount of time. End-to-end encryption protects sensitive tasks like transferring money and verifying accounts. This means that only the systems that need to see the information can read it. When choosing third-party payment processors, only well-known companies that use AES-256 encryption and tokenisation are chosen. All money transfers require two-factor authentication and encrypted connections to lower the risks of unauthorised access. If users want extra protection, they should turn on hardware security keys or one-time password generators. Before you enter any payment information, make sure that a padlock icon is in the address bar. This means that a secure TLS connection is active. Regular security audits with the best vulnerability scanners check that encryption algorithms, cypher suites, and certificates meet current security standards and follow the rules set by the EU GDPR and the UKGC.
When users set up their accounts and at each major interaction point that involves sensitive information, they are given clear choices about whether or not to allow the collection and use of their information. You can always check and change your consent preferences through the account settings dashboard. Every request for consent comes with clear explanations that spell out the types of information involved, the level of access, and the intended uses. When a user withdraws their agreement, it is processed right away, and all non-essential processing stops within 24 hours. Only authorised personnel with role-based rights can see personal records. This is enforced through multi-factor authentication and detailed activity logs. Any attempt to access the system outside of set procedures sends an immediate alert to system administrators and starts a security review. Audit trails are kept for at least seven years, which makes it possible to find out what happened during all access events. By sending a formal request through the contact interface, users can get a copy of the records related to their account and the names of third parties with whom information has been shared. The platform lets you control your marketing communications and sharing preferences in great detail. You can set up opt-in and opt-out options for every communication channel and use case. You can start requests for deletion, restriction, or correction using special online forms. These requests are finished within the time limits set by law, and you will get a confirmation when they are done.
The current email address and phone number are only for communication and account recovery. These are never used for outside marketing without clear, revocable permission.
PCI DSS rules say that only transaction records and important card information can be kept. We don't keep or use sensitive payment information after we approve a transaction.
The type of device, browser version, and IP address that were logged are used to find fraud and keep accounts safe. Tracking is turned off when it isn't needed for the platform to work. There is no collecting of extra behavioural data or making profiles for ads that aren't related. We regularly check all forms, input fields, and contact requests to make sure that we only ask for the bare minimum of information. Users can easily access, change, or delete their personal records through a dedicated support section. Regular reviews make sure that the company follows regional data minimisation laws and industry best practices.
Only ask for information that is required during registration or payment. You can leave optional fields blank, and you can change your consent options at any time in your profile settings.
Bonus
for first deposit
1000CAD + 250 FS
Switch Language
