We handle personal information in line with UK GDPR, the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR), and the UK Gambling Commission framework.

Personal data we collect

• Identification and contact details: name, date of birth, address, email, phone.
• Account and verification data: usernames, security questions, KYC documents (proof of identity and address), checks to confirm age and identity.
• Payment and transaction information: deposits, withdrawals, card or account identifiers, and billing records (processed via approved providers).
• Gameplay and betting records: bets, game outcomes, account balance, bonuses, and limits.
• Device and technical data: IP address, browser, operating system, device identifiers, log files, geolocation, and online identifiers including cookies.
• Communications and preferences: chat transcripts, emails, call records, marketing preferences, cookie choices.
• Safer gambling settings: self-exclusion status, limits, and time-outs.

Why we collect it

• To operate accounts, verify age and identity, and deliver the services.
• To process payments, resolve issues, and provide support.
• To comply with the Gambling Act 2005, LCCP, anti-money laundering rules, and fraud prevention requirements.
• To personalise and improve websites and apps through analytics and service development.
• To send marketing communications where consent exists or where permitted by law. Users can opt out at any time.

Protection measures

• Encryption for information in transit and at rest.
• Role-based access controls, multi-factor authentication, and least-privilege access.
• Security monitoring, logging, firewalls, and network segmentation.
• Regular penetration testing and vulnerability management.
• Staff screening, confidentiality commitments, and training.
• Privacy by design, impact assessments, and vendor due diligence.

User rights

• Access, rectification, erasure, restriction, and portability of personal data.
• Objection to processing based on legitimate interests and direct marketing.
• Withdrawal of consent where consent is the legal basis.
• Complaint to the Information Commissioner’s Office (ICO): ico.org.uk or 0303 123 1113.

We maintain records of processing activities and apply appropriate technical and organisational measures to safeguard personal data.

We use personal data to provide and manage online services and to meet legal and regulatory duties. Typical uses include:

• Account creation, identity and age verification, and ongoing account administration.
• Processing deposits and withdrawals, and preventing payment misuse.
• Risk, compliance, and fraud prevention, including anti-money laundering checks and sanctions screening.
• Customer support, complaints handling, and dispute resolution.
• Service improvement, analytics, and aggregated statistics that do not identify users.
• Personalisation, preferences, and marketing communications in line with consent and PECR rules.
• Regulatory reporting to the UK Gambling Commission and other competent authorities.

Processing is based on lawful grounds such as consent, contract, legal obligation, and legitimate interests. We process information fairly, transparently, and for specified purposes only.

Users can access and update account information in account settings or by contacting our support or Data Protection Officer. To submit a privacy request (access, correction, deletion, restriction, portability, or objection):

• Send a message through account settings or email [email protected].
• We may request proof of identity to protect user information.
• We aim to respond within one month. Complex requests may take up to two additional months.

Correction and deletion

• Users may request correction of inaccurate data or deletion where it is no longer needed.
• We may retain certain records where required by law (for example, anti-money laundering records for 5 years and financial records for up to 6 years).
• When an account is closed, we retain only the information necessary to meet legal, regulatory, and fraud prevention requirements.

By using Maximum Casino, users consent to security checks and to payment information being processed by approved payment providers for transactions and fraud prevention.

Our services are intended for individuals aged 18 and over. We cannot verify age without documents and identity checks. If we learn that a user is a minor, we will close the account and delete personal data that we are not legally required to retain.

A parent or legal guardian can contact us to request deletion of a minor’s information. We may keep minimal records to meet legal obligations and to prevent re-registration by the minor.

Personal data may be processed outside the UK where our partners, payment processors, game studios, customer support, or cloud providers operate. By using the site, users acknowledge and consent to such transfers, where consent is required.

Safeguards

• Adequacy regulations recognised by the UK.
• UK International Data Transfer Agreement (IDTA) or the UK Addendum to EU Standard Contractual Clauses.
• Contractual confidentiality, security commitments, and audit rights.

We require all partners to protect confidentiality and use information only for the documented purposes. Copies of relevant transfer safeguards can be requested where disclosure is permitted by law.

This disclaimer may affect how certain rules in this policy apply. Nothing in this document limits statutory rights under applicable law. If any term conflicts with law, the law prevails.

The disclaimer applies when the user accepts this policy by creating an account, ticking an acceptance box, continuing to use the services, signing an agreement, or acceding to terms. We may update this policy to reflect changes in processing or regulation. The version published on the site takes effect from its stated date.

Cookies are small files placed on devices to store and retrieve information. We use cookies and similar technologies for statistics, behaviour analysis, personalisation, site improvement, security, and fraud prevention.

• Retention: non-essential cookies are stored for up to 1 year unless deleted earlier. Session cookies expire when the browser closes.
• Categories: essential, analytics, functionality, and advertising.
• Control: users can manage consent through the cookie banner and settings, or via browser controls. Opt-outs will not affect strictly necessary cookies.

Our use of cookies complies with PECR and UK GDPR. Further details are provided in the Cookie Policy available on our websites.

Using our services constitutes full acceptance of this Privacy Policy. If users do not agree, they should stop using the services. The current version published on the site prevails over earlier versions. Material changes will be highlighted or notified where required by law.

We may share personal data with third parties when required by law, for dispute resolution, to perform contracts, or to deliver services. These parties include:

• Payment processors, banks, and card schemes.
• Identity verification and fraud prevention agencies, and credit reference agencies.
• Game and sportsbook providers, platform vendors, and IT support.
• Analytics and marketing vendors, subject to consent and legal requirements.
• Regulators, law enforcement, courts, and professional advisers.

A list of main processors and partners is available on the site or on request. If a specific party is not listed, we will inform users of the purpose and scope before sharing unless restricted by law. Providing data represents consent to share information for these purposes, under contracts that require confidentiality and compliance with data protection obligations.

Our websites may link to third-party sites that have their own privacy policies and security practices. We are not responsible for how those sites collect, use, or protect information. Users should review the privacy policy of each external site and exercise caution when providing personal data.