PRIVACY POLICY

Last updated: 14 OCTOBER 2025

POLICY STATEMENT

At Digital Forge LTD (‘we’, ‘us’, or ‘our’), we take your privacy seriously.

This document explains how and why we access, collect, store, use, and share (‘process’) your personal information whenever you use our services, including when you:

Visit our website at https://trustedonlinecasinouk.com, or any other site we operate that links to this privacy notice
Use our platform to access independent reviews, rankings, and informational resources concerning UK-licensed online casinos and related gambling services offered by licensed third-party operators
Interact with us in other ways, including customer support, marketing, or events

The provisions of this Policy are governed by the United Kingdom’s data protection and privacy laws, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR).

This Policy also reflects the requirements of the UK Gambling Commission’s Licence Conditions and Codes of Practice (LCCP), the Advertising Standards Authority (ASA) and Committee of Advertising Practice (CAP) Codes, the Competition and Markets Authority (CMA) guidance on online endorsements, and the advertising and data collection requirements imposed by Google Ads, Microsoft Advertising, and other applicable third-party platforms under their respective advertising and data usage policies.

We are committed to the lawful and fair processing of personal data, ensuring transparency, data minimisation, purpose limitation, and appropriate technical and organisational safeguards.

If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, contact us.

All questions, requests, or complaints regarding this Policy must be submitted in writing by email to support@trustedonlinecasinouk.com or by post to Digital Forge LTD, 12 Agiou Therapontos, Morfeas Complex, Flat 2, Paphos, 8036, Cyprus.

The Services are intended solely for individuals aged 18 years or over who are resident in the United Kingdom.

Persons under 18, or residents outside the UK, are not permitted to use or register for the Services.

By using the Platform, you agree to this Privacy Policy, our Terms of Service, and our Cookies Policy, and you acknowledge that you have read and understood these terms and expressly consent to the collection, use, storage, and disclosure of your personal information in accordance with them.

INFORMATION WE COLLECT AND STORE
USE AND PURPOSE OF YOUR INFORMATION
DISCLOSURE OF COLLECTED INFORMATION
USE OF COOKIES AND TRACKING TOOLS
RETENTION PERIOD FOR INFORMATION
INFORMATION SECURITY MEASURES
COLLECTION OF DATA FROM MINORS
YOUR DATA RIGHTS AND CHOICES
DO-NOT-TRACK SETTINGS AND CONTROLS
CHANGES TO THIS PRIVACY POLICY
ACCESS, UPDATE OR DELETE DATA
CONTACT INFORMATION AND ENQUIRIES

1. INFORMATION WE COLLECT AND STORE

We collect and process personal data directly from you and automatically when you interact with our Services.

The categories of information we collect are necessary for the lawful provision of our services, security, and compliance with UK regulatory requirements.

You are responsible for ensuring that the personal data you provide is accurate, complete, and up to date, and you must notify us of any changes.

1.1 Personal information you disclose to us

You voluntarily provide personal data when you register on the Services, express an interest in our offerings, participate in related activities, or contact us directly.

(a) Personal Information Provided by You

The personal data we collect depends on your interactions with us and the Services.

It may include the following:

names
email addresses
usernames
passwords
contact or authentication data
phone numbers
mailing addresses
contact preferences
billing addresses
date of birth
country of residence and confirmation that you are 18 years of age or older

(b) Special Category Data

We do not collect or process special category (sensitive) personal data such as details about race, religion, political opinions, trade union membership, genetics, biometrics, health, or sexual orientation.

We also do not process data relating to criminal convictions or offences.

The use of such data for advertising or profiling is expressly prohibited.

(c) Payment Data

The Platform does not process gambling transactions or customer payments.

However, if you make any purchases from us (for example, optional marketing or membership features, if introduced), payment data such as card number and security code may be collected and transmitted securely to licensed payment processors.

Full payment credentials are not stored on our servers. All transfers are encrypted using secure protocols compliant with PCI-DSS standards.

1.2 Information automatically collected

We automatically collect certain technical and behavioural data when you visit or use the Services.

This information does not identify you directly but may include device, location, and usage data.

(a) Log and Usage Data

We collect service-related, diagnostic, and usage data, including IP addresses, browser types, device identifiers, session duration, and pages viewed.

This is used to maintain the performance and security of the Services and for legitimate analytical purposes.

(b) Device Data

We collect information about your device, including model, operating system, browser type, Internet service provider, and general system configuration.

This helps ensure compatibility and secure operation.

(c) Location Data

We may process approximate location information derived from your IP address to ensure compliance with UK licensing and jurisdictional restrictions.

You may disable location tracking by adjusting your browser or device settings.

1.3 Google API

We use Google’s reCAPTCHA service to protect our contact and submission forms from spam and abuse.

reCAPTCHA may collect certain personal data, including IP address and device characteristics, to verify whether an interaction is made by a human user.

This processing is subject to Google’s Privacy Policy and the Google API Services User Data Policy (Limited Use).

Consent will be requested through our consent interface before enabling any non-essential Google services.

2. USE AND PURPOSE OF YOUR INFORMATION

We process personal data only where lawful under the UK GDPR and the Data Protection Act 2018. The lawful bases for our processing include consent, contractual necessity, legal obligation, legitimate interests, and compliance with regulatory duties.

We use your personal data for the following purposes:

To facilitate account creation and authentication and to manage user accounts.
To deliver and maintain the Services, including content, reviews, and affiliate redirection to licensed third-party gambling operators.
To communicate administrative updates, policy changes, and service notices.
To ensure lawful operation, compliance with gambling advertising restrictions, and age verification.
To respond to user inquiries, provide support, and resolve complaints.
To protect the integrity and security of the Services, including fraud prevention, bot detection, and abuse monitoring.
To perform data analytics and improve functionality, content accuracy, and user experience.
To conduct marketing and remarketing activities, subject to valid consent under PECR and CAP Code guidance.
To comply with legal and regulatory obligations, including Gambling Commission and ICO requirements, or to exercise or defend legal claims.

All processing of personal data is limited to what is necessary, proportionate, and compatible with the stated purposes.

Data is not used for any purpose incompatible with the original purpose of collection without a new lawful basis or valid consent.

3. DISCLOSURE OF COLLECTED INFORMATION

We may disclose personal data to trusted third parties where required for lawful operation, compliance, or where you have provided explicit consent.

Disclosure may occur to the following categories of recipients:

(a) identity verification and age-check service providers engaged to ensure compliance with gambling advertising restrictions;
(b) licensed payment processors or billing partners, where applicable;
(c) infrastructure, hosting, and content delivery providers;
(d) analytics and advertising vendors (e.g., Google, Microsoft) for campaign attribution, remarketing, and measurement, subject to consent and opt-out rights;
(e) regulators, law enforcement, or government agencies where disclosure is required by law or court order;
(f) auditors, legal advisors, or compliance professionals assisting in investigations or regulatory inquiries;
(g) entities involved in any merger, acquisition, financing, or asset transfer, limited to what is necessary for due diligence and continuity.

All third-party processors are subject to contractual obligations to maintain confidentiality, implement security safeguards, and act solely under our written instructions.

We do not sell or rent personal data to third parties.

Any data sharing for marketing purposes occurs strictly on an opt-in basis under PECR.

International transfers.
Personal data may be transferred outside the United Kingdom (for example, to cloud or analytics providers based in the EEA or United States).

Where transfers occur, we ensure appropriate safeguards such as the UK International Data Transfer Addendum to the EU Standard Contractual Clauses.

All transfers are compliant with Chapter V of the UK GDPR.

4. USE OF COOKIES AND TRACKING TOOLS

The Website uses cookies and equivalent tracking technologies to enable secure operation, optimise performance, measure audience engagement, and support compliant advertising activities.

Cookies are small data files stored on your device to remember preferences and improve user experience.

Cookies are categorised as strictly necessary, performance, analytics, or marketing.

To provide the Services effectively, we use:

session cookies, stored temporarily during your visit and deleted when you close your browser; and
persistent cookies, stored for a fixed duration to remember preferences, consent, and analytics data.

Non-essential cookies and tracking technologies are deployed in accordance with the UK GDPR and PECR, guided by the Information Commissioner’s Office (ICO) and advertising requirements under the CAP Code.

We operate an IAB TCF v2.2-compliant Consent Management Platform (CMP) that implements Google Consent Mode v2.

No non-essential cookies are placed until you grant explicit consent via our cookie banner.

You may withdraw consent at any time using the “Manage cookies” control on the Website.

We permit trusted third parties to use online tracking technologies for lawful purposes such as analytics, advertising, and conversion measurement.

We prohibit the use of sensitive personal data for targeting or profiling users in relation to gambling services.

The following technologies are used on the Website:

Tool	Purpose	Privacy Policy Link
Google Analytics	Visitor behaviour analysis, session statistics	https://policies.google.com/privacy
Microsoft UET	Microsoft Ads tracking and campaign effectiveness	https://privacy.microsoft.com/privacystatement
Microsoft Clarity	Heatmaps, session recordings, user interface diagnostics	https://clarity.microsoft.com/terms
Affiliate Tracking	Attribution of referred users and affiliate payment validation	As per affiliate network policy
CookieYes CMP	Consent capture and enforcement under Google Consent Mode	https://www.cookieyes.com/privacy-policy/

You can control cookies by:

responding to the consent prompt displayed on first access;
adjusting browser settings to block or delete cookies; or
using opt-out tools provided by advertising vendors.

Refusing non-essential cookies will not limit your access to the Website, but certain personalised or analytical features may be unavailable.

For more detail, see our Cookies Policy.

5. RETENTION PERIOD FOR INFORMATION

We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, or to comply with legal, accounting, and regulatory obligations.

Retention periods are determined based on:

(a) operational necessity, including account management and affiliate reconciliation;
(b) statutory retention under tax and corporate law;
(c) compliance with Gambling Commission and ICO requirements;
(d) limitation periods under English law relevant to legal claims; and
(e) legitimate interests in maintaining audit and security records.

Personal data will be securely deleted or anonymised once no longer needed.

Backup data may remain in encrypted form for limited durations for disaster recovery and continuity.

Access to archived data is restricted and logged.

6. INFORMATION SECURITY MEASURES

We maintain technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction, in accordance with Article 32 of the UK GDPR.

Our security measures include:

TLS encryption for data in transit;
secure, firewall-protected hosting environments;
multi-factor authentication for administrative systems;
periodic penetration testing and vulnerability scanning;
role-based access control and least privilege policies;
regular monitoring for intrusion or misuse.

Although we employ robust security controls, no transmission or storage system is completely secure.

Transmission of data is at your own risk. Users are responsible for protecting their credentials and devices.

In the event of a personal data breach likely to result in a risk to individuals’ rights and freedoms, we will notify the ICO and affected individuals in accordance with Articles 33 and 34 of the UK GDPR.

We also maintain detailed internal records of security incidents.

7. COLLECTION OF DATA FROM MINORS

We do not knowingly collect or process data relating to individuals under the age of 18. Access to the Website and Services is restricted to UK residents aged 18 years or older.

This restriction is essential to compliance with the Gambling Act 2005, the CAP Code (Section 16), and the Gambling Commission’s LCCP.

If we learn that personal data has been collected from an underage individual, we will:

(a) suspend or terminate the user account;
(b) delete or anonymise the personal data, subject to legal retention requirements; and
(c) where necessary, notify the relevant authorities.

If you believe a person under 18 has submitted personal data to us, please contact support@trustedonlinecasinouk.com immediately.

8. YOUR DATA RIGHTS AND CHOICES

You have specific rights under the UK GDPR and the Data Protection Act 2018 concerning your personal data.

These rights are designed to give you transparency, control, and accountability over how your information is collected, used, and shared.

You are entitled to understand what data we hold about you, why we process it, and to exercise choices regarding access, correction, deletion, and restriction of that data.

We are legally required to respect and facilitate the exercise of these rights and to ensure that any requests are handled promptly, fairly, and in accordance with applicable UK data protection law.

8.1 Your Privacy Rights

Subject to verification, you may exercise the following rights:

(a) Right of Access – to obtain a copy of the personal data we hold about you.
(b) Right to Rectification – to correct inaccurate or incomplete data.
(c) Right to Erasure – to request deletion of data where no lawful reason for retention applies.
(d) Right to Restrict Processing – to limit processing under certain conditions.
(e) Right to Data Portability – to receive your data in a machine-readable format and transfer it to another controller, where technically feasible.
(f) Right to Object – to object to processing based on legitimate interests, or to direct marketing.
(g) Right to Withdraw Consent – to withdraw consent for non-essential processing, such as marketing or analytics.

8.2 How to Exercise Your Rights

You may exercise these rights by contacting us at support@trustedonlinecasinouk.com or via your account settings (where available).

We may require identity verification before fulfilling a request.

8.3 Our Response to Your Request

We will respond within one month of receiving a valid request.

This period may be extended by up to two additional months for complex or multiple requests, in line with Article 12(3) of the UK GDPR.

We may refuse or limit responses where:

the request is manifestly unfounded, excessive, or repetitive;
disclosure would prejudice others’ rights or breach a legal obligation; or
data must be retained for compliance, fraud prevention, or legal defence.

If you are dissatisfied with our handling of your request, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk or by telephone on 0303 123 1113.

9. DO-NOT-TRACK SETTINGS AND CONTROLS

Some browsers or mobile devices allow users to send a “Do Not Track” (DNT) signal.

Because no uniform UK or international standard currently governs DNT, our Services do not respond to such signals.

You can still manage your data preferences by:

adjusting cookie and consent settings on our Website;
managing browser privacy settings; or
using advertising opt-out tools provided by Google and Microsoft.

Refusal of tracking cookies will not prevent access to the Website, though certain features may not operate as intended.

10. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal obligations.

The revised version will be indicated by the “Last updated” date at the top.

Where material changes occur, we may notify you by email or by a prominent on-site notice.

You are encouraged to review this Privacy Policy regularly to remain informed of how we protect your personal data.

11. ACCESS, UPDATE OR DELETE DATA

You have the right to request access to, correction of, or deletion of personal data we hold about you.

All such requests must be submitted in writing to support@trustedonlinecasinouk.com.

We may verify your identity before processing your request and will respond within the timeframes prescribed under the UK GDPR.

Data deletion requests are subject to lawful retention obligations, including recordkeeping and dispute resolution requirements.

12. CONTACT INFORMATION AND ENQUIRIES

For questions, comments, or privacy-related inquiries, complaints, or data access requests regarding this notice, users must clearly reference TrustedOnlineCasinoUK.com to ensure proper handling and direct their submission in writing to:

Postal Address

Digital Forge LTD
12 Agiou Therapontos, Morfeas Complex, Flat 2
Paphos, 8036
Cyprus

Email Address

support@trustedonlinecasinouk.com

All submissions must include:

(a) your full legal name and contact details;
(b) a clear statement that the enquiry relates to TrustedOnlineCasinoUK.com;
(c) a description of the issue or request; and
(d) any relevant supporting documentation.

We may require verification of identity before responding.

Valid requests will be processed in accordance with the UK GDPR and the Data Protection Act 2018. We aim to respond within one month, extendable for complex cases.

We may decline to act on a request where:

(a) compliance would breach a legal obligation or court order;
(b) the request is manifestly unfounded or excessive;
(c) processing is necessary for fraud prevention, dispute resolution, or compliance; or
(d) data must be retained for lawful business continuity.

Trusted Online Casino UK remains committed to handling all personal data fairly, transparently, and in full compliance with UK data protection law.

Gambling involves risk. Play responsibly.

If gambling is negatively affecting you or someone you know, confidential help and advice are available at gambleaware.org, or you can call the National Gambling Helpline on 0808 8020 133.