Privacy Policy
This Privacy Policy explains how SpinBoss collects, uses, stores and protects personal information relating to users of this website and its associated casino and sportsbook services. It applies to all visitors and registered account holders who access the platform from the United Kingdom or elsewhere. By using this website or creating an account, a user acknowledges that their personal data will be processed as described in this document. This policy should be read alongside any Terms and Conditions and Responsible Gaming information published elsewhere on the site.
Scope and Application
This policy covers personal data collected through the website, mobile access points, customer support channels and payment processing. It applies to prospective users browsing the site, registered account holders, and any individual who contacts customer support even without holding an account. Where a user accesses services through a mobile browser or a home-screen shortcut, the same data handling principles described here continue to apply. This document does not extend to third-party websites that may be linked from this site, and users should refer to the privacy notices of those third parties separately.
Information We Collect
SpinBoss collects personal data necessary to operate the platform, verify identity, process payments, prevent fraud, and comply with anti-money laundering obligations aligned with the 5th AML Amendment. Data is gathered directly from users during registration, deposits, withdrawals and support interactions, and indirectly through technical means such as cookies and server logs. The categories of data collected are summarised in the table below.
| Data Category | Examples | Purpose |
|---|---|---|
| Identity data | Full name, date of birth, government-issued ID | Age verification, KYC compliance |
| Contact data | Email address, postal address, phone number | Account communication, verification |
| Financial data | Payment method details, transaction history | Deposits, withdrawals, fraud prevention |
| Account data | Username, login history, security questions | Account access and security |
| Technical data | IP address, device type, browser type | Site functionality, fraud detection |
| Usage data | Game play history, session duration, wagering activity | Service improvement, responsible gaming monitoring |
| Marketing preferences | Communication opt-ins and opt-outs | Managing preference-based communications |
Age verification is a mandatory part of the identity data collected, since the minimum age to hold an account and gamble is 18 years, in line with the legal minimum age applicable in the United Kingdom. No account will be permitted to operate without confirmation that the account holder meets this minimum age requirement.
How We Use Personal Data
Personal data is used primarily to provide the services requested by the user, including account creation, deposit and withdrawal processing, and access to games and betting markets. Data is also used to meet legal obligations, including identity verification checks required before a first withdrawal, anti-money laundering monitoring, and responsible gaming safeguards such as tracking deposit limits or self-exclusion status. Additionally, data may be used to detect and prevent fraudulent activity, resolve disputes, respond to support enquiries, and maintain the security of the platform. Where a user has opted in, data may also be used to send account-related or preference-based communications; users retain the right to withdraw such consent at any time.
Legal Basis for Processing
Data processing is generally carried out on one or more of the following legal grounds: performance of a contract with the user, compliance with legal or regulatory obligations, protection of legitimate business interests such as fraud prevention, and, where applicable, the user’s own consent. Certain categories of data, particularly those relating to identity verification and financial transactions, are processed as a mandatory condition of using the service and cannot be withdrawn while an account remains active.
Cookie Policy
SpinBoss uses cookies and similar tracking technologies to operate the website efficiently, remember user preferences, and analyse how the site is used. Cookies are small text files stored on a user’s device when they visit the site. Some cookies are strictly necessary for core functionality, such as maintaining a logged-in session, while others support analytics, performance measurement or personalisation of content. Users can manage or disable cookies through their browser settings, though disabling certain cookies may affect the functionality of the website, including the ability to remain logged in or access certain features.
| Cookie Type | Purpose | Typical Duration |
|---|---|---|
| Essential | Session management, security, login persistence | Session or short-term |
| Functional | Remembering preferences such as language or display settings | Variable |
| Analytics | Understanding site usage patterns to improve performance | Variable |
| Marketing | Managing communication preferences where consent is given | Variable |
Sharing of Personal Data
Personal data may be shared with carefully selected third parties where necessary to deliver the service. This includes payment processors and financial institutions involved in handling deposits and withdrawals across the payment methods available on the platform, identity verification providers used during know-your-customer checks, and regulatory or law enforcement bodies where required by law. Data may also be shared with fraud prevention services and technical infrastructure providers who support the operation of the website. SpinBoss does not sell personal data to third parties for their own independent marketing purposes. Any third party engaged to process data on behalf of SpinBoss is required to apply appropriate safeguards consistent with this policy.
Data Retention
Personal data is retained for as long as necessary to fulfil the purposes described in this policy, including ongoing legal and regulatory obligations related to anti-money laundering and financial record-keeping. Even after an account is closed or self-excluded, certain data may be retained for a period to satisfy audit, dispute resolution or compliance requirements. Once retention is no longer required, data is deleted or anonymised in a manner consistent with applicable data protection standards.
Data Security
SpinBoss applies SSL encryption to protect data transmitted through the website, including registration details and payment transactions. Internal access to personal data is restricted to personnel who require it to perform their duties, and technical and organisational measures are maintained to reduce the risk of unauthorised access, loss or disclosure. While reasonable safeguards are applied, no system can guarantee absolute security, and users are encouraged to protect their own account credentials and avoid sharing login details with third parties.
Identity Verification and KYC Data
As part of standard account security and anti-money laundering compliance, identity verification is required before a first withdrawal rather than at the point of registration. This typically involves submission of photo identification and proof of address. Documents submitted for this purpose are used solely for verification and compliance purposes and are handled with the same security standards applied to other categories of personal data described in this policy.
User Rights
Users have certain rights in relation to their personal data, including the right to request access to the data held about them, request correction of inaccurate data, and, in certain circumstances, request deletion or restriction of processing. Users may also object to certain types of processing, such as direct marketing communications, and may withdraw consent where processing is based on consent rather than a legal or contractual obligation. Requests relating to these rights can be submitted through the customer support channels available on the site, and reasonable steps will be taken to respond within an appropriate timeframe, subject to identity verification and any applicable legal exceptions.
Responsible Gaming and Data
Certain personal data, including deposit history and session activity, is used specifically to support responsible gaming tools such as deposit limits, session controls and self-exclusion options. This data helps identify patterns that may indicate a need for additional player protection measures. Responsible gaming remains a central part of how SpinBoss operates, and users are reminded that gambling should be treated as entertainment rather than a source of income. Support for problem gambling is available through independent organisations, and users experiencing difficulty controlling their gambling behaviour are encouraged to make use of the self-exclusion and limit-setting tools referenced in this policy and detailed further in the site’s dedicated Responsible Gaming information.
Bonus-Related Data Handling
Where a user’s account is subject to the terms governing any bonus credit, related data such as wagering progress, deposit history and qualifying payment method is recorded to confirm eligibility and monitor compliance with those terms. For example, deposits made through Neteller or Skrill are excluded from qualifying for the welcome bonus structure, and this exclusion is verified using payment method data associated with the transaction. Wagering activity is also tracked against the applicable wagering requirement, generally set at 35 times the deposit and bonus amount, within the specified validity period, and subject to a maximum bet limit while any bonus balance remains active. This data is retained only for as long as necessary to administer the relevant bonus terms and for subsequent audit purposes.
| Bonus Term | Detail |
|---|---|
| Wagering requirement | 35x deposit plus bonus amount |
| Maximum bet while bonus active | £5 |
| Validity period | 10 days |
| Maximum conversion | 10x the original bonus amount |
| Excluded deposit methods | Neteller and Skrill |
| Minimum qualifying deposit | £10 |
International Data Transfers
Where data is transferred outside the user’s home jurisdiction, for example to payment processors or infrastructure providers located in other countries, appropriate safeguards are applied to maintain a consistent standard of protection. Users consent to such transfers as a condition of using services that inherently rely on international payment and technical infrastructure, including cryptocurrency payment rails where applicable.
Children and Age Restrictions
This service is not intended for individuals under the age of 18, and no personal data is knowingly collected from anyone below this legal minimum age applicable in the United Kingdom. If it becomes apparent that an account has been created by someone under this age, the account will be suspended and the associated data handled in accordance with applicable safeguarding and compliance obligations. Age verification checks form part of the standard identity verification process referenced elsewhere in this policy.
Changes to This Policy
This Privacy Policy may be revised from time to time to reflect changes in legal requirements, technology, or the way personal data is processed. Continued use of the website following any such revision constitutes acceptance of the updated policy. Users are encouraged to review this page periodically to stay informed about how their personal data is handled.
Contacting Us About Privacy
Users with questions about this Privacy Policy, or who wish to exercise any of the rights described above, can contact customer support through the live chat or email channels available on the site, which operate on a 24/7 basis. Requests relating to personal data will generally require identity verification before they can be processed, consistent with the security measures described throughout this policy. For general account or payment queries, users may also refer to the information provided on the site’s payment methods page, and details of the current terms governing account use can be found in the Terms & Conditions.
