What personal data is collected

• Identification details: full name, date of birth, address, nationality, and verification numbers where required by law.
• Contact information: email address, phone number, preferred language.
• Account and verification data: username, security credentials, documents for know your customer checks such as government ID, proof of address, and liveness photos.
• Payment and transaction information: deposits, withdrawals, card token or masked details, bank and wallet references, billing records, and tax information where required.
• Technical and usage data: IP address, device identifiers, operating system, browser type, cookies, log files, and interaction data across our websites and apps.
• Responsible gambling data: self-exclusion status, player-set limits, and safer play interactions.

Why we collect it

• To create and service user accounts, authenticate access, and provide online services.
• To process transactions, verify identity, and conduct anti-fraud and anti-money laundering screening.
• To offer customer support, manage disputes, and enforce terms of service.
• To improve performance and accessibility of the websites, and personalize content and settings.
• To meet legal, tax, and regulatory obligations in relevant jurisdictions.

How we protect information

• Encryption in transit using TLS 1.2+ and encryption at rest for sensitive data.
• Role-based access controls, multi-factor authentication, and least privilege practices.
• Network and application monitoring, logging, and intrusion detection.
• Secure key management, periodic penetration testing, and incident response procedures.
• Data minimization, retention limits, and pseudonymization or aggregation for analytics.
• Vendor due diligence, data processing agreements, and regular security reviews.
• Staff training on privacy, confidentiality, and secure handling of personal information.

Your privacy rights in Canada

Users in Canada have the right to:

• Access a copy of personal data held by us.
• Request correction of inaccurate or incomplete information.
• Request deletion, subject to legal and regulatory retention duties.
• Request restriction or object to certain processing activities.
• Request portability of information where technically feasible.
• Withdraw consent for optional processing and marketing at any time.
• Lodge a complaint with the Office of the Privacy Commissioner of Canada or a provincial privacy authority.

To exercise rights, contact our privacy team at [email protected]. We aim to respond within 30 days, as permitted by law.

Compliance statement

Personal information is processed in accordance with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), applicable provincial privacy requirements, and Canada’s Anti-Spam Legislation for commercial messages. International best practices, including principles from the GDPR, guide transparency, purpose limitation, and user control.

We use personal information for the following purposes:

• Account services: registration, authentication, profile management, and preference settings.
• Payments and transactions: deposits, withdrawals, refunds, and reconciliation.
• Verification and security: identity checks, risk scoring, fraud prevention, and responsible gambling operations.
• Service delivery: operating casino and sportsbook features, resolving incidents, and enforcing the user agreement.
• Support: responding to requests, complaints, and disputes.
• Improvement and analytics: measuring performance, fixing bugs, and enhancing the user experience across our online services and websites.
• Personalization: remembering settings and tailoring content consistent with user choices.
• Communications: service notices and, where consented, marketing under CASL. Users can revoke consent or unsubscribe at any time.
• Compliance: meeting record-keeping, tax, and lawful disclosure obligations.

Processing is carried out on lawful bases such as consent, contract performance, legitimate interests, and legal obligations. We do not sell personal information. Automated risk assessments may occur for fraud prevention, and meaningful human review is available when required by law.

How to access or obtain a copy

• Submit a request via Account Settings or email [email protected].
• We will verify identity before releasing any information.
• A response is typically provided within 30 days, subject to lawful extensions.

How to update or correct data

• Edit fields in Account Settings where available.
• If a field cannot be edited, contact support or the privacy team. We will correct or add an explanatory note where correction is not possible.

How to delete data

• Submit a deletion request to the privacy team.
• Deletion may be limited by legal retention requirements such as fraud prevention or financial record-keeping.
• Once retention periods end, data is securely destroyed or anonymized.

By using Kryptosino, users consent to identity checks, security screening, and the processing of payment data by authorised payment service providers and risk screening partners for compliance and fraud prevention.

This service is intended for adults who are 18 years of age or older. We do not knowingly collect personal information from minors.

The operator cannot verify age without supporting documents. If a parent or legal guardian believes a minor has provided personal information, contact [email protected]. Upon valid request and verification of guardianship, we will delete the minor’s data and close any associated account.

Personal information may be stored and processed outside Canada in locations where service providers, payment processors, verification partners, cloud hosting, or support teams operate. Using the site signifies consent to such cross-border transfers.

We require all partners handling personal data to protect confidentiality and implement appropriate security measures. Where required, we use contractual safeguards such as data processing agreements and standard contractual clauses, along with encryption and access controls, to help ensure a comparable level of protection.

This Privacy Policy may be supplemented by notices or terms that clarify, limit, or expand certain rules to address legal or technical requirements. Such a disclaimer applies when the user accepts the policy by signature, express acceptance, or accession during registration or continued use.

If any provision is held invalid under applicable law, the remaining provisions will continue to apply. Where translations differ, the English (Canada) version governs. This document does not limit any non-waivable rights under Canadian law.

Cookies are small text files placed on a device that help websites function and remember user preferences. We use cookies and similar technologies for:

• Statistics and analytics to understand site performance and usage.
• Behaviour analysis to detect fraud and improve stability.
• Personalization such as remembering language and display settings.
• Site improvement through aggregated insights.

Cookie retention is up to 1 year. Users can manage or delete cookies in browser settings and can adjust preferences in Account Settings where available. Essential cookies are required for core functions and may not be disabled through site controls.

Using the services means full acceptance of this Privacy Policy. The current version posted on the site prevails over any prior version. Continued use after updates constitutes acceptance of the revised document, subject to applicable consent requirements.

Personal information may be shared with third parties when required by law, for dispute resolution, to prevent fraud, or to perform agreements such as payments, identity verification, cloud hosting, analytics, and customer support. Core categories of partners are listed on the site where feasible. If a specific recipient is not listed, we will inform users of the purpose and scope when required by law.

Providing personal data for these services constitutes consent to such sharing. Each third party processes information under its own privacy policy. We require confidentiality commitments and limit processing to documented instructions where we act as the controller engaging processors.

Our websites may contain links to external sites that operate under their own privacy policies. We are not responsible for how those sites collect, use, or disclose information. Exercise caution and review the privacy statements of any external service visited.