Privacy Policy

Velobet Online Casino — Privacy Policy for United Kingdom Users

Effective Date and Introduction

This Privacy Policy governs the collection, processing, storage, sharing, and protection of personal data by Velobet, an online casino and iGaming platform accessible to users in the United Kingdom. By accessing or using the Velobet platform, registering an account, making a deposit, participating in any game or promotional activity, or otherwise interacting with our services, you acknowledge that you have read, understood, and agreed to the terms set out in this Privacy Policy. Velobet is committed to handling your personal data responsibly, transparently, and in accordance with applicable data protection legislation, including the UK General Data Protection Regulation as retained in domestic law under the European Union (Withdrawal) Act 2018, the Data Protection Act 2018, and all relevant guidance issued by the Information Commissioner’s Office. This policy applies to all users located in the United Kingdom and supplements any additional terms and conditions, responsible gambling policies, or bonus terms that may be applicable to your use of the platform.

About Velobet and Regulatory Framework

Velobet operates as an online casino and iGaming services provider offering a range of products including slot games, live dealer games, table games, and other digital gaming experiences. Velobet holds a gaming licence issued under the jurisdiction of Curacao, and all operations are conducted in compliance with the conditions and obligations attached to that licence. Velobet utilises 256-bit SSL encryption technology to secure all payment processing pages and login interfaces, ensuring that sensitive financial and personal information transmitted between users and the platform is protected against unauthorised interception or access. All games available on the Velobet platform are powered by Random Number Generator systems supplied by certified third-party game providers whose RNG outputs are independently audited to ensure fairness, randomness, and compliance with industry standards. Notwithstanding the Curacao licensing framework, Velobet acknowledges its obligations under applicable UK data protection law with respect to the personal data of UK-based users and processes such data accordingly.

Data Controller Information

Velobet acts as the data controller in respect of personal data collected from users accessing the platform from the United Kingdom. As the data controller, Velobet determines the purposes and means by which personal data is processed. Users who have questions, concerns, or requests relating to the processing of their personal data may contact Velobet’s designated data protection contact through the official support channels listed on the platform’s website. Velobet is committed to responding to all legitimate data subject requests within the timeframes required under applicable UK data protection legislation.

Categories of Personal Data Collected

Velobet collects a range of personal data from users in the course of providing its iGaming services. The categories of personal data collected include, but are not limited to, the following:

• Registration and account data, including full legal name, date of birth, residential address, email address, telephone number, and username selected at the time of account creation.
• Identity verification data collected as part of Know Your Customer procedures, including copies of government-issued photographic identification documents such as passports or driving licences, proof of address documentation such as utility bills or bank statements, and any additional documentation required to verify the source of funds or source of wealth.
• Payment and financial data, including bank account details, credit or debit card information, e-wallet account identifiers, transaction histories, deposit and withdrawal records, and any other financial information necessary to process payments or conduct Anti-Money Laundering checks.
• Technical and usage data, including IP addresses, device identifiers, browser type and version, operating system information, session duration, pages visited, game activity logs, clickstream data, and other technical metadata generated during a user’s interaction with the platform.
• Communication data, including records of correspondence between the user and Velobet’s customer support team, feedback submitted through the platform, and any complaints or dispute records.
• Marketing preference data, including records of user consent to receive promotional communications and any opt-out requests made by users.
• Responsible gambling data, including any self-exclusion requests, deposit limits, session limits, reality check preferences, or other responsible gambling tools activated by the user.

Legal Basis for Processing Personal Data

Velobet processes personal data on the basis of one or more of the following lawful grounds as defined under the UK GDPR and the Data Protection Act 2018:

• Contractual necessity, where processing is required to perform the contract between Velobet and the user, including account management, game provision, payment processing, and customer support.
• Legal obligation, where processing is required to comply with applicable legal requirements, including Anti-Money Laundering regulations, Know Your Customer obligations, responsible gambling duties, and obligations arising from regulatory investigations or law enforcement requests.
• Legitimate interests, where Velobet has a legitimate business interest in processing personal data for purposes such as fraud prevention, platform security, improving user experience, and conducting internal analytics, provided that such interests are not overridden by the rights and freedoms of the individual user.
• Consent, where Velobet relies on the user’s freely given, specific, informed, and unambiguous consent to process personal data for purposes such as sending direct marketing communications or placing non-essential cookies on the user’s device.

Purposes of Data Processing

Velobet processes the personal data it collects for the following purposes:

• Account creation, verification, and ongoing management, including authentication of user identity and administration of account settings.
• Processing deposits, withdrawals, and other financial transactions in a secure and efficient manner.
• Conducting Know Your Customer verification procedures to confirm the identity and eligibility of users prior to and during the course of their use of the platform.
• Performing Anti-Money Laundering checks and ongoing transaction monitoring in compliance with the Proceeds of Crime Act 2002, the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017, and all related guidance applicable to iGaming operators serving UK users.
• Detecting, investigating, and preventing fraudulent activity, unauthorised account access, bonus abuse, and other forms of platform misuse.
• Providing customer support and resolving disputes, complaints, or technical issues raised by users.
• Sending marketing communications, promotional offers, and personalised content to users who have provided their consent to receive such communications, and managing marketing preferences and opt-out requests.
• Complying with responsible gambling obligations, including monitoring user behaviour for indicators of problem gambling, facilitating self-exclusion requests, and cooperating with national self-exclusion schemes where applicable.
• Improving the functionality, performance, and security of the Velobet platform through internal analytics, testing, and research activities.
• Complying with requests from regulatory authorities, law enforcement agencies, courts, or other competent bodies where disclosure is required by law.

Data Sharing and Third-Party Disclosure

Velobet does not sell personal data to third parties for commercial purposes. However, Velobet may share personal data with selected third parties in the following circumstances:

• Payment service providers and financial institutions engaged to process deposits, withdrawals, and other financial transactions on behalf of Velobet.
• Identity verification and KYC service providers engaged to assist Velobet in fulfilling its obligations to verify user identities and conduct due diligence checks.
• Anti-fraud and risk management technology providers engaged to assist in detecting and preventing fraudulent activity on the platform.
• Game software providers and platform technology suppliers who require access to certain user data in order to deliver gaming services, subject to appropriate data processing agreements.
• Regulatory authorities, including gambling licensing bodies, financial intelligence units, and law enforcement agencies, where disclosure is required by applicable law or regulatory obligation.
• Professional advisers, including legal counsel, auditors, and compliance consultants, where disclosure is necessary for the conduct of legal proceedings or regulatory reviews.
• Third-party analytics and marketing technology providers engaged to assist in measuring platform performance and delivering targeted promotional communications, subject to user consent where required.

All third parties with whom Velobet shares personal data are required to process such data in accordance with applicable data protection law and are bound by contractual obligations requiring them to implement appropriate technical and organisational security measures.

International Data Transfers

In certain circumstances, the personal data of UK users may be transferred to, or processed in, countries outside the United Kingdom. Where such transfers occur, Velobet takes appropriate steps to ensure that adequate levels of data protection are maintained, including the use of standard contractual clauses approved by the Information Commissioner’s Office, adequacy decisions, or other lawful transfer mechanisms recognised under UK data protection law.

Data Retention

Velobet retains personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable legal, regulatory, or contractual obligations. In particular, financial transaction records, KYC documentation, and AML-related data are retained for a minimum period of five years following the end of the business relationship, in accordance with the requirements of the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017. Following the expiry of the applicable retention period, personal data is securely deleted or anonymised in accordance with Velobet’s internal data retention procedures.

User Rights Under UK Data Protection Law

Users located in the United Kingdom have the following rights in respect of their personal data under the UK GDPR and the Data Protection Act 2018:

• The right to access personal data held by Velobet, including the right to request a copy of such data through a subject access request.
• The right to rectification of inaccurate or incomplete personal data without undue delay.
• The right to erasure of personal data, also known as the right to be forgotten, where the data is no longer necessary for the purposes for which it was collected, or where the user withdraws consent and no other lawful basis for processing applies.
• The right to restrict the processing of personal data in certain circumstances, such as where the accuracy of the data is contested or where the user objects to processing.
• The right to data portability, allowing users to receive their personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
• The right to object to the processing of personal data for direct marketing purposes or where processing is based on legitimate interests.
• The right to withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing carried out prior to withdrawal.
• The right to lodge a complaint with the Information Commissioner’s Office where a user believes that their personal data has been processed in violation of applicable data protection law.

Users wishing to exercise any of the above rights should submit a written request to Velobet’s designated data protection contact through the official support channels available on the platform. Velobet will respond to all verified requests within one calendar month of receipt, subject to any extensions permitted under applicable law.

Cookie Policy

Velobet uses cookies and similar tracking technologies on its platform to enhance user experience, maintain platform functionality, and gather analytical insights. Cookies are small text files stored on a user’s device when they visit the Velobet website or access the platform. The following categories of cookies are used by Velobet:

• Essential cookies, which are strictly necessary for the operation of the platform, including session management cookies that maintain a user’s logged-in status, security cookies that support fraud prevention measures, and cookies that remember user preferences such as language settings. These cookies cannot be disabled without impairing the functionality of the platform.
• Analytical cookies, which are used to collect aggregated information about how users interact with the Velobet platform, including pages visited, session durations, error messages encountered, and navigation paths. This information is used to improve platform performance, identify technical issues, and optimise the user experience. Analytical cookies are only placed on a user’s device where the user has provided prior consent.
• Marketing and targeting cookies, which may be used to deliver personalised promotional content and track the effectiveness of marketing campaigns, subject to the user’s prior consent. Users may withdraw consent to non-essential cookies at any time through the cookie preference centre available on the platform.

Security Measures

Velobet implements a range of technical and organisational security measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. These measures include 256-bit SSL encryption for all payment and login pages, firewalls, intrusion detection systems, access controls, regular security audits, and staff training on data protection obligations. Notwithstanding these measures, no data transmission over the internet can be guaranteed to be entirely secure, and users are encouraged to take appropriate steps to protect their own account credentials and personal information.

Responsible Gambling and Data Processing

Velobet recognises that responsible gambling obligations require the collection and processing of certain personal data relating to user gambling behaviour. Data processed for responsible gambling purposes may include information about deposit patterns, session frequency, self-exclusion requests, and interactions with responsible gambling tools. This data is processed on the basis of legal obligation and legitimate interests and is used solely for the purpose of fulfilling Velobet’s duty of care to its users. Velobet cooperates with national self-exclusion schemes and third-party responsible gambling organisations where required, and may share relevant data with such organisations to the extent necessary to give effect to a user’s self-exclusion or exclusion request.

Changes to This Privacy Policy

Velobet reserves the right to amend or update this Privacy Policy at any time in order to reflect changes in applicable law, regulatory requirements, or the nature of its data processing activities. Users will be notified of material changes to this policy through a notice posted on the Velobet platform or by direct communication where appropriate. Continued use of the platform following the publication of an updated Privacy Policy constitutes acceptance of the revised terms. Users are encouraged to review this Privacy Policy periodically to remain informed of how their personal data is being processed.

Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the United Kingdom. Any disputes arising in connection with this Privacy Policy shall be subject to the jurisdiction of the courts of the United Kingdom, without prejudice to any rights users may have to bring a complaint before the Information Commissioner’s Office or any other competent supervisory authority.