Privacy Policy

How CasinoIndex UK collects, uses and protects your personal information. Compliant with UK GDPR and the Data Protection Act 2018.

Last updated: 20 April 2026 · Version 2.1
18+

18+ Only. This site is not directed at children. We do not knowingly collect data from anyone under 18. If you believe a minor has provided us information, contact us immediately at [email protected].

This Privacy Policy explains how CasinoIndex UK ("we", "us", "our") handles personal information of visitors to our website. We're committed to processing your data lawfully, fairly and transparently — in line with the UK GDPR, the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

Read it in full before using the site. If anything's unclear or you have questions about your data, get in touch with us using the contact details at the end of this page.

On this page

  1. 1. Who's the data controller
  2. 2. What we collect
  3. 3. How we use your data
  4. 4. Legal basis for processing
  5. 5. Cookies and tracking
  6. 6. Third parties and sharing
  7. 7. International transfers
  8. 8. How long we keep data
  9. 9. How we protect your data
  10. 10. Your rights under GDPR
  11. 11. Children's data
  12. 12. Changes to this policy
  13. 13. How to contact us
  14. 14. How to complain

1. Who's the Data Controller

CasinoIndex UK is the data controller for personal information collected through this website. That means we decide how and why your data is processed and we're legally responsible for keeping it safe.

Data Controller: CasinoIndex UK
Registered address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
Data protection contact: [email protected]
ICO registration: ZB123456

2. What We Collect

We try to collect as little personal data as possible while still running the site properly. Here's what we actually do collect:

Information you give us directly

  • Contact form submissions — your name, email address, and the content of your message when you contact us through forms or email
  • Newsletter sign-ups — email address only, plus the date you subscribed
  • Comments or feedback — anything you write to us when reporting errors, sending tips, or asking questions
  • Correction requests — name, email, and the details of the correction you're asking for

Information collected automatically

  • Technical data — IP address, browser type and version, operating system, device type, screen resolution, time zone setting
  • Usage data — pages visited, time spent on each page, click patterns, referring website, exit pages
  • Cookie data — see Section 5 below for the full breakdown

Information from third parties

  • Affiliate networks — when you click through to a casino partner from our site, we receive aggregated data about whether the click converted (i.e. whether you registered or deposited). This is anonymised at the network level — we don't see your name or contact details from the casino
  • Analytics providers — Google Analytics provides aggregated traffic data about how visitors use the site

3. How We Use Your Data

The short version: we use your data to run the site, respond when you contact us, improve what we publish, and meet legal obligations. The full breakdown:

Purpose Data Used Legal Basis
Responding to enquiries Name, email, message content Legitimate interest
Sending newsletter (if subscribed) Email address Consent
Site analytics and improvement Technical data, usage data, cookie data Consent (analytics cookies)
Detecting fraud and abuse IP address, technical data Legitimate interest
Affiliate tracking Cookie data, click-through data Consent (marketing cookies)
Legal compliance Any data required by law Legal obligation

We don't sell your personal data. Ever. We don't share it with third parties for their marketing purposes either.

5. Cookies and Tracking

We use cookies and similar tracking technologies on this site. The cookie banner you see on first visit is your point of control — you can accept all, reject all (except strictly necessary), or customise your choices.

Categories of cookies

  • Strictly necessary — required for the site to work (session cookies, security, cookie consent itself). Can't be disabled.
  • Functional — remember your preferences (e.g. dark mode, language, dismissed notifications). Set only with consent.
  • Analytics — measure traffic and user behaviour to improve the site (Google Analytics 4). Set only with consent.
  • Marketing/Affiliate — track click-throughs to casino partners so we get credited for referrals. Set only with consent.

For the full list of specific cookies, durations and providers, see our Cookie Policy.

You can change your cookie preferences at any time by clicking the cookie icon in the bottom-left corner of any page, or by clearing cookies in your browser settings. Withdrawing consent doesn't affect processing carried out before withdrawal.

6. Third Parties and Data Sharing

We share data with a limited set of trusted third parties, only where necessary to operate the site or where you've consented:

Service providers we use

  • Hosting — our website is hosted on infrastructure provided by Cloudflare and AWS. Server logs may include IP addresses
  • Analytics — Google Analytics 4 (Google LLC). Aggregated traffic data only, IP anonymisation enabled
  • Email — newsletter delivery via a third-party email service (provider may change; current provider listed in our Cookie Policy)
  • Affiliate networks — when you click an affiliate link, the network operator receives the click-tracking data needed to attribute the referral
  • Customer support tools — when you email us, your message is processed through standard email infrastructure (currently Google Workspace)

Each provider is bound by data processing agreements and processes your data only for the specific service they provide to us.

When we have to share data

We may also disclose your data where we're legally required to — for example in response to:

  • Court orders, subpoenas, or other valid legal process
  • Regulatory requests from the Information Commissioner's Office (ICO) or other competent authority
  • Investigations of fraud or abuse of the site
  • Protection of our legal rights or those of other users

7. International Data Transfers

Some of our service providers (Google, Cloudflare, AWS) operate infrastructure outside the UK and EEA. When data is transferred internationally, we make sure appropriate safeguards are in place — typically through:

  • UK adequacy decisions where the destination country has equivalent data protection
  • Standard Contractual Clauses (SCCs) approved by the UK ICO
  • Provider-specific safeguards under their own GDPR-compliant frameworks

Most transfers are to the United States and EU member states. None of our processors transfer data to jurisdictions without an adequacy decision or equivalent safeguards.

8. How Long We Keep Your Data

We don't keep data longer than necessary. Standard retention periods:

Data Type Retention Period
Contact form messages2 years from last contact
Newsletter subscriber dataUntil you unsubscribe + 30 days
Server logs (IP, technical)90 days
Analytics data26 months (Google Analytics default)
Cookie consent records12 months
Affiliate click data90 days from click
Correction requests3 years (for editorial accountability)

After retention periods expire, data is either deleted or fully anonymised. We may keep data longer where legally required (e.g. tax records) or where you've explicitly consented.

9. How We Protect Your Data

We use technical and organisational measures appropriate to the type of data we process:

  • HTTPS encryption (TLS 1.3) across the entire site
  • Encrypted storage for any persistent data
  • Restricted access to data — only team members who need access have it
  • Multi-factor authentication on all admin accounts
  • Regular security audits and penetration testing
  • Documented incident response procedures

No system is perfectly secure, but we take this seriously. If we ever suffer a data breach that affects your personal information, we'll notify the ICO within 72 hours where required, and notify affected users directly without undue delay.

10. Your Rights Under GDPR

You have the following rights over your personal data. Most of these can be exercised free of charge.

  • Right of access — request a copy of the personal data we hold about you
  • Right to rectification — ask us to correct inaccurate or incomplete data
  • Right to erasure ("right to be forgotten") — ask us to delete your data, subject to limited exceptions
  • Right to restrict processing — ask us to limit how we use your data while a complaint or correction is being resolved
  • Right to data portability — receive your data in a structured, machine-readable format you can transfer elsewhere
  • Right to object — object to processing based on legitimate interest, including marketing
  • Right to withdraw consent — where processing is based on consent, withdraw it at any time
  • Right not to be subject to automated decision-making — we don't make decisions about you using fully automated processes

To exercise any of these rights, email [email protected] with the request and proof of identity. We respond within one calendar month — usually faster.

11. Children's Data

This site is intended for adults aged 18 and over. The content covers gambling, which is illegal for minors in the UK and most other jurisdictions. We don't direct content at children, don't market to children, and don't knowingly collect data from anyone under 18.

If you're a parent or guardian who believes a child has provided us with personal information, contact [email protected] and we'll delete the data immediately upon verification.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we'll change the "Last updated" date at the top of the page and increment the version number. For material changes that affect how your data is processed, we'll notify subscribers by email and post a prominent notice on the site for at least 30 days.

We recommend reviewing this policy periodically. Continued use of the site after changes are posted means you accept the updated terms.

13. How to Contact Us

For any privacy-related question, request, or complaint:

Email: [email protected]
Postal address: Data Protection, CasinoIndex UK, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
Response time: within 1 calendar month for formal GDPR requests; usually 2-3 business days for general questions

14. How to Complain

If you're not happy with how we've handled your personal data, please contact us first — most issues can be sorted out quickly. But you also have the right to complain to the UK supervisory authority:

Information Commissioner's Office (ICO)
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Helpline: 0303 123 1113
Website: ico.org.uk

You can also raise concerns with the supervisory authority of your country of residence if you're outside the UK.