At Win Big Casinos, we are committed to the ethical and lawful handling of your personal data. This Privacy Policy explains how we collect, use, disclose, store, and protect your information when you use our website, in compliance with data protection laws such as the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the General Data Protection Regulation (GDPR) (where applicable), the Privacy and Electronic Communications Regulations (PECR), the California Consumer Privacy Act (CCPA), and other relevant frameworks.
This policy reflects our commitment to transparency, data minimisation, and responsible digital practices, with additional guidance for visitors and residents in the United Kingdom.
This Privacy Policy applies to all users who access or interact with WinBig Casinos (“the Site”) via:
● Website browsing, forms, or newsletter sign-ups
● Interactions via email, mobile devices, or third-party integrations
● Clicks on affiliate links or outbound tracking
● Access from any jurisdiction, subject to local data laws
UK users should be aware that affiliate links may direct them to online casinos or betting platforms that are not licensed by the UK Gambling Commission (UKGC). These sites may operate under offshore licences, which offer different levels of consumer protection than those required under UK law. We advise UK players to check a gambling site’s licence status on the UKGC public register before engaging.
We collect both personal and non-personal information to maintain site functionality, monitor engagement, and ensure compliance.
a) Information You Voluntarily Provide
● Email addresses (e.g., for newsletter subscription, inquiries)
● Display names (if commenting features are enabled)
● Messages submitted via contact forms or email
b) Information Collected Automatically
● IP address and browser fingerprint
● Device type, OS, and screen resolution
● Geographic region (country-level accuracy)
● Pages visited, clickstream data, scroll activity, time on site
● Referring websites and outbound link activity
For users in the UK, location data may be used to determine whether certain features or promotions are accessible in compliance with UKGC regulations.
Data is processed for the following lawful and operational purposes:
● To optimize website performance, layout, and content delivery
● To respond to your questions or requests
● To analyze engagement and traffic trends using aggregated data
● To prevent misuse of services (e.g., spam, scraping)
● To comply with applicable laws and regulatory frameworks
Data may also be used to ensure compliance with the UK’s Gambling (Licensing and Advertising) Act 2014, which restricts marketing of gambling services to UK residents unless operators are UKGC-licensed.
Under GDPR and UK GDPR, we rely on:
● Consent: For optional services like email subscriptions and non-essential cookies
● Legitimate Interests: For fraud detection, analytics, and improving user experience
● Legal Obligation: For compliance with EU, UK, and international legal requirements
UK users may withdraw consent at any time without affecting past processing.
Cookies are used to improve performance, customize experiences, and gather analytics data.
Types of Cookies Used:
● Essential Cookies: Required for core functionality
● Functional Cookies: Remember user preferences (e.g., language)
● Analytics Cookies: Track engagement via Google Analytics, Hotjar, and similar tools
● Affiliate Cookies: Track link clicks and conversions via third-party networks
We comply with UK PECR by obtaining explicit consent for non-essential cookies through a banner on first visit. Users can adjust settings at any time.
We do not sell or rent your personal data. However, we may share anonymized or pseudonymized data with:
● Analytics providers (Google, Microsoft Clarity)
● Affiliate partners (e.g., casinos we link to)
● Cloud hosting and security providers
● Regulators, if required by law
If you click an affiliate link leading to a gambling site that is not UKGC-licensed, your data will be processed under that third party’s jurisdiction. We recommend reviewing their privacy policy before proceeding.
Your data may be processed on servers located outside your jurisdiction, including in:
● The European Union (EEA)
● The United Kingdom
● The United States (via compliant platforms)
When data leaves your country, we ensure legal protections such as:
● Standard Contractual Clauses (SCCs)
● Hosting providers with ISO 27001, SOC 2, or similar certifications
● Restricted data access and role-based permissions
Data transferred outside the UK is subject to the UK’s international data transfer rules.
We store personal data only as long as necessary:
● Support inquiries: up to 5 years
● Analytics data: 26 months (default in Google Analytics)
● Newsletter emails: until unsubscribed or upon deletion request
● Affiliate tracking logs: maximum of 180 days (click metadata only)
We apply industry-standard security protocols:
● HTTPS encryption (SSL/TLS)
● Firewall-protected cloud infrastructure
● Limited access based on staff roles
● Routine software and plugin updates
● Monitoring for suspicious activity or brute-force attempts
In the event of a personal data breach affecting UK residents, we will notify the Information Commissioner’s Office (ICO) within 72 hours as required by UK GDPR.
You may exercise the following rights, subject to jurisdiction:
● Right to access
● Right to rectification
● Right to erasure (“right to be forgotten”)
● Right to restrict processing
● Right to object
● Right to data portability
● Right to withdraw consent at any time
● Right to file a complaint with a data protection authority
In the UK, the relevant regulator is the Information Commissioner’s Office (ICO). Website: https://ico.org.uk
This site is not intended for individuals under 18 years of age (or the applicable age of majority in your location).
Under UK gambling advertising rules, all marketing must be restricted to audiences aged 18+, and age verification steps may apply before certain content is shown.
This Privacy Policy is reviewed periodically. Updates will be reflected with a revised “Last Updated” date.
For questions, concerns, or data access requests, contact:
Email: info@winbigcasinos.org
WinBig is committed to protecting your data with care. This policy reflects our belief that responsible data practices build user trust and ensure long-term digital integrity.