Privacy Notice

Last updated: January 2026. This Privacy Notice applies to all players and visitors of the Cazeus Casino platform.

Who We Are and How to Contact Us

Cazeus Casino is operated by the entity named in our licence documentation, which is available in the footer of this website. We are the data controller for all personal information collected through the Cazeus platform - meaning we determine the purposes and means by which your personal data is processed.

We take data protection seriously as a fundamental obligation, not merely a regulatory checkbox. The trust you place in us when you provide your personal information is something we treat with the highest degree of responsibility.

If you have any questions about this Privacy Notice, about how we handle your data, or if you wish to exercise any of your rights, you can contact our Data Protection Officer via the contact details available on our Contact page. We will acknowledge data protection enquiries within 72 hours and provide a substantive response within 30 days of receipt, in accordance with our legal obligations.

What Personal Data We Collect

We collect personal data in several ways: directly from you when you register an account or use the platform, automatically as you interact with our website and services, and from third-party sources where we are legally required or permitted to do so.

Data you provide directly:

• Registration information - full name, date of birth, email address, home address, phone number and chosen username
• Identity verification documents - copies of government-issued photo ID and proof of address, collected as required by our KYC obligations
• Payment information - bank account details, debit card information or e-wallet identifiers used for deposits and withdrawals (note: full card numbers are processed by our PCI-DSS compliant payment partners, not stored by us directly)
• Communications - the content of messages you send to our support team, emails, chat transcripts and any information you volunteer when contacting us
• Responsible gaming preferences - any limits, restrictions or self-exclusion requests you make through the platform

Data collected automatically:

• Technical data - your IP address, browser type and version, operating system, device identifiers and connection information
• Usage data - pages visited, time spent on each page, links clicked, game sessions played, betting history and feature interactions
• Cookie data - information stored on your device by the cookies and similar technologies we operate (detailed in Section 6 below)

Data from third parties:

• Identity verification services - results from electronic ID checks performed by our verification partners to confirm your identity
• Credit reference and fraud detection agencies - where required under our anti-money laundering obligations or to detect and prevent fraudulent activity
• Responsible gaming databases - checks against self-exclusion registers where we are required or permitted to do so

Why We Collect Your Data and Our Legal Basis

Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following bases depending on the purpose of the processing:

• Performance of a contract: Processing necessary to create and manage your account, process deposits and withdrawals, and provide access to games and features.
• Legal obligation: Processing required to comply with our regulatory obligations, including age verification, Know Your Customer checks, Anti-Money Laundering procedures and responsible gaming requirements imposed by our gaming licence.
• Legitimate interests: Processing for purposes such as fraud prevention, platform security, improving our services and communicating with you about your account - where these interests are not overridden by your fundamental rights.
• Consent: Processing for marketing communications and non-essential cookies, where we have obtained your prior consent. You can withdraw this consent at any time.

How We Use Your Data

We use the personal data we collect for the following purposes:

• Account management: Creating, verifying, operating and maintaining your player account
• Service delivery: Processing your bets, deposits and withdrawals; providing access to games; delivering bonuses and promotional offers you have opted into
• Identity and age verification: Confirming that you are who you say you are and that you meet the minimum age requirement to gamble legally
• Regulatory compliance: Meeting our obligations under gaming regulations, anti-money laundering law and data protection legislation
• Fraud and security: Detecting, investigating and preventing fraudulent accounts, payment fraud and any attempt to circumvent our security systems
• Responsible gaming: Monitoring for indicators of problem gambling, enforcing account limits and self-exclusion requests, and providing access to support resources
• Customer support: Responding to your queries, resolving disputes and improving our support processes
• Platform improvement: Analysing how players use the platform to identify improvements, fix technical issues and develop new features
• Marketing communications: Where you have consented, sending you relevant promotional offers, game recommendations and news about Cazeus - you can unsubscribe at any time

We do not sell your personal data to third parties for their own marketing purposes. This is an absolute policy at Cazeus, not subject to commercial pressure or exceptions.

Sharing Your Data with Third Parties

We share your personal data only where necessary and only with parties bound by appropriate confidentiality and data protection obligations. The categories of third parties we may share data with include:

• Payment processors: To facilitate your deposits and withdrawals securely. These processors are PCI-DSS compliant and operate under data processing agreements with us.
• Identity verification providers: Electronic KYC services that verify your identity documents and check against relevant databases as required by our licence.
• Gaming software providers: Game developers whose titles appear on our platform may receive technical data necessary to serve you the game (such as your session identifier). They do not receive your name, payment details or other identifying information beyond what is operationally necessary.
• Fraud prevention and AML services: Third-party agencies that help us detect suspicious activity and meet our anti-money laundering obligations.
• Customer support platforms: Software tools that power our live chat and email support systems, which process the content of your communications with our team.
• Analytics providers: Tools that help us understand aggregate patterns of platform usage. We configure these tools to anonymise or pseudonymise data wherever possible.
• Regulatory authorities: We may be required to disclose data to the relevant gambling regulatory body, law enforcement agencies or courts in response to a lawful request or legal obligation.

All third-party processors are subject to written data processing agreements that impose obligations equivalent to those placed on us under UK GDPR. Where data is transferred outside the United Kingdom, we ensure appropriate safeguards are in place in accordance with UK data transfer rules.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate and improve the Cazeus platform. A cookie is a small text file stored on your device by your browser at the request of a website. Some cookies are essential to the functioning of the site; others are optional.

Essential cookies - these are necessary for the platform to work at all. They manage your session, maintain your login state and enable core security functions. You cannot opt out of essential cookies without ceasing to use the platform.

Performance cookies - these track how you use the site (pages visited, time on page, error messages encountered) to help us identify and fix problems. The data collected is aggregated and does not identify you individually.

Functional cookies - these remember your preferences, such as language settings or game filter selections, to provide a more personalised experience.

Marketing and targeting cookies - where you have consented, these allow us and our advertising partners to show you relevant content and measure the effectiveness of our marketing. You can withdraw your consent for these cookies at any time via the cookie preference centre accessible from the footer of our site.

We do not use cookies to collect sensitive personal data such as your financial information, identity documents or health data.

Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, subject to regulatory minimum retention periods. For active accounts, your data is retained for the duration of your relationship with Cazeus and for a period thereafter as required by law.

Under anti-money laundering legislation, we are required to retain certain account and transaction records for a minimum of five years following the end of the customer relationship. This retention period is a legal obligation and cannot be shortened on request.

Marketing preferences and communication records are retained for a shorter period, aligned with the reasonable expectation that they remain relevant. Where data is no longer needed and no legal obligation requires its retention, it is securely deleted or anonymised.

If you close your Cazeus account, we will begin the process of deleting or anonymising your personal data in accordance with this schedule. We will confirm the completion of this process upon request.

Your Rights Under UK GDPR

As a data subject under UK GDPR, you have a number of rights in relation to the personal data we hold about you. These rights are:

• Right of access: You can request a copy of all personal data we hold about you. This is sometimes called a Subject Access Request (SAR). We will respond within 30 days.
• Right to rectification: If any data we hold about you is inaccurate or incomplete, you have the right to request that we correct it.
• Right to erasure: You can request that we delete your personal data in certain circumstances - for example, where we no longer need it for the purpose it was collected. Note that legal obligations may prevent us from fulfilling erasure requests for certain categories of data.
• Right to restrict processing: You can request that we limit how we use your data in specific circumstances, such as while a dispute about accuracy is resolved.
• Right to data portability: Where processing is based on your consent or on a contract, you can request your data in a structured, commonly used and machine-readable format.
• Right to object: You can object to processing based on our legitimate interests, including profiling, and to the use of your data for direct marketing.
• Rights related to automated decision-making: You have the right not to be subject to a decision based solely on automated processing that produces a significant effect on you, and to request human review of such decisions.

To exercise any of these rights, please contact our Data Protection Officer via the details on our Contact page. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection supervisory authority, at ico.org.uk if you believe we have not handled your data appropriately.

How We Keep Your Data Safe

We implement a range of technical and organisational security measures to protect your personal data from unauthorised access, disclosure, alteration or destruction. These measures include:

• Encryption of personal data in transit using TLS (Transport Layer Security) and at rest where appropriate
• Access controls ensuring that only authorised personnel can access your account information, on a strict need-to-know basis
• Regular penetration testing and security audits of our platform infrastructure
• Staff training on data protection obligations and secure data handling practices
• Incident response procedures enabling us to detect, contain and report data breaches within the timeframes required by law

No digital system is entirely without risk. If we become aware of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you directly and report the breach to the ICO as required by law.

Changes to This Notice

We may update this Privacy Notice from time to time to reflect changes in our practices, our services or legal requirements. The "Last updated" date at the top of this page indicates when the most recent revision was made.

For significant changes - particularly those that affect how we use your data in ways that are meaningfully different from what you originally consented to - we will notify you directly by email or via a prominent notice on the platform before the changes take effect. You will always have the opportunity to review any significant changes and, where applicable, to withdraw consent if you do not agree.

Continued use of the Cazeus platform following the effective date of any update to this notice constitutes your acknowledgement of the revised terms. If you have any questions about a change, please do not hesitate to contact us before it takes effect.