Privacy Policy

HeySpin Casino is committed to protecting the personal information of all users who visit our platform. This privacy policy outlines how we collect, use, store, and protect your data when you access our online slot games and casino services. We adhere to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 to ensure your information remains secure and confidential. By using HeySpin Casino, you acknowledge and agree to the practices described in this document.

Information We Collect

When you register and play at HeySpin Casino, we collect various types of information to provide you with a secure and personalised gaming experience. The data we gather falls into several categories, each serving a specific purpose in delivering our services.

Personal identification information includes your full name, date of birth, residential address, email address, and telephone number. This information is required during the registration process to verify your identity and comply with UK gambling regulations. We also collect financial data, such as payment card details, bank account information, and transaction history, to process deposits and withdrawals securely.

Technical information is automatically collected when you access our platform. This includes your IP address, browser type, device information, operating system, and cookies that track your preferences and gaming activity. We gather gameplay data, including game selections, betting patterns, session duration, and win/loss records, to enhance your experience and ensure responsible gambling practices.

Communication records are maintained when you contact our customer support team through email, live chat, or telephone. We also collect verification documents, such as passport copies, utility bills, or driving licences, to satisfy anti-money laundering requirements and age verification obligations under UK law.

How We Use Your Information

The information collected at HeySpin Casino serves multiple purposes, all designed to provide you with a safe, compliant, and enjoyable gaming environment. We use your data responsibly and only for legitimate business purposes.

Account management represents a primary use of your personal information. We process your data to create and maintain your player account, verify your identity, and prevent underage gambling. Your details enable us to authenticate your access to our platform and protect your account from unauthorised use.

Payment processing requires your financial information to handle deposits, process withdrawals, and maintain accurate transaction records. We use this data to prevent fraud, detect suspicious activity, and comply with financial regulations applicable to online gambling operators in the United Kingdom.

Service improvement relies on analysing gameplay data and technical information. We examine how players interact with our slot games and casino offerings to enhance game performance, fix technical issues, and develop new features that match player preferences. This analysis helps us optimise the HeySpin Casino platform for better user experience.

Marketing communications are sent based on your preferences, which you can manage through your account settings. We may use your contact information to inform you about new games, promotional offers, bonuses, and updates to our services, provided you have consented to receive such communications.

Regulatory compliance necessitates the use of your information to fulfil obligations under UK gambling laws. We maintain records to demonstrate compliance with the UK Gambling Commission requirements, assist with regulatory investigations, and implement responsible gambling measures, including self-exclusion programmes and deposit limits.

Data Sharing and Third-Party Access

HeySpin Casino maintains strict controls over who can access your personal information. We only share your data with trusted third parties when necessary to operate our services or comply with legal obligations.

Payment service providers receive the financial information required to process your transactions securely. These companies operate under stringent security standards and data protection agreements that prevent unauthorised use of your details. We work exclusively with reputable payment processors that comply with Payment Card Industry Data Security Standards (PCI DSS).

Identity verification services are used to confirm your age and identity in accordance with UK gambling regulations. These third-party providers access only the information necessary to complete verification checks and are contractually obligated to protect your data and delete it after verification is complete.

Technical service providers, including hosting companies, software developers, and IT security firms, may access certain data to maintain our platform infrastructure. These providers operate under data processing agreements that limit their use of your information strictly to providing services to HeySpin Casino.

Regulatory authorities and law enforcement agencies may request access to your information under specific legal circumstances. We are obligated to cooperate with the UK Gambling Commission, tax authorities, and police investigations when presented with lawful requests for information.

Business transfers could result in your information being transferred if HeySpin Casino undergoes a merger, acquisition, or sale. In such circumstances, the acquiring entity would be required to honour the commitments made in this privacy policy.

| Third-Party Category | Information Shared | Purpose | Data Protection Measure | | Payment Processors | Financial details, transaction data | Process deposits and withdrawals | PCI DSS compliance, encryption | | Verification Services | Identity documents, personal details | Age and identity verification | Contractual data deletion obligations | | Technical Providers | Usage data, technical information | Platform maintenance and security | Data processing agreements | | Regulatory Bodies | Account and transaction records | Legal compliance and investigations | Lawful basis requirements | | Marketing Partners | Contact preferences, anonymised data | Promotional communications | Opt-in consent requirements |

Data Security and Retention

Protecting your information is a fundamental priority at HeySpin Casino. We employ multiple layers of security measures to safeguard your data against unauthorised access, alteration, disclosure, or destruction.

Encryption technology protects all data transmitted between your device and our servers using SSL (Secure Socket Layer) certificates. This ensures that sensitive information, including passwords and financial details, cannot be intercepted during transmission. Our databases are encrypted at rest, providing additional protection for stored information.

Access controls limit which employees and contractors can view your personal information. We implement role-based access systems that grant permissions only to staff members who require specific data to perform their duties. All personnel with access to personal information receive regular training on data protection obligations and confidentiality requirements.

Regular security audits and vulnerability assessments are conducted by independent security experts to identify and address potential weaknesses in our systems. We maintain incident response procedures to handle any data breaches quickly and notify affected users in accordance with UK GDPR requirements.

Data retention periods vary depending on the type of information and legal requirements. Account information and transaction records are retained for at least six years after your account closure to comply with UK anti-money laundering regulations and tax obligations. Marketing communications and preferences are kept until you withdraw consent or close your account.

Gameplay data and technical logs are typically retained for 12 months unless required for longer periods to resolve disputes or investigate potential fraud. Verification documents are held only as long as necessary to complete identity checks and comply with regulatory requirements, after which they are securely deleted.

| Data Type | Retention Period | Legal Basis | Deletion Method | | Account Information | 6 years after closure | Anti-money laundering regulations | Secure erasure protocols | | Transaction Records | 6 years after transaction | Tax and financial compliance | Encrypted archival then deletion | | Gameplay Data | 12 months | Legitimate business interest | Automated deletion routines | | Verification Documents | Verification completion plus regulatory period | Gambling Commission requirements | Secure document destruction | | Marketing Preferences | Until consent withdrawal | User consent | Immediate removal from systems | | Security Logs | 90 days | System security and fraud prevention | Automated log rotation |

Your Rights and Choices

Under UK data protection legislation, you possess several rights regarding your personal information held by HeySpin Casino. We are committed to facilitating the exercise of these rights and responding to your requests promptly.

The right to access allows you to request a copy of the personal information we hold about you. You can submit a subject access request through your account settings or by contacting our data protection team. We will provide this information within one month of receiving your request, free of charge for the first request in any 12-month period.

The right to rectification enables you to correct inaccurate or incomplete personal information. You can update most details directly through your account settings, or contact customer support for assistance with information you cannot modify yourself. We will update your records promptly upon verification of the correct information.

The right to erasure, sometimes called the right to be forgotten, allows you to request deletion of your personal information in certain circumstances. However, this right is limited by our legal obligations to retain records for regulatory and anti-money laundering purposes. When you close your account, we will delete or anonymise data that is no longer legally required to be retained.

The right to restrict processing permits you to limit how we use your information in specific situations, such as when you contest the accuracy of data or object to processing. During a restriction period, we will store your information but not actively process it except with your consent or for legal claims.

The right to data portability allows you to receive your personal information in a structured, commonly used format and transmit it to another service provider. This right applies to information you have provided to us that we process based on your consent or to fulfil our contract with you.

The right to object enables you to stop processing of your information for marketing purposes at any time. You can opt out of marketing communications through your account preferences or by clicking unsubscribe links in emails. You may also object to processing based on legitimate interests by explaining your particular situation.

The right to withdraw consent applies when we process your information based on your permission rather than legal obligation. You can withdraw consent at any time through your account settings, though this will not affect the lawfulness of processing that occurred before withdrawal.

To exercise any of these rights or raise concerns about how HeySpin Casino handles your data, contact our data protection officer at [email protected]. If you remain unsatisfied with our response, you have the right to lodge a complaint with the Information Commissioner’s Office, the UK supervisory authority for data protection matters.