Login
Sign up

Privacy Policy

1. Purpose of this notice

This Privacy Policy explains what personal data we collect, why we use it, how we keep it safe, and the choices you have. It applies to players, site visitors, job applicants, and persons who contact us. It complements our Terms and Conditions, Cookie Notice, and AML/CTF and Responsible Play policies.

2. What data we collect

We collect data in three ways: you give it to us, we collect it automatically, or we get it from trusted sources.

2.1 Data you provide

  • Identification: full name, date of birth, nationality, BSN never required, ID numbers where permitted by law.
  • Contact: address, e‑mail, phone, preferred language.
  • Account: username, password, communication preferences, limits and responsible‑play settings.
  • Payments: IBAN, cardholder name, masked card details, deposit/withdrawal history.
  • Verification: photos or scans of ID; selfies/video for liveness; proof of address; proof of payment ownership; evidence of source of funds/wealth (when required by law).
  • Support: messages, recordings of calls/chats.

2.2 Data we collect automatically

  • Device and log data: IP address, device IDs, browser type, OS, app version, time zone, session duration, crash logs.
  • Usage: pages viewed, clicks, games played, features used, referral URLs.
  • Security: failed logins, geolocation checks (country‑level), signals of VPN/proxy/TOR.

2.3 Data from third parties

  • KYC and fraud‑prevention partners, sanctions/PEP screening providers, payment processors, analytics tools, and marketing partners (with your consent where needed).
  • CRUKS status (pass/fail) via the Dutch Gambling Authority where legally required.

We do not collect special categories of data unless the law requires it (e.g., documents showing origin of funds may contain such data). We minimise and redact where possible.

3. Why we use your data

We only use your data when we have a valid legal basis under the GDPR (AVG):

Contract — to provide the Platform and services:

  • create and manage your account; verify age and identity; process deposits and withdrawals; run games; provide support; deliver service messages.

Legal obligation — to meet our duties:

  • Wwft (AML/CTF) checks; CRUKS checks; accounting and tax; responding to lawful requests from authorities.

Legitimate interests — to operate securely and efficiently:

  • prevent fraud and misuse; enforce Terms; defend legal claims; keep the Platform safe; improve products; run analytics (aggregated/limited); tailor in‑product communications. We balance these interests against your rights.

Consent — where you choose it:

  • marketing by e‑mail/SMS/push; placement of non‑essential cookies; certain analytics; participation in surveys. You can withdraw consent at any time from your profile or via the unsubscribe link.

4. Cookies and similar tech

We use cookies, SDKs, and similar tools to make the Platform work, remember preferences, keep sessions secure, and measure performance. Non‑essential cookies run only with your consent. See our Cookie Notice for details and how to change your settings.

5. Profiling and automated decisions

We use automated systems to:

  • verify identity and detect fraud (e.g., document checks, device risk scores);
  • run sanctions/PEP screening;
  • monitor play to meet AML/CTF and responsible‑play duties;
  • segment players for product communications or promotions (subject to your marketing choices).

Where a decision has legal or similarly significant effects (e.g., blocking an account), we provide a way to request human review and to express your point of view.

6. Sharing your data

We share data only when needed and with safeguards:

  • Regulators and authorities: KSA, FIU‑Netherlands, law enforcement, courts, where required by law.
  • Payment processors and banks: to process deposits/withdrawals and verify ownership.
  • KYC and risk vendors: identity verification, sanctions/PEP/adverse media screening, device intelligence, fraud prevention.
  • Game providers: to run games and settle outcomes (limited identifiers and session data).
  • Analytics and communications tools: to send service messages and measure performance (pseudonymised where possible).
  • Professional advisers and auditors.
     We do not sell your personal data.

7. International transfers

If we transfer data outside the EEA/UK, we use lawful safeguards such as European Commission adequacy decisions or Standard Contractual Clauses. We assess destination laws and apply additional measures (encryption, access limits) where appropriate.

8. How long we keep data

We keep data only as long as needed:

  • Account and gameplay records: for the life of the account plus statutory periods.
  • AML/CTF records: as required by the Wwft.
  • Transaction records: as required by tax and accounting rules.
  • Marketing preferences: until you withdraw consent or object.
    When the retention period ends, we delete or irreversibly anonymise data.

9. Security

We gebruiken geavanceerde technische oplossingen en organisatorische strategieën om gegevens te waarborgen. Dit omvat het beheren van responsprotocollen voor incidenten, inclusief kennisgevingen bij datalekken wanneer wettelijk vereist; het waarborgen van veilige ontwikkelings- en testprocessen; het uitvoeren van grondige due diligence op leveranciers; het handhaven van waakzame monitoring- en logboekpraktijken; het naleven van het principe van de minste privilege; het toepassen van multi-factorauthenticatie voor ons personeel; het implementeren van strikte toegangscontroles; en het versleutelen van informatie tijdens de overdracht en opslag. Het is van groot belang om je apparaten goed te beveiligen en je wachtwoord geheim te houden, omdat geen enkele benadering vrij is van tekortkomingen.

10. Your rights

Under the GDPR/AVG you may have the right to:

  • Access your personal data and get a copy.
  • Rectify inaccurate or incomplete data.
  • Erase data (right to be forgotten) in certain cases.
  • Restrict processing in certain cases.
  • Object to processing based on our legitimate interests and to direct marketing.
  • Portability of data you provided to us, in a machine‑readable format.
  • Withdraw consent at any time for activities based on consent.

Some rights are limited by our legal duties (e.g., we cannot delete AML records before the legal period ends).

How to exercise your rights: contact us via the channels in Section 14. We may ask for proof of identity. We aim to reply within one month.

11. Marketing choices

You control your marketing preferences in your profile and via unsubscribe links. We send service messages (for example, changes to Terms, security alerts, verification) even if you opt out of marketing. If you object to profiling for direct marketing, we will stop it.

12. Children

BinoBet is for adults (18+). We do not knowingly collect data from minors. If we discover an underage account, we close it and delete data where the law allows, while keeping what is required for legal processes.

13. CRUKS and responsible play

By law, we must check the national self‑exclusion register CRUKS before we allow play and at session start. We process only what is required to confirm your status (pass/fail). We also process gameplay data to provide tools and interventions that support safer play.

14. Changes to this policy

We may update this Privacy Policy to reflect changes in law or how we run our services. We will post the updated version with a new date and, where changes are material, we will notify you through the Platform or by e‑mail.

15. Glossary

  • Controller: the organisation that decides why and how personal data is used.
  • Processor: a company that handles data for us under contract.
  • Personal data: any information that identifies you or can be linked to you.
  • Profiling: automated processing to evaluate personal aspects, like risk or preferences.
  • Pseudonymisation: replacing identifiers with codes so data cannot be linked to you without extra information.

16. Short data map

CategoryExamplesPurposeLegal basisRetention
Identity & contactname, DOB, address, e‑mail, phonecreate/manage account; compliancecontract; legal obligationaccount life + legal period
VerificationID, selfie, proof of address, payment ownershipKYC/AML, fraud preventionlegal obligation; legitimate interestslegal period
PaymentsIBAN, card details (masked), historydeposits/withdrawals, accountingcontract; legal obligationlegal period
Gameplay & usagegames played, session data, limitsprovide services; responsible play; improvecontract; legitimate interestsaccount life + period
Device & securityIP, device ID, logssecurity, fraud preventionlegitimate interestsrolling security window
Marketingpreferences, consentssend offers with consentconsentuntil withdrawn