Privacy Policy

Last updated on 09.10.2025

1 WHEN DOES THIS PRIVACY NOTICE APPLY?

This Privacy Notice explains how we process your personal data It applies to, for instance:

• Your use of our services on our websites including our mobile apps.
• The personalisation of your experience on our platforms
• The infrastructure that we need to offer our services.

This notice is not:

• Terms and Conditions of Casino Online Unibet, these will be a different document which you can find on our different brand webpages.

Our cookie notice describes how we use cookies and other trackers and how you can manage your cookie settings.

This Privacy Notice may be updated from time to time to reflect changes in the way we work or the way our work is regulated. If significant changes are made to the Privacy Notice, we will notify you.

3 HOW CAN YOU GET IN TOUCH?

There are various ways you can contact us.

For general queries do not hesitate to get in touch with our Customer Service team via Contact us page.

For general questions on this privacy notice or if you wish to exercise your data subject rights, please complete our online Privacy Webform or contact our Data Protection Officer at dpo[at]kindredgroup.com

4 DEFINITIONS OF CATEGORIES OF PERSONAL DATA

Please see the table below for detailed information regarding what personal data we process.

Category of personal data

Contact details:

• Address
• Email address
• Home number
• Other related contact information

Geolocation data:

• Location data from your unit e.g., collected via cookies
• Log data (e.g., in connection with your use of our mobile application or when you visit our website)
• IP address
• Other related geolocation data

Financial data:

• Information regarding credit card or other payment methods, including vouchers and account balance of your user account
• Transaction ID
• Date and time of payment
• Amount
• Name
• Credit card number
• Bank account number
• Transaction status
• IP address
• Browser
• Type of device
• Pay, points and rewards
• Bank details
• Transactions
• Other related financial information

Special Category data:

• Data concerning health, such as information concerning gambling addiction or suspicions thereof

Background Data:

• Background Checks (Criminal records, sanctioned Person, PEP, RCA, SIP)

Behaviour Data:

• Information about subscription and purchases
• Online activity
• Gameplay
• Preferences
• Online behaviour
• Other related behaviour data

Commercial Data:

• User ID
• Promotional bonus and reward data
• Blocks
• Media partner data
• Other Related Commercial Data

Communications Data:

• Chat
• Emails
• Phone
• WhatsApp
• Phone call recordings
• Other related Communication Data

Identification Data:

• Name 
• Surname 
• DOB
• Home address
• ID 
• Passport Number 
• Place of Residence/Registration/Birth 
• Player number User ID 
• Voice Data
• Personal identity number and/or coordination number (if specified)
• Membership number
• Other related Identification Data

Publicly available Data:

• Images provided by you to us
• Social media Data
• Publicly available registers

System & Equipment Usage Data

• Device type, name, number, ID
• IP address 
• Type of phone / PC/ OS used
• Logs (Audit trail) 
• Other relevant system & equipment Usage Data

5 WHAT PERSONAL DATA DO WE COLLECT, AND FOR WHAT PURPOSE?

Opening an account 

Collecting and verifying personal data to create and authenticate your account.

Categories of personal data

• Contact Data   
• System & Equipment Usage Data   
• Background Data
• Identification Data   
• Financial Data   
• Geolocation Data   
• Equipment Usage Data

Legal Basis Necessary for the performance of a contract (Art. 6(1)(b) GDPR) as described in our Terms and Conditions, in particular to manage service-related tasks such as password reminders and service messages (e.g., site maintenance)Using the product 

Processing data to enable and personalize your interaction with gambling products and services

Categories of personal data:

• Behaviour Data
• Financial Data

Legal Basis

• Necessary for the performance of a contract (Article(6)(1)(b) GDPR) as indicated in our Terms and Conditions.
• Legal obligation (Article(6)(1)(c) GDPR), such as applicable gambling regulations to register you in our systems and ensure eligibility for our services

Service Administration 

Processing data to provide essential services such as password reminders, service messages (including site maintenance notifications, updates to our Privacy and Cookies Policies, and Terms and Conditions), and to inform you if your account has become inactive and inquire whether you would like to reactivate it before we close it

Categories of personal data:

• Behaviour Data
• Financial Data

Legal Basis Necessary for the performance of a contract (Art. 6(1)(b) GDPR) as described in our Terms and Conditions.Financial administration

Handling deposits, withdrawals, payments, and financial record keeping to comply with financial and anti-fraud regulation.

Categories of personal data:

• Contact Data
• Financial Data
• Identification Data

Legal Basis

• Performance of a contract (Art. 6(1)(b) GDPR).
• Compliance with a legal obligation (Article(6)(1)(c) GDPR) such as our bookkeeping obligations and managing any financial requests (withdrawal, deposit or refund).

Direct Marketing 

Using personal data to send promotional offers and communications

Categories of personal data:

• Behaviour Data
• Contact Data
• Geolocation data

Legal Basis Your consent (Art. 6(1)(a) GDPR).Customer Service Interaction

Managing your inquiries and support requests to provide effective assistance

Categories of personal data:

• Financial Data
• Contact Data
• Identification Data

Legal Basis

• Our legitimate interest (Art. 6(1)(f) GDPR) and performance of a contract. The processing is necessary to fulfil our legitimate interest of responding to your inquiries as effectively as possible and providing you with the assistance you need.
• Performance of a contract (Art. 6(1)(b) GDPR) as described in our Terms and Conditions.

Call recordings for quality and training purposes

Recording interactions to improve service quality and staff training while ensuring compliance with data protection laws

Categories of personal data:

• Contact Data
• Identification Data

Legal Basis Our legitimate interest (Art. 6(1)(f) GDPR). The processing is necessary to ensure fair gaming with our customers and to handle any complaints and disputes and litigationsTo deter, prevent or detect the use of third-party software in peer-to-peer gambling

Monitoring and preventing unauthorized software use to maintain fair play and integrity

Categories of personal data:

• Behaviour Data
• Identification Data

Legal Basis Our legitimate interest (Art. 6(1)(f) GDPR). The processing is necessary to ensure fair gaming with our customers.To deter, prevent, or detect any activities conducted in breach of our Terms and Conditions

Identifying and addressing violations to protect the platform and users

Categories of personal data:

• Behaviour Data
• Financial Data
• Identification Data
• Contact Data

Legal Basis Our legitimate interest (Art. 6(1)(f) GDPR). The processing is necessary to prevent and deter breaches of our Terms and Conditions, this can be done through phone calls.

Location-Based Redirection and License Compliance

Categories of personal data:

• Geolocation data

Legal Basis Compliance with legal obligations (Article (6)(1)( c) GDPR) to make sure our customers are redirected to the appropriate country site in adherence to our license conditions.Conducting an Affordability Review

Assessing your financial capacity to gamble responsibly and prevent harm. The affordability score calculated by credit reporting agencies, such as TransUnion in the UK,  is used to assess your financial capacity to gamble responsibly.

Categories of personal data:

• Background Data
• Behaviour Data
• Commercial Data
• Communication Data
• Contact Data
• Financial Data
• Identification Data
• Special Category Data

Legal Basis

• Our legitimate interest (Art. 6(1)(f) GDPR) to ensure that our customers have the funds to use our services safely.
• Where applicable: Compliance with legal obligations (Article (6)(1)( c) GDPR) to comply with legal obligation from gambling authorities.

Prevention of gambling addiction: to deter, assess risk and prevent gambling problem

We collect certain data to help identify and reduce the risk of gambling-related harm, ensuring a safer experience for all our customers. By assessing patterns and behaviours, we can detect early signs of potential gambling addiction and take appropriate steps to support those at risk. This proactive approach enables us to provide tailored interventions and tools that promote responsible gambling and protect your well-being.

Categories of personal data:

• Behaviour Data
• Special Category Data
• Identification Data
• Geolocation Data
• Financial Data
• Background Data
• Communication Data
• Contact Data
• publicly available Data
• Commercial Data

Legal Basis

• Our legitimate interest (Art. 6(1)(f) GDPR) to ensure that our customers do not become exposed to problem gaming
• Our legal obligations (Article (6)(1)( c) GDPR) such as from the gambling authorities, where applicable. Special Category Data may be processed to determine whether there is of gambling addiction, such as health data. This category of personal data are being collected to comply with legal obligation This is done under our duty of care, in accordance with Art. 6(1)(e)GDPR and Art. 9(2)(g) GDPR.

Gameplay Monitoring

We regularly review customer accounts to monitor gameplay and betting activity.  This monitoring ensures the accuracy, fairness, and safety of our services, and is essential for

• Preventing cheating, fraud, or misuse of our services, and
• Upholding the integrity of sports betting, including the detection and prevention of match-fixing and other forms of betting-related corruption.

Categories of personal data:

• Behaviour Data
• Financial data
• Identification Data

Legal Basis

• Necessary for the performance of a contract (Article(6)(1)(b) GDPR) as described in our Terms and Conditions.
• Necessary for compliance with a legal obligation (Article 6(1)(c) GDPR), where applicable under local regulatory requirements related to sports betting integrity.

To monitor and prevent fraudulent activities related to our online advertising

Detecting and stopping fraud that affects advertising integrity and your trust

Categories of personal data:

• Behaviour Data
• System & Equipment Usage Data (including IP address)
• Geolocation Data

Legal Basis Our legitimate interest (Art. 6(1)(f) GDPR) in preventing fraud and ensuring that our advertising campaigns are directed towards legitimate customers. The data collected through our third-party provider, is used to detect and block fraudulent clicks.Ensure network security

Protecting systems and data from unauthorized access and cyber threats

Categories of personal data:

• System & Equipment Usage Data

Legal Basis

Our legitimate interest (Art. 6(1)(f) GDPR) to ensure security while using our products.Ensure Security and Resilience of our IT systems

To ensure the continued availability, integrity, and security of our IT systems and services. This includes:

• implementing disaster recovery processes to restore data and functionality in case of incidents affecting our primary data centres; and
• monitoring systems and accounts to detect and prevent unauthorised access, misuse, or data breaches.

Categories of personal data:

• System & Equipment Usage Data

Legal Basis

• Our legitimate interest (Art. 6(1)(f) GDPR) in maintaining secure and resilient IT infrastructure and preventing security incidents;
• Compliance with legal obligations (Art. 6(1)(c) GDPR) related to data security and continuity under applicable data protection and other laws.

Ensure Security of User Authentication with CAPTCHA

We use CAPTCHA – a quick test to check if you’re a real person and not a bot – to protect your account from abuse. This helps us stop fake accounts, block automated hacking attempts, and keep your data safe.

Categories of personal data:

• System & Equipment Usage Data

Legal Basis

Legitimate interest (Article 6(1)(f) GDPR) to ensure the security of our services and protect user accounts from fraudulent or automated access.Conducting Anti-Money Laundering and Anti-Fraud Checks

Processing data to comply with AML laws and prevent financial crimes

Categories of personal data:

• Contact Data
• Identification Data
• Background Data
• Geolocation Data
• Behaviour Data
• Communication Data
• Financial Data
• System and equipment usage Data

Legal Basis

Compliance with legal obligations (Article (6)(1)( c) GDPR) to ensure we are identifying, mitigating, reporting any AML or Fraud activity and risk rating customers appropriately.Promotions and Competitions

Managing your participation in marketing campaigns, reward schemes and contests 

Categories of personal data:

• Identification Data
• Commercial Data

Legal Basis With your consent (Art. 6(1)(a) GDPR) to administrate promotion and competitions in which you consent to participate.Market Research

Collecting data to understand your preferences and improve services

Categories of personal data:

• Identification Data

Legal Basis

Our legitimate interest (Art. 6(1)(f) GDPR) to conduct internal and third-party collaborative market research and surveys.Use of Cookies

We employ cookies to enhance website functionality and user experience. This includes:

• Ensure our services, and those provided by our partners such as game providers work correctly.
• Provide you with the best possible experience
• Understand how to improve our services
• Remember your preferences and past actions on the device
• Make the interaction between you and the device quicker and easier
• Provide personalised and relevant content from us and our service partners.

Categories of personal data:

• System & Equipment Usage Data

Legal Basis

• For any non-essential cookies: we rely on Your consent (Art. 6(1)(a) GDPR) .
• For essential cookies our legal ground is legitimate interest (Art. 6(1)(f) GDPR) to ensure that our website function.

Personalization

Tailoring content and offers based on your preferences and behaviour

Categories of personal data:

• Behaviour Data
• Commercial Data
• Geolocation Data
• Identification Data

Legal Basis

Our legitimate interest (Art. 6(1)(f) GDPR) to personalise your experience while using our product and service which are tailored to your interests.Profiling

Analysing data to predict your preferences and behaviour for better and safer service delivery

Categories of personal data:

• Contact Data
• Identification Data
• Behaviour Data
• Financial Data
• Geolocation Data
• System and equipment usage Data
• Publicly available Data

Legal Basis

• Our legitimate interest (Art. 6(1)(f) GDPR) to conduct profiling activities for personalized services, marketing, and enhancing user experience, and consent (Art. 6(1)(a) GDPR) where necessary.

Analytics

Measuring and analysing service usage to optimize operations and marketing

Categories of personal data:

• Contact Data
• Identification Data
• Behaviour Data
• Financial Data
• Geolocation Data
• System and equipment usage Data
• Communication Data
• Commercial Data

Legal Basis Our legitimate interest (Art. 6(1)(f) GDPR) to conduct data analytics for improving our services, understanding user behaviour, and optimizing our business operations.Data Transformation and Analytics Enablement

To transform and model data, in order to standardise business metrics and improve the efficiency and consistency of data analysis and reporting across the organisation.

Categories of personal data:

• Identification Data
• Financial Data
• System & Equipment Usage Data
• Publicly Available Data

Legal Basis

Our legitimate interest (Art. 6(1)(f) GDPR) in enabling efficient data analysis and informed decision-making through standardised data modelling, while ensuring data governance and security practices are respected.Defending our rights

Using data to protect legal interests and enforce terms against misuse or disputes

Categories of personal data:

• Contact Data
• Background Data
• Behaviour Data
• Commercial Data
• Communication Data
• Financial Data
• Identification Data

Legal Basis

Our legitimate interest (Art. 6(1)(f) GDPR) to resolve a dispute or litigation.

Special Category Data

In certain circumstances we may collect personal data which is referred to as “special categories of data,” such as information related to health. This includes, for example, health-related information, particularly in the context of our responsible gambling obligations.  

Such data may be collected directly from you, or in some cases, from third parties such as healthcare professionals, support organisations, or other regulated entities.

We will only process such data if:

• you have given us your explicit consent;
• it relates to personal data which you have made public;
• it is necessary for the establishment, exercise or defence of legal claims;
• is necessary for reasons of substantial public interest, on the basis of European Union or Member State law.

For example, if you inform us of a health condition affecting your ability to gamble safely, or if your behaviour or financial activity raises concerns about gambling-related harm, we may collect and use relevant information to assess risk and apply appropriate safer gambling measures. This may include setting deposit limits, offering support, or applying temporary or permanent account restrictions. The collection of such special category data falls under the public interest as indicated in article 6 (1)(e) of GDPR and in accordance with article 9 (2)(g) of GDPR to allow us to process special category data.

We may also process information relating to criminal convictions or suspected criminal activity, but only where permitted under Article 10 of the GDPR and applicable national laws. This typically occurs in the context of:

• Anti-money laundering (AML) checks;
• Fraud detection and prevention;
• Compliance with other legal obligations.

We process this data only where necessary to meet our legal obligations, or, where appropriate, for the legitimate interest of preventing fraud or defending legal claims, and always subject to appropriate safeguards.

We apply enhanced safeguards when handling special category and criminal offence data. These include strict access controls, data minimisation, retention limits, and staff training to ensure that such data is treated with the highest level of care and confidentiality. 

6 WHERE DO WE GET YOUR DATA FROM?

We collect personal data when you interact with us and use our services. Sometimes, this information is provided to us by you – such as when you register for the first time and when you make use of our products or get in touch with us. Sometimes third parties or publicly available sources provide us information about you.

7 COOKIES AND SIMILAR TRACKING TECHNOLOGIES

Our websites and apps use cookies for various purposes.

We use cookies for the following purposes, amongst others:

• to identify the account holder’s (as defined in our Terms and Conditions) preferred language, so it can be automatically selected when the account holder returns to the website;
• to ensure that bets placed by the account holder are associated with the account holder’s betting coupon and account;
• to ensure that the account holder receives any bonuses for which they are eligible, and
• for analysis of the website traffic, to allow us to make suitable improvements.

8 WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL DATA?

In certain circumstances, we share your personal data with other companies within FDJ United, with third parties that provide services on our behalf, and with other third parties to comply with our legal obligations. These third parties include companies such as Evolution, which provides live casino products; Microgaming, a gaming platform specializing in slots; Trustly, a payment provider; credit insight agencies, such as TransUnion in the UK, Oracle, which offers database software; Microsoft; Amazon Web Services; and Pragmatic, known for its casino products, including slot games and live casino offerings.

We do not sell your personal data to marketing companies.

In the context of a merger, sale of business or transfer of business—including the acquisition of a FDJ United entity—some of your personal data may be transferred to the recipient company. This transfer is intended to ensure the continuity of service, the proper management of your account and compliance with our contractual and legal obligations. Personal data of customers can be included in the transaction. If so, you will be informed in advance of such transfer, and we ensure that your data is only used for the purposes described in this Privacy Notice.

9 DO WE TRANSFER YOUR DATA OUTSIDE THE EEA?

The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers: such as United States of America (USA), Australia and India. This can be the case for instance if we provide services globally. In addition, your data may in a few instances be processed in countries where we have operations or services providers. Further, for efficiency and reliability, we may use cloud services hosted in different countries. In certain cases, we might need to transfer data to comply with international legal obligations.

To ensure your personal data remains safe when transferred in this manner, we will take all reasonable steps to maintain a suitable level of protection in line with this notice.

Any transfer of your personal data to a location outside the EEA will processed/performed in accordance with applicable data protection laws, including the GDPR, and will be based on:

• The Standard Contractual Clauses adopted by the European Commission which you can access here or a relevant data protection authority; or
• An adequacy decision from the European Commission, confirming that the third country provides adequate protection for your personal data; or
• Your consent, or another legal basis on which we are entitled to make the transfer.

Should you have any questions regarding our transfers of personal data to countries outside the EU/EEA area, please contact us by using the contact details provided at the beginning of this Privacy Notice.

10 HOW LONG WILL WE KEEP YOUR DATA?

We will only retain your information for as long as needed to fulfil the purposes for which they are collected.

While you are a customer, we will need to retain your information to meet our legal and contractual requirements. However, when you cease using Our services, we may still retain your personal data for a period of time. There are several reasons why we retain your information, these include:

• To comply with legal obligations under EU/local laws (for example, anti-money laundering regulations, or licensing regulations). Those data may be stored for up to 10 years from the date of the closure of your account.
• To establish or defend legal claims (for example negligence claims) which could be made against us;
• To comply with our contractual obligations and rights in relation to the information involved;
• Our legitimate interests where we have carried out balancing tests;
• To comply with guidelines issued by relevant data protection authorities.

If you ever request to have your data erased, we will promptly action your request. However, certain types of personal data may need to be retained in order to comply with our legal obligations as indicated above. In such cases, your data will be securely archived and held only for the duration required by applicable laws and regulations. During this retention period, your data will not be processed for any other purpose.

11 YOUR RIGHTS & CHOICES OVER YOUR PERSONAL DATA

Under the GDPR, you have a number of rights concerning the personal data we hold about you. If you wish to exercise these rights, you should use our GDPR Online Form. Please note that in certain circumstances, we may be unable to disclose specific personal data in response to your request where doing so would infringe on the rights of others, compromise ongoing investigations, or conflict with legal or regulatory obligations applicable to our business. 

You also have the right to complain to your local data protection authority if you are concerned with how we process your information.

Further information and advice about your rights can be obtained from your local data protection authority.

We have also designated a lead data protection authority, the Office of the Information and Data Protection Commissioner (“IDPC”) in Malta, which you can also contact for further information:  For Individuals – IDPC.

You have, under certain circumstances, the right to exercise the following rights:Be informedAccessRectificationErasureRestrict / ObjectWithdrawal of consentData Portability

We will respond to any of your requests relevant to this Section within one (1) month from their receipt. Upon prior notice, this period may be extended by a further two (2) months if necessary, taking into account the complexity of the request and the number of any other pending requests. In case of rejection of your request, we will provide relevant justification.

Restrictions on data subject’s rights: 

In certain circumstances, your rights as a data subject under GDPR, particularly your right to access personal data and the right to request the erasure of data, may be restricted or limited. Such restrictions may be necessary and proportionate for reasons such as ensuring compliance with legal obligations or to protect the rights and freedoms of others.

We will ensure that any restrictions on your rights are clearly justified.

12 AUTOMATED DECISIONS MAKING

We may use automated processes, including profiling, to support certain decisions relating to your account. This means that some decisions may be made using software algorithms without human involvement. However, we ensure that any such processing is done in accordance with applicable data protection law and is subject to appropriate safeguards.

Your rights:

You have the right not to be subject to a decision based solely on automated processing, including profiling, if it produces legal effects concerning you or similarly significantly affects you. Where such decisions are made, you have the right to request human intervention, to express your point of view, and to contest the decision.

We may use automated decision-making in the following circumstances:

Detecting Fraud:

Your personal data is used to identify and prevent potential fraud or money laundering activities. This includes analysing patterns in your transactions, login activity, or account usage. If a risk is detected, actions such as temporarily blocking or suspending the account may be taken automatically. These measures are in place to protect you and the integrity of our services.

Opening an Account:

When you create an account, we may automatically verify whether you meet the necessary criteria (e.g. age, residency, nationality, or financial status) based on the information you provide. These checks help us comply with our legal obligations and ensure the product is suitable for you.

Use of AI technology:

We may use AI technology as part of our processing activities to support some of our decision-making processes. These tools help us improve efficiency and enhance user experience. However, decisions that could significantly affect you will not be made solely by AI unless required or permitted by law, and appropriate safeguards will always be in place.

Player Safety:

We may use AI technology such as our PS-EDS tool to detect potentially problematic gambling behaviour   Such behaviour may include (a non-exhaustive list): logging in at unusual hours; betting more than usual; and making unsuccessful deposits. If such behaviour is detected, this is notified to our Player Safety Team who may conduct a review of your account to determine any risk level and implement appropriate harm reduction measures.  Such measures may include monitoring to ensure continued sustainable behaviour, system prompts and direct messages, along with other emails or calls promoting responsible gambling and use of non-mandatory control tools, as well as actions to minimize potential harm including e.g., placing a reasonable financial limit on an account up to blocking of account in accordance with legal requirements and in the interest of consumer protection.

13 SECURITY OF YOUR DATA AND CONFIDENTIALITY

We are committed to protecting the personal data you entrust to us. We take all reasonable steps to ensure that all information collected through our website is treated securely and in line with this Privacy Notice and strict data protection standards. Accordingly, we have adopted robust procedures and technologies to protect your data from unauthorised access and improper use.

After logging in all information sent to and from the |Website is encrypted using 128-bit Secure Socket Layer (SSL) technology. The SSL certificate used is issued and verified by Trustwave.

Your credit card details are encrypted and sent only once over the internet to us. It is then stored encrypted in our secure systems. We are dedicated to protecting our customers’ confidential information and, as part of doing so, we are certified towards the Payment Card Industries Data Security Standard.

The security of our systems and applications are tested several times per year by third-party security experts. Furthermore, we have an Intrusion Detection System that monitors all network traffic 24/7 for signs of attacks or intrusions.

We have a dedicated fraud department and advanced systems in place to detect and prevent suspicious activity, to ensure that our websites remain a secure playing-field. Any account involved in suspicious activity will be suspended and investigated to the fullest extent. Should you as user have any doubts about the activity on your account, such as unrecognized transactions in the transaction history or surprising changes in the balance, please contact us immediately.

14 COMPLAINTS

If you are not satisfied with our handling of your personal data  or believe we are not processing your personal data in accordance with the law you can complaint to our lead data protection authority, the Office of the Information and Data Protection Commissioner (IDPC) (For Individuals IDPC), or your local data protection authority.

15 GLOSSARY OF ABBREVIATIONS