• Home
  • Privacy & Management of Personal Data

Privacy & Management of Personal Data

Scope and Data Controller

Pgebet acts as the data controller for Personal Data processed in connection with the Platform. This Privacy Policy explains which data we collect, how we use it, how we disclose it, and the rights of individuals regarding their Personal Data.

Definitions

Personal Data means any information relating to an identified or identifiable natural person. Processing means any operation or set of operations performed on Personal Data, including collection, storage, use, disclosure, and destruction. Data subject refers to the individual whose Personal Data is processed. We, us, and our refer to Pgebet, the data controller for the Platform.

What Personal Data We Collect

  • Identity and contact information: name, date of birth, postal address, email address, phone number, username.
  • Account information: account status, authentication data (password hashes, authentication methods).
  • Financial information: payment method (card type, last four digits), bank details, transaction history, and payout records.
  • Gameplay and device data: IP address, device type, operating system, browser, language, login times, geolocation where permitted, and usage metrics.
  • KYC/AML data: government-issued identification documents, identity verification outcomes, source of funds information, and screening results.
  • Usage data and analytics: pages visited, features used, performance metrics, errors and crash reports.
  • Communications: support inquiries, messages, and feedback submitted through the Platform.
  • Marketing preferences and consent status.

How We Collect Personal Data

  • Direct collection: when you register, place bets, deposit funds, withdraw winnings, contact support, or participate in promotions.
  • Automated collection: cookies and similar technologies, device fingerprinting, and analytics to operate the Platform and detect fraud.
  • Third-party sources: identity verification services, payment processors, regulators, and other sources required by applicable laws and contracts.

Purposes of Processing

  • Service delivery and account management: create, verify, administer, operate, and support your Platform account and transactions.
  • Payments and transactions: process deposits, withdrawals, settlements, and reconciliations.
  • KYC/AML compliance: verify identity, assess risk, monitor for suspicious activity, and maintain records as required by law.
  • Fraud prevention and security: monitor activity for unauthorized access and safeguard funds and data integrity.
  • Communication and support: respond to inquiries, provide notices about changes, and deliver customer support.
  • Analytics and service improvement: study usage patterns to enhance reliability, performance, and features.
  • Legal obligations and risk management: comply with applicable laws, license conditions, and regulatory requests; enforce Terms of Use.
  • Marketing and personalization: with appropriate consent, tailor offers and content; users may withdraw consent or opt out of marketing communications at any time.

Legal Bases for Processing

  • Contractual necessity: processing required to provide and operate the Platform and deliver Services.
  • Legal obligation: compliance with AML, AML/CFT, licensing, and other applicable regulatory requirements.
  • Legitimate interests: fraud prevention, security, network integrity, and platform improvement, balanced against privacy rights.
  • Consent: processing based on user consent for activities such as direct marketing and certain personalization; consent may be withdrawn at any time.

Sharing and Disclosure

We disclose Personal Data to the following recipients as necessary to achieve processing purposes:

  • Affiliates and service providers: to support platform operations, including payments, hosting, IT services, analytics, customer support, and communications.
  • Regulators and law enforcement: in response to lawful requests or as required by law.
  • Fraud prevention and risk management partners: to assess risks and combat illicit activities.
  • Corporate transactions: in the event of a merger, acquisition, or sale of assets, Personal Data may be transferred to the acquiring entity under protective terms.
  • Other users: to facilitate gameplay where you participate in shared activities or invite others.

International Transfers

Where Personal Data is transferred to recipients outside your home jurisdiction, we implement appropriate safeguards consistent with applicable data protection laws, including data transfer agreements and transfer mechanisms designed to protect your data. We do not transfer data to jurisdictions lacking protections without such safeguards.

Data Security

We implement technical and organizational measures to protect Personal Data, including:

  • Encryption in transit (TLS) and at rest where feasible.
  • Access controls and authentication measures; minimum-privilege access policies.
  • Regular security assessments, vulnerability management, and incident response planning.
  • Data minimization, pseudonymization where practicable, and secure software development practices.

Data Retention

We retain Personal Data for as long as necessary to fulfill the purposes described in this Policy and to comply with legal obligations. Financial records and information relevant to KYC/AML shall be retained for a minimum of seven (7) years from the date of the last transaction or account activity, unless a longer period is required by law. Marketing data used for direct marketing will be retained until consent is withdrawn or the data is otherwise decommissioned.

Your Rights

  • Access: you may obtain a copy of your Personal Data and information about how we process it.
  • Rectification: you may request correction of inaccurate or incomplete data.
  • Erasure: you may request deletion of Personal Data where processing is no longer necessary or unlawful, subject to legal or regulatory restrictions.
  • Restriction: you may request restriction of processing in defined circumstances.
  • Portability: you may obtain a structured, commonly used, machine-readable copy of your Personal Data.
  • Withdraw consent: you may withdraw consent for processing supported by consent, including marketing; processing prior to withdrawal remains lawful.
  • Objections: you may object to processing based on legitimate interests or for direct marketing; we will assess and respond with due regard to privacy rights and legal obligations.
  • Complaint: you may lodge a complaint with the competent data protection authority if you believe your rights have been violated.

Cookies and Tracking

We use cookies and similar technologies to operate the Platform and tailor the user experience. Cookies are categorized as:

  • Strictly necessary cookies: essential to operate the Platform and enable secure access and transactions.
  • Analytical/performance cookies: measure usage and reliability to improve the Service.
  • Functionality cookies: remember preferences and return visits.
  • Targeting cookies: deliver advertising and content aligned with interests.

Consent: by continuing to use the Platform, you consent to the use of cookies where required. You may manage cookie preferences in the in-platform settings, and you may disable cookies via your browser settings where applicable.

Minors

The Platform is not directed to individuals under 18 years of age, and we do not knowingly collect Personal Data from minors. If you become aware that a minor has provided Personal Data, please contact us to delete such data where appropriate.

Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be communicated on the Platform or by other appropriate means, and may require renewed consent where legally required.

How to contact us

If you have questions about this Privacy Policy or wish to exercise your rights, contact us at [email protected] or by mail at Pgebet, Data Protection Office, 123 Gaming Street, Suite 1, Metropolis, PM 00000.