888 Casino Privacy Policy

This Privacy Policy applies to users accessing 888 Casino services through ca.888casino.com and any related domains operated for Canadian residents. The document explains how personal information is collected, processed, stored, and protected in accordance with applicable data protection laws and regulatory obligations.

1. Data Controller and Regulatory Framework

Virtual Digital Services Ltd (VDSL), licensed by the Maltese Gaming Authority and part of the Evoke plc group, acts as the data controller for personal information processed through the services. The operations of the platform are governed by Gibraltar’s Gambling Act 2005 and applicable Canadian data protection requirements.

Personal data is processed in line with principles derived from the General Data Protection Regulation (GDPR) where applicable, including in relation to users located outside the European Single Market and the United Kingdom, to the extent relevant.

2. Information Collected

The following categories of personal information are collected and processed:

• Identity and contact details: name, email address, phone number, date of birth, residential address.
• Know Your Customer (KYC) data: government-issued identification documents, proof of address, verification photographs and similar documentation required for account validation and withdrawal processing.
• Financial information: deposit and withdrawal transaction records, payment method details, and source of funds documentation for Anti-Money Laundering (AML) compliance.
• Safer gambling data: self-exclusion requests, deposit limits, session time restrictions, and behavioral monitoring indicators used for responsible gaming purposes.
• Special category data: racial or ethnic origin, processed exclusively for preventing unlawful acts, dishonesty, or malpractice, as permitted under GDPR Article 9.

3. Legal Basis for Processing

Personal information is processed on the following legal grounds:

• Contract performance: to perform obligations under the User Agreement, including account registration, transaction processing, and service delivery.
• Legal obligations: to comply with AML regulations, KYC requirements, safer gambling laws, licensing conditions, and lawful requests from regulatory authorities.
• Legitimate interests: for fraud prevention, risk management, security monitoring, customer support quality assurance (including call recording), and protection of business operations.
• Consent: for non-essential cookies, marketing communications where required by law, and specific data uses that go beyond mandatory processing.

4. Use of Personal Information

Personal information is used strictly for defined business, regulatory, and operational purposes. Data is not rented, sold, or shared with third parties except as described in this Privacy Policy. Use of personal information includes:

• Account verification and enforcement of age restrictions to prevent access by individuals under 18 years of age.
• Processing of deposits and withdrawals through secure financial transaction channels.
• Conducting compliance checks for AML, counter-terrorism financing, and fraud detection.
• Responsible gaming monitoring, including behavioral analysis to identify indicators of potential gambling harm.
• Provision of customer support services, training, and security, including the recording of communications where applicable.
• Administration of bonus schemes where applicable under contractual terms in the User Agreement.
• Reporting to licensing bodies, law enforcement agencies, or regulatory authorities when legally required or permitted.

5. Data Security Measures

Data transmission over the internet is protected using RSA public/private key encryption technology or comparable cryptographic measures. All financial transactions are processed through encrypted channels designed to protect against unauthorized access.

Personal details are stored in secure systems with restricted access. Access is limited to authorized personnel and service providers engaged in legitimate business, regulatory, or support functions.

6. Data Sharing and Disclosure

Personal information is not disclosed to government institutions or third parties except in the following circumstances:

• When required by applicable laws, regulations, or legal processes.
• When necessary to fulfill contractual obligations under the User Agreement.
• For compliance with gambling license conditions.
• To meet AML and KYC regulatory requirements.
• When sharing with licensing authorities, financial crime prevention agencies, or law enforcement bodies is legally required or permitted.
• For the prevention or detection of crime, dishonesty, or malpractice, or for the protection of legitimate business interests.

Recipients of shared data are limited to those involved in the purposes specified above. No unauthorized data transfers or commercial data sales are carried out.

7. User Rights

Users have the following rights in relation to their personal information, subject to applicable law:

• Access: request confirmation of whether personal data is held and obtain a copy of such data.
• Rectification: request correction of inaccurate or incomplete information.
• Erasure: request deletion of personal data, subject to legal and regulatory retention obligations.
• Restriction: request limitation of processing under certain conditions defined by law.
• Portability: receive personal data in a structured, commonly used, machine-readable format for transfer to another controller, where technically feasible and legally applicable.
• Objection: object to processing based on legitimate interests, including processing for direct marketing purposes where relevant.
• Withdrawal of consent: withdraw consent previously given for specific processing activities, without affecting the lawfulness of processing carried out before withdrawal.

To exercise these rights, users should use the contact methods provided in the account dashboard or in the User Agreement. Requests may be subject to identity verification and may be limited by legal, regulatory, or contractual retention obligations, including AML requirements, licensing conditions, or dispute resolution needs.

8. Age Restrictions and Protection of Minors

Use of the services is strictly prohibited for individuals under 18 years of age. Verification systems and checks are applied to detect and prevent access by minors, in line with Gibraltar’s Gambling Act 2005 and applicable requirements.

Any account found to belong to a person under the legal age will be suspended. Handling of related funds is carried out according to relevant regulatory requirements and applicable law.

9. Data Retention

Personal information is retained for as long as necessary to achieve the purposes set out in this Privacy Policy and to comply with legal, regulatory, and contractual obligations. Retention periods may vary depending on the category of data and the applicable requirements, including AML record-keeping mandates and licensing conditions.

When retention is no longer required for these purposes, personal information is deleted, anonymized, or otherwise processed in accordance with applicable law.

10. Policy Updates

This Privacy Policy may be updated periodically to reflect changes in data processing practices, legal requirements, or regulatory guidance. Material changes may be communicated through the website, account notifications, or other appropriate channels. Continued use of the services following the publication of an updated Privacy Policy constitutes acceptance of the revised terms, to the extent permitted by law.

11. Contact and Complaints

Questions regarding this Privacy Policy or the exercise of data protection rights should be directed through the contact methods made available in the user account dashboard or as set out in the User Agreement.

If a user considers that personal information has not been handled in accordance with applicable data protection law, the user has the right to lodge a complaint with the relevant data protection supervisory authority in the user’s jurisdiction.