Privacy Policy
Welcome to Our Privacy Policy
Our team has prepared this document to explain — clearly and without legal jargon — how our website handles your data. Whether you read our casino reviews casually or interact with newsletter subscriptions and comment sections, this policy applies to you.
What does our website do? In short, our team publishes independent reviews of online casinos, sportsbooks, and gambling platforms across various jurisdictions, with particular focus on Canadian players. The goal? Help readers make informed choices before signing up anywhere. To run this kind of editorial operation properly, some data collection becomes necessary. This policy explains exactly what, why, and how.
Throughout this document, references to “our team,” “our website,” “our reviews,” or “we/us/our” all refer to the editorial and technical operation responsible for the content you read. We’ve deliberately avoided naming the specific platform — the policy framework applies equally regardless.
By using our website, you agree to the practices described here. Don’t agree? That’s fair. Simply discontinue use. For questions, the contact channels at the bottom of this document remain open.
What Information Gets Collected
The data we gather falls into several distinct categories. Each serves a specific purpose, and none gets collected without reason.
Information You Share Voluntarily
Some interactions require you to provide data directly. These include:
- Contact forms — name, email, subject line, message content
- Newsletter signups — email address plus optional preferences
- Comment sections — username, email, comment content
- Survey participation — demographic info, preferences, feedback
- Account creation (where applicable) — username, password, email
- Direct emails — anything you share when reaching out
Information Collected Automatically
Visit any modern website and standard web technologies capture certain data automatically. Our platform follows this same standard pattern:
- IP address and approximate geographic location (country/region level only)
- Browser type, operating system, device specifications
- Pages visited, time spent, scroll patterns, click behaviour
- Search queries within our internal search
- Performance metrics like load times and error reports
- Referring URLs showing how you arrived
This isn’t surveillance — it’s basic web analytics that every professional website uses to function. Without it, we couldn’t fix bugs, optimize page load speeds, or understand what content actually helps readers.
Information from Third Parties
Sometimes data about visitors reaches us through partners:
- Analytics providers like Google Analytics or Matomo (aggregated stats)
- Affiliate networks (conversion tracking when you click casino links)
- Social media platforms (when you interact with our social presence)
- Email service providers (delivery confirmations, open rates)
- Fraud prevention services (security risk indicators)
How We Actually Use This Information
Collecting data without purpose makes no sense. Here’s what happens with information after it reaches us.
Running the Website
Most data usage falls into operational categories. We use it to:
- Deliver pages quickly across different devices and connections
- Show content in the right language based on your location (English or French for Canadian users)
- Fix technical bugs when they appear
- Improve site navigation based on actual usage patterns
- Optimize mobile experience for various screen sizes
- Personalize review recommendations based on browsing interests
Communicating with You
When you reach out, we respond. When you subscribe, we send newsletters. Standard stuff:
- Replying to contact form inquiries and emails
- Sending newsletter content you subscribed to receive
- Notifying about important policy or service changes
- Following up on previous support interactions
- Inviting participation in optional research surveys
Improving Our Reviews
Reader behaviour tells our editorial team what works. Aggregated patterns shape future content:
- Which casino reviews get the most engagement
- What topics readers actively search for
- Where users drop off or stay engaged
- How conversion paths perform across different pages
- Which formats deliver clearer information
Legal and Operational Necessities
Some processing happens because law or business operations require it:
- Meeting PIPEDA, provincial privacy laws, and other regulatory obligations
- Addressing complaints when they arise
- Maintaining audit trails for accounting purposes
- Investigating terms of service violations
- Responding to legitimate legal requests
Cookies — Yes, We Use Them
Almost every website does. Cookies are small text files stored on your device. They serve different purposes depending on type.
Essential Cookies (Can’t Be Disabled)
These keep core features working:
- Session management as you browse between pages
- Security tokens preventing attacks
- Cookie consent records (yes, we use a cookie to remember your cookie preferences)
- Authentication for logged-in users
- Accessibility settings preservation
Performance and Analytics Cookies
These help us understand how the site performs:
- Google Analytics — page views, sessions, user flow
- Heatmap tools — click patterns and scroll depth
- Error tracking — JavaScript errors affecting users
- Speed monitoring — Core Web Vitals and load times
- Custom events — newsletter signups, review ratings
Functional Cookies
These remember your preferences:
- Selected language for future visits (English or French)
- Dark/light mode display setting
- Region-based content adjustments (provincial preferences)
- Filter selections when comparing casinos
- Saved bookmarks or favourite operators
Advertising and Affiliate Cookies
Our website partners with affiliate networks:
- Tracking referrals to casino operators from our reviews
- Conversion attribution showing which content drives signups
- Retargeting to previous visitors
- Audience segmentation for relevant content
- Campaign performance measurement
Taking Control of Cookies
Your browser gives you control. Most modern browsers let you:
- Block all cookies (will break some features)
- Block third-party cookies only
- Delete existing cookies
- Get notified when new cookies attempt to set
- Whitelist specific trusted sites
- Set expiration preferences
Our cookie consent banner on first visit allows granular choices. Adjust anytime through the banner that reappears or your browser settings.
Who Sees Your Information
Short answer: very few parties, and only when necessary. Our team does not sell, rent, or trade personal data to unrelated marketers. Some limited sharing happens as part of normal operations.
Service Providers
We work with trusted vendors who help run the website. Each operates under strict data processing agreements:
- Hosting providers — servers and infrastructure
- Analytics services — Google Analytics and similar
- Email service providers — Mailchimp, Sendinblue, or similar for newsletters
- Customer support tools — helpdesk software
- Content delivery networks — fast global delivery
- Security services — Cloudflare-type DDoS and attack protection
- Database providers — cloud storage services
All vendors must:
- Use information only for purposes we authorized
- Maintain appropriate security measures
- Comply with applicable data protection laws including PIPEDA
- Delete data when no longer needed
- Report security incidents promptly to us
Affiliate Partners
Revenue from affiliate partnerships funds our editorial work. When you click a casino link from our reviews, certain information passes to the operator:
- Referral source (you came from our platform)
- Campaign identifiers (which specific review)
- Click timestamps
- General device type and browser
- Aggregated conversion data (without personal details)
The affiliate model lets us produce reviews without charging readers. Editorial independence remains intact regardless of commission rates — we cover casinos honestly whether they pay us well, poorly, or not at all.
Legal Requirements
Sometimes law forces disclosure. Examples include:
- Valid court orders or subpoenas from Canadian courts
- Legitimate government investigations by federal or provincial authorities
- Protecting our team’s legal rights or safety
- Investigating suspected fraud affecting our platform
- Defending intellectual property claims
When this happens, we provide only the minimum required and notify affected users when legally permitted.
Business Transfers
If our website ever undergoes a merger, acquisition, or similar transaction, personal information may transfer as part of that deal. Users would:
- Receive prior notice of planned ownership changes
- Retain rights granted under this policy
- Be able to opt out where legally required
- Get updated privacy notices for material changes
Aggregated and Anonymized Data
Statistics that can’t identify individuals may be shared more freely:
- Industry trend reports
- Research publications about gambling preferences
- Marketing materials with stats like “70% of our Canadian readers prefer X”
- Public communications and press releases
How Long We Keep Your Data
Forever isn’t the answer. We retain data only as long as needed, with specific timelines for different categories:
| Data Type | Retention Period |
| Contact form submissions | 24 months after last interaction |
| Newsletter subscriber data | While active + 12 months after unsubscribe |
| Comment section data | Indefinitely (deletion available on request) |
| Analytics data (individual) | 26 months maximum |
| Analytics data (aggregated) | Indefinitely |
| Cookie data | 30 days to 24 months depending on type |
| Account information | While active + 6 months after deactivation |
| Support tickets | 36 months for service continuity |
| Legal records | As required by Canadian federal and provincial law (often 7 years) |
Earlier deletion occurs when:
- You request it under PIPEDA or applicable provincial law
- Accounts go completely inactive for extended periods
- The original purpose has been fulfilled
- Laws require earlier deletion
- Retention creates unnecessary risk
Backups complicate this slightly. Daily backups stay 30 days, weekly backups 90 days, monthly archives 12 months. Deleted data eventually disappears from backups through regular maintenance cycles.
Your Rights — What You Can Do
Depending on where you live, different privacy laws give you specific rights. Our team respects all of them.
If You’re in Canada
PIPEDA (Personal Information Protection and Electronic Documents Act) and provincial privacy laws give you these rights:
- Access — request copies of personal information we hold about you
- Correction — correct inaccurate or incomplete personal information
- Withdrawal of consent — revoke previously given consent (subject to legal or contractual restrictions)
- Complaint filing — lodge complaints with the Office of the Privacy Commissioner of Canada (OPC)
- Provincial rights — additional rights under Quebec’s Law 25, Alberta’s PIPA, and British Columbia’s PIPA where applicable
- Data portability — receive your data in a portable format (particularly under Quebec’s Law 25)
- Right to be forgotten — request deletion in specific circumstances
- Automated decision transparency — understand decisions made using automated processing
If You’re in Quebec
Quebec’s Law 25 (formerly Bill 64) provides enhanced privacy rights beyond federal PIPEDA:
- Right to data portability — receive personal information in a structured, commonly used technological format
- Right to de-indexing — request removal from search engine results in specific cases
- Enhanced consent requirements — specific, informed consent for each purpose
- Automated decision-making rights — right to be informed and object to purely automated decisions
- Data breach notification — enhanced notification obligations to Commission d’accès à l’information (CAI)
- French language rights — all privacy communications available in French
- Cross-border transfer notifications — explicit notification when data leaves Quebec
If You’re in the EU, EEA, or UK
GDPR (and its UK equivalent) gives you these rights:
- Access — request copies of data we hold about you
- Rectification — correct inaccurate information
- Erasure — request deletion (“right to be forgotten”)
- Restriction — limit how we process your data
- Data portability — receive your data in machine-readable format
- Objection — object to processing based on legitimate interests
- Consent withdrawal — revoke previously given consent
- Automated decisions — avoid decisions made solely by algorithms
- Lodge complaints — file with your national data protection authority
If You’re in the United States
Various state laws give U.S. residents specific rights:
- California (CCPA/CPRA) — right to know, delete, correct, opt-out of sale, limit sensitive info use
- Virginia (VCDPA) — access, correction, deletion, portability, opt-out rights
- Colorado (CPA) — similar rights to VCDPA with universal opt-out mechanism
- Connecticut, Utah, Texas — state-specific privacy rights
Other Jurisdictions
Similar rights exist in many regions:
- Brazilian LGPD — GDPR-like protections for Brazilians
- Australian Privacy Act — access and correction rights
- South African POPIA — comprehensive privacy rights
- Singaporean PDPA — access, correction, withdrawal
- Japanese APPI — disclosure and correction rights
Actually Using These Rights
Want to exercise any of them? Reach out through contact channels listed below. Requests should include:
- Sufficient identity verification (protecting against impersonation)
- Clear statement of which right you’re using
- Scope of what specific data or processing concerns you
- Preferred contact method for our response
- Preferred language of response (English or French for Canadian requests)
Response timeline runs 30 days typically under PIPEDA, though complex requests may extend to 90 days with notification. Quebec’s Law 25 requires responses within 30 days for most requests. First request in any 12-month period costs nothing. Excessive or repeated requests may incur reasonable administrative fees where law permits.
How We Protect Your Information
Security isn’t an afterthought — it’s foundational. Our team implements multiple protection layers across technical, organizational, and physical dimensions.
Technical Measures
- SSL/TLS encryption (minimum 256-bit) for all data in transit
- Database encryption for stored information
- Role-based access controls limiting employee data access
- Firewalls, intrusion detection, DDoS protection
- Regular security scans and prompt patching
- Annual third-party penetration testing
- Multi-factor authentication for administrative access
- Secure development lifecycle and code review processes
Organizational Measures
- Regular privacy training for all team members
- Strict confidentiality agreements with employees and contractors
- Due diligence reviews of all service providers
- Documented incident response procedures
- Data minimization policies (collect only what’s needed)
- Internal and external privacy audits
- Background checks for personnel with sensitive access
- Clear data governance with defined roles
Physical Measures
- Data centres with restricted access and 24/7 monitoring
- Power redundancy, fire suppression, climate control
- Secure hardware disposal procedures
- Strict visitor management protocols
- Continuous camera surveillance in sensitive areas
When Things Go Wrong — Breach Response
No security is perfect. If something happens, our commitment is:
- Immediate investigation to assess scope and impact
- Swift containment and remediation actions
- Reporting to the Office of the Privacy Commissioner of Canada (OPC) under PIPEDA when breaches present real risk of significant harm
- Notifying Quebec’s Commission d’accès à l’information (CAI) for Quebec residents under Law 25
- Reporting to provincial privacy commissioners where applicable (Alberta, British Columbia)
- Notifying affected users when breaches present significant risk
- Providing guidance on protective steps
- Public acknowledgment of significant incidents while preserving investigation integrity
- Post-incident review to prevent recurrence
Honest disclosure: while we use strong measures, no internet transmission or electronic storage achieves complete security. We commit to commercially reasonable protection without claiming impossible perfection.
International Data Transfers
Modern internet operations cross borders constantly. Servers, services, and team members may operate from various countries. When transfers happen, we use appropriate legal safeguards:
- PIPEDA cross-border requirements — contractual protections ensuring comparable data protection
- Quebec Law 25 notifications — explicit notice when Quebec resident data leaves the province
- Standard Contractual Clauses — EU-approved contractual frameworks for European transfers
- Binding Corporate Rules — internal organization-wide protection commitments
- Certification programs — recognized international privacy certifications
- Explicit consent — when other mechanisms don’t apply
- Necessity exemptions — for contract performance or vital interests
Common transfer destinations include the United States (hosting, analytics), European Union (various providers), United Kingdom (post-GDPR equivalent framework), and other jurisdictions as operational needs require. Canadian data may be transferred outside Canada, and users are notified of this practice as required by applicable provincial law.
A Note About Minors
Gambling content targets adults. Period. Our team doesn’t knowingly collect personal information from anyone under the legal gambling age in their province of residence:
- Alberta, Manitoba, Quebec — 18 years minimum
- All other provinces and territories — 19 years minimum
- Ontario iGaming market — 19 years minimum under AGCO regulation
We maintain:
- Provincial minimum age requirements enforced strictly
- Age verification mechanisms for certain features
- Adult content warnings on gambling-related content
- Support for parental control tools blocking our content
- Educational resources about preventing minor access
If we ever learn that a minor’s data ended up in our systems, we act fast:
- Immediate investigation to verify and identify affected data
- Prompt deletion from our systems
- Parental notification when contact information allows
- System review to identify how collection occurred
- Process improvements preventing future occurrences
Parents who suspect a minor provided information should contact us immediately.
Responsible Gambling Resources
We review casinos, but we genuinely care about reader wellbeing. Our reviews include responsible gambling information, and we maintain links to Canadian and international support organizations:
- ConnexOntario — connexontario.ca, 1-866-531-2600 free 24/7 helpline for Ontario
- Responsible Gambling Council — responsiblegambling.org national Canadian resource
- Canadian Centre on Substance Use and Addiction (CCSA) — ccsa.ca national addiction resource
- GameSense (BC, Manitoba, Alberta) — gamesense.com provincial responsible gambling programs
- Aide aux Joueurs (Quebec) — aidejeu.ca, 1-866-767-5389 Quebec-specific helpline
- Gambling Support Program of Ontario — through ConnexOntario referral network
- Alberta Health Services Addiction Helpline — 1-866-332-2322 provincial addiction support
- Manitoba Addictions Helpline — 1-855-662-6605 Manitoba residents
- Problem Gambling Helpline (Saskatchewan) — 1-800-306-6789 provincial support
- Nova Scotia Gambling Support Network — 1-888-347-8888 Atlantic Canada resource
- Gamblers Anonymous Canada — gamblersanonymous.org international peer support
- Kindbridge (Online Support) — kindbridge.com digital therapy for Canadian gamblers
- Self-Exclusion Programs — available through provincial gambling authorities (OLG, BCLC, Loto-Québec, Alberta Gaming, etc.)
- GamCare (International) — gamcare.org.uk additional resource
If gambling stops being entertainment and starts causing problems, these resources help. Reaching out shows strength, not weakness.
Third-Party Links
Casino reviews necessarily link to casino websites. This policy covers only our own platform. Once you click through to a third-party site:
- That site’s privacy policy applies, not ours
- We don’t control their data practices
- Standards may vary significantly between operators
- Update frequencies differ — their policies change without our knowledge
- Regulated Canadian operators (AGCO-licensed in Ontario, provincial monopolies elsewhere) typically follow PIPEDA and provincial standards
- Offshore casinos may not follow Canadian privacy standards
Reading the privacy policies of casinos you actually consider joining? Genuinely worthwhile, even though most people skip it.
About Our Affiliate Disclosure
Most casino links on our website are affiliate links. Clicking them and signing up may earn our team a commission. This relationship:
- Doesn’t compromise editorial independence — reviews stay honest regardless
- Funds our editorial work and infrastructure
- Gets disclosed clearly throughout the website
- Applies to most reviewed operators including AGCO-licensed Ontario platforms (we note exceptions)
- Allows alternatives — you can search direct casino URLs without our links
- Maintains transparency about commercial relationships
- Complies with Canadian Radio-television and Telecommunications Commission (CRTC) and Competition Bureau disclosure requirements
Policy Updates
This document evolves as our practices, the law, and industry standards change. When updates happen:
How You’ll Know
- Material changes get prominent notices on the website
- Newsletter subscribers receive email updates about significant changes
- The “Last Updated” date at the top reflects any modifications
- Previous versions stay archived and accessible on request
- Continued use after changes constitutes acceptance
- Quebec residents receive enhanced notification for material changes under Law 25 requirements
Minor updates — fixing typos, clarifying language, updating contact info — may happen without specific notification beyond the date update.
Some changes require specific action from you:
- New consent requests for new processing types
- Updated preference options requiring choices
- Verification of existing preferences
- Account adjustments for significant changes
- Regional variations affecting specific users differently
Regional Specifics
Different regions have specific requirements addressed below.
Canada Federal (PIPEDA)
For all Canadian users, our team operates in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA). Key principles include:
- Accountability — designated privacy officer responsible for compliance
- Identifying purposes — specific purposes identified at or before collection
- Consent — knowledge and consent required for collection, use, and disclosure
- Limiting collection — only necessary information collected
- Limiting use, disclosure, and retention — only for identified purposes
- Accuracy — information kept accurate, complete, and up-to-date
- Safeguards — appropriate security measures
- Openness — policies and practices made readily available
- Individual access — right to access and correct personal information
- Challenging compliance — ability to file complaints with our privacy officer or OPC
Quebec Residents (Law 25)
Quebec residents benefit from enhanced privacy protections under Quebec’s Law 25 (formerly Bill 64):
- Privacy officer designation — dedicated contact for Quebec privacy matters
- Enhanced transparency — specific information about processing activities
- Consent requirements — separate consent for each purpose, clearly explained in French
- Data portability rights — receive personal information in structured format
- De-indexing rights — request removal from search engine results in specific cases
- Automated decision transparency — information about automated processing affecting you
- Enhanced breach notification — notification to Commission d’accès à l’information (CAI)
- Cross-border transfer notices — explicit notification when data leaves Quebec
- French language service — all privacy communications available in French
- Right to complain — to Commission d’accès à l’information (CAI) at cai.gouv.qc.ca
Ontario Residents
Ontario residents benefit from federal PIPEDA protections plus specific provincial considerations:
- AGCO oversight — Alcohol and Gaming Commission of Ontario regulates iGaming market
- iGaming Ontario — provincial subsidiary managing regulated online gambling market
- Ontario Health Insurance Protection Act — enhanced protection for health information
- Freedom of Information and Protection of Privacy Act (FIPPA) — applies to public sector
- Right to complain — to Information and Privacy Commissioner of Ontario (IPC) at ipc.on.ca
Alberta Residents (PIPA)
Alberta’s Personal Information Protection Act provides comparable protections to PIPEDA:
- Alberta OIPC — Office of the Information and Privacy Commissioner of Alberta
- Enhanced private sector oversight — provincial commissioner has jurisdiction
- Right to complain — to Alberta OIPC at oipc.ab.ca
British Columbia Residents (PIPA)
BC’s Personal Information Protection Act provides comparable protections:
- BC OIPC — Office of the Information and Privacy Commissioner for British Columbia
- Provincial sector oversight — BC commissioner has jurisdiction over BC organizations
- Right to complain — to BC OIPC at oipc.bc.ca
European Union and EEA
For EU/EEA users, our team operates as data controller. Legal bases for processing include:
- Consent — explicit consent for specific processing
- Legitimate interests — analytics, security, service improvement (balanced against your privacy)
- Contract performance — providing services you requested
- Legal obligations — applicable laws and regulations
- Vital interests — rare emergency situations
- Public interest — important public interest purposes
California Residents
CCPA/CPRA-required notices:
- Categories collected — as detailed in “What Information Gets Collected”
- Sources — direct from users, automatic collection, third parties
- Business purposes — operating the website, communicating, security, analytics
- Categories of recipients — service providers, affiliate partners, legal disclosures
- Right to opt out — available through cookie banner and contact channels
- Sensitive information — we don’t intentionally collect sensitive personal information
Other Specific Regions
Users in specific regions get rights under their local laws. Contact us to exercise jurisdiction-specific rights, and we’ll respond according to applicable requirements.
Contact Information
Questions, requests, or concerns about this Privacy Policy? Our team is reachable through:
- Email — Privacy inquiries directed through the contact form on our website
- Postal Mail — Available upon request through our contact form
- Privacy Officer — Reachable through our standard contact channels for PIPEDA and provincial privacy matters
- Quebec Privacy Officer — Dedicated contact for Law 25 matters, available in French
- Bilingual Support — Both English and French support available
We aim to respond to all privacy-related communications within 30 days as required by PIPEDA and Quebec’s Law 25, often much faster. Complex requests may take longer, but we’ll communicate timeline expectations clearly.
Federal complaint escalation: If you’re not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca or 1-800-282-1376.
Glossary of Terms
A few definitions clarifying terms used throughout this policy:
- Personal Information — any data identifying or relating to an identifiable individual (as defined under PIPEDA and Quebec’s Law 25)
- Processing — any operation performed on personal data (collection, storage, use, deletion)
- Privacy Officer — designated individual responsible for privacy compliance under PIPEDA
- Data Controller — entity determining purposes and means of processing (GDPR term)
- Data Processor — entity processing data on the controller’s behalf (GDPR term)
- Cookies — small text files stored on your device by websites
- Third Party — entity other than you or our team
- Aggregated Data — information combined in ways that can’t identify individuals
- Anonymized Data — information stripped of identifying elements
- PIPEDA — Personal Information Protection and Electronic Documents Act, Canada’s federal privacy law
- OPC — Office of the Privacy Commissioner of Canada, federal privacy regulator
- CAI — Commission d’accès à l’information, Quebec’s privacy regulator
- Law 25 — Quebec’s enhanced privacy legislation (formerly Bill 64)