Ice Casino Privacy Policy
This document explains the collection, processing, protection, disclosure, and deletion of personal data for users in Ireland. The policy sets out how information is handled across the online services and websites of Ice Casino. Use of certain data relies on user consent; other processing may rely on contract, legal obligation, or legitimate interests. The policy applies to account holders and visitors of Ice Casino.
Privacy and Data Protection
- Data controller: The operator of the online services acts as the data controller for users in Ireland. Contact can be made via the Help Centre or Privacy request channel on the site.
- What personal data is collected
- Identification and contact details: name, date of birth, address, email, phone.
- Account and verification data: username, identity documents, proof of address, age and identity checks.
- Transaction data: deposits, withdrawals, bets, wins/losses, payment method details (tokenised where possible).
- Technical data: IP address, device identifiers, browser type, operating system, cookies, usage logs.
- Behavioural and preference data: responsible gambling settings, self-exclusion status, communication preferences.
- Compliance data: records required under anti-money laundering and safer gambling laws.
- Why data is collected
- To provide and operate the services and manage the user account.
- To process payments, prevent fraud, and conduct security checks.
- To meet legal and regulatory duties in Ireland and the EU (e.g., AML/KYC, age verification, safer gambling, tax and reporting).
- To support customer service, dispute resolution, and service improvement.
- For marketing and analytics where consent or another lawful basis applies.
- Technical and organisational measures
- Encryption in transit (TLS) and at rest for sensitive data.
- Strict access controls, role-based permissions, and multi-factor authentication for staff.
- Network monitoring, logging, and intrusion detection.
- Vendor due diligence and contractually required data protection safeguards.
- Staff training, background checks where appropriate, and confidentiality obligations.
- Regular reviews of policies, incident response, and business continuity procedures.
- Retention
- Account data is kept for the life of the account and then for a period necessary for legal obligations and defence of legal claims.
- AML/KYC records are usually retained for up to 5 years after the end of the business relationship or the date of a transaction, in line with Irish and EU law.
- Cookies and analytics data are retained as described in the Cookies section.
- Legal bases for processing
- Contract performance (running the account and services).
- Legal obligation (AML/KYC, tax, safer gambling, age checks).
- Legitimate interests (fraud prevention, network security, service improvement).
- Consent (optional marketing, certain analytics cookies, identity document reuse where offered).
- User rights under GDPR and the Data Protection Act 2018 (Ireland)
- Access personal information.
- Rectify inaccurate user data.
- Erase data where applicable.
- Restrict or object to certain processing.
- Data portability (where technically feasible).
- Withdraw consent at any time, without affecting processing carried out before withdrawal.
- Lodge a complaint with the Data Protection Commission (DPC) in Ireland.
- Compliance
- Processing is carried out in accordance with GDPR, the Data Protection Act 2018 (Ireland), and applicable Irish gambling and AML frameworks.
Use of Collected Information
- Account and service delivery
- Create and manage accounts, verify identity and age, provide games and sportsbook services, and handle support queries.
- Payments and transactions
- Process deposits and withdrawals, prevent chargebacks, and work with payment providers for payment instruction execution.
- Risk, fraud, and security
- Monitor activity to detect fraud, money laundering, bonus abuse, and account compromise; maintain technical security.
- Responsible gambling
- Apply limits, time-outs, and self-exclusion; monitor patterns to support safer gambling obligations.
- Service improvement and analytics
- Analyse aggregated usage information to improve performance, user experience, and reliability.
- Marketing and communications
- Send service messages (e.g., account or security notices).
- Send marketing only where permitted by consent or soft opt-in, always offering unsubscribe options.
- Legal and regulatory compliance
- Meet reporting duties to competent authorities and comply with court orders or lawful requests.
- Automated decision-making and profiling
- Automated checks may assess risk for fraud, AML, or self-exclusion. Human review is available where required by law.
- Transparency
- Processing is lawful, fair, and transparent. Users can request more detail on specific processing activities through the Privacy request channel.
Access to Information
- How to access or update user data
- Use account settings for basic profile updates.
- Submit a privacy request through the Help Centre for access, portability, or restriction requests.
- Correction and deletion procedures
- Incorrect information can be corrected through account tools or by contacting support.
- Erasure requests will be assessed and actioned where no overriding legal obligation requires retention.
- Identity verification
- A request may require proof of identity to protect the security of the account and information.
- Security checks and payments
- By using the services, users consent to security and identity checks and to the processing of payment data by authorised payment providers to execute transactions and prevent fraud.
Protection of Children’s Privacy
- The online services are intended for persons aged 18 and over. Account creation by minors is prohibited.
- The operator cannot verify age in all circumstances without receiving supporting documents for verification.
- If a parent or guardian believes a minor has provided personal data, a request may be made to delete the information and close the account. Such requests will be prioritised and handled in line with legal requirements.
International Data Transfers
- Personal data may be processed in other countries by trusted partners, such as payment processors, identity verification providers, cloud hosting, game suppliers, and support platforms.
- By using the site and services, users acknowledge and consent to international transfers where necessary to deliver the services.
- Safeguards
- Transfers are subject to adequacy decisions where applicable, or to EU Standard Contractual Clauses and equivalent measures.
- Additional technical and organisational protections are applied, and confidentiality obligations bind all partners handling user information.
Legal Disclaimer
- This disclaimer forms part of the Privacy Policy and may affect how certain rules are interpreted or applied in practice.
- The policy takes effect when a user accepts it, including by signing up, accepting updated terms, or continuing to use the services.
- Nothing in this document limits statutory rights under Irish or EU law or excludes liability where such exclusion is not permitted by law.
- If any term is held invalid, the remaining provisions continue to apply.
Use of Cookies
- Definition
- Cookies are small text files stored on a device by websites to remember settings and understand how services are used.
- Purpose
- Statistics and analytics to understand usage and improve performance.
- Behaviour analysis to protect security and prevent fraud.
- Personalisation of content and preferences, including remembering language and settings.
- Retention
- Cookies and similar technologies used for these services are generally retained for up to 1 year, subject to earlier deletion by the user.
- Management
- Preferences can be managed through the cookie banner or browser settings. Essential cookies are required for core functionality.
- Legal basis
- Consent is used for non-essential cookies. Users can withdraw consent at any time via the cookie settings.
Acceptance of Privacy Policy
- Use of the site and services constitutes full acceptance of this Privacy Policy.
- If the policy changes, the most recent version published on the site prevails and applies to ongoing processing, subject to applicable law and user rights.
Third-Party Privacy Practices
- Sharing of personal data
- Personal data may be shared to comply with law, manage disputes, enforce agreements, run the services, and process transactions.
- Typical recipients include payment processors, identity verification and AML service providers, game suppliers, cloud hosting, analytics, customer support platforms, and competent authorities when lawfully required.
- Transparency
- Where third parties are listed on the site, the list indicates purpose and scope of sharing. Where names are not listed, users can request details of the categories and safeguards applied.
- Consent and lawful basis
- Providing data and using the services constitutes consent to necessary sharing for the purposes described, alongside other lawful bases such as contract performance and legal obligations.
- Responsibility
- Third parties have their own privacy practices. Contracts require them to protect information and use it only for agreed purposes.
Links to Other Websites
- The site may contain links to external websites or services that operate under their own privacy policies.
- The operator is not responsible for how those external sites collect, use, or protect personal information.
- Users should review the privacy notices of any external websites before providing personal data or continuing online activity there.
Updated: